43 lines
902 B
Plaintext
43 lines
902 B
Plaintext
---
|
|
- name: Set new users
|
|
hosts: main_server
|
|
become: yes
|
|
tasks:
|
|
|
|
- name: Create group
|
|
ansible.builtin.group:
|
|
name: "{{ item.name }}"
|
|
state: present
|
|
|
|
loop:
|
|
- { name: backup }
|
|
- { name: docker }
|
|
|
|
- name: Create new user
|
|
user:
|
|
name: "{{ new_user }}"
|
|
create_home: yes
|
|
shell: /bin/bash
|
|
password: "{{ user_password| password_hash('sha512') }}"
|
|
|
|
- name: Add user to groups
|
|
user:
|
|
name: "{{ new_user }}"
|
|
groups:
|
|
- sudo
|
|
- docker
|
|
append: yes
|
|
|
|
- name: Configure sudo to allow passwordless access for user
|
|
become_user: root
|
|
lineinfile:
|
|
path: /etc/sudoers.d/ansible_nopasswd
|
|
create: yes
|
|
line: "{{ new_user }} ALL=(ALL) NOPASSWD: ALL"
|
|
validate: "/usr/sbin/visudo -cf %s"
|
|
mode: "0440"
|
|
state: present
|
|
|
|
|
|
|