Skip to content

Javier Franco / admin_ansible_user

Go to a project
Toggle navigation
Toggle navigation pinning
70bfe160 by Javier Franco
Options

first commit

0 parents
Inline Side-by-side
Showing 4 changed files with 105 additions and 0 deletions
ansible.cfg 0 → 100644
[defaults]
inventory = hosts
#remote_user = root
retry_file_enabled = false
module_name = shell
nocows = 1
stdout_callback = debug
roles_path = roles
#log_path = log/ansible.log
remote_tmp = /tmp/
host_key_checking = false
#callback_whitelist = profile_tasks # ansible.log timestamp
#command_warnings = False
#interpreter_python = /usr/bin/python
[privilege_escalation]
#become = true
#become_method = sudo
#become_user = root
hosts 0 → 100644
[elk]
kibana ansible_host=10.9.3.68
elastic01 ansible_host=10.9.3.69
elastic02 ansible_host=10.9.3.70
[camundadesa]
tlbicam01.vue.gov.py
tcam01.vue.gov.py
tcam02.vue.gov.py
[camundaprod]
plbicam01.vue.gov.py
pcam01.vue.gov.py
pcam02.vue.gov.py
[jbossdesa]
mtapp01.vue.gov.py
mtapp02.vue.gov.py
mtjbmaster01.vue.gov.py
mtlbi01.vue.gov.py
[nginxdesa]
mtglb01.vue.gov.py
[jbossprod]
mpapp01.vue.gov.py
mpapp02.vue.gov.py
mpjbmaster01.vue.gov.py
mplbi01.vue.gov.py
[nginxprod]
mpglb01.vue.gov.py
id_rsa.pub 0 → 100644
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCcmKDLOYZiKX04CxM6pGBxroUzAZr4kFK2T5FLTY/rNlrS0llzXTBB0cQCaXmHEiv3m51LikqQNMNMkH56OJrnEHl37D50fWEJixWNwLOiVElRW13t4TjaKv6dEa8dQKXvSRZyGm9Mn6vmk0g8OcnVKaHzp7oioc83SOzkQqcrrhSLKTJSAdE9PfBhrWnt7tImGgcP3NnWqfBAol4jou1xUYSzRsrVtElfJ62zjm0fUbP4O0aeWMuKsF8O04MQciBZNhjIvMjynQyenjU0jzJPcMqwxmkKNScJ4dx5w+5sTyD2+L8amrPPTRdhLUYwH9NQ9vtVn+Uu1z8M33sWFYqdPpoDjVPCP53d4+dLw/Zlby4yWLEYkfOZR97CNuh0B3R5vRvEy7sVQdNJmV/JnqdaUdwK7RBOxZ/iQogxJrYw9rRw+KQh7uNtKhgV2MMEAKy2EujRoYbBWLuenLo1MLS0knIf2IOkscH7SPtyn3oI5iTKdwrDFICMeE8GgM5v2gk= ansible@awx.vue.gov.py
main.yml 0 → 100644
---
- name: Playbook para agregar usuario ansible
hosts: "{{ target | default('all') }}" # todos los nodos a administrar
become: true
vars:
ansible_local_user: ansible
tasks:
- name: asegurarse que existe el grupo {{ ansible_local_user }}
group:
name: "{{ ansible_local_user }}"
state: present
system: yes
- name: add {{ ansible_local_user }} sudoers file
copy:
content: "%{{ ansible_local_user }} ALL=(ALL) NOPASSWD: ALL"
dest: /etc/sudoers.d/{{ ansible_local_user }}
validate: '/usr/sbin/visudo -cf %s'
mode: '0440'
- name: add user {{ ansible_local_user }}
user:
name: "{{ ansible_local_user }}"
group: "{{ ansible_local_user }}"
home: "/home/{{ ansible_local_user }}/"
shell: /bin/bash
state: present
expires: -1
system: yes
password: "$6$o1V2XCTCdSuzEgnN$Qphuv/imqP6ZlHEXX1uVVm.zqr/DS5XrtmyBfYG.XUFyrkWLcl9SPssUWAwQ5L.c49a5hJOugpBDanT/Rakv8."
notify:
- ansible password does not expires
- name: Set ssh keybase login
authorized_key:
user: "{{ ansible_local_user }}"
path: /home/{{ ansible_local_user }}/.ssh/authorized_keys
key: "{{ item }}"
with_file:
- id_rsa.pub
tags:
- ssh_keybase_login
handlers:
- name: ansible password does not expires
command: "chage -m -1 -M -1 -W -1 -E -1 {{ ansible_local_user }}"
...
Styling with Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!