ansible/roles/users/tasks/ansible.yml

42 lines
873 B
YAML
Raw Normal View History

2022-08-30 14:43:41 +02:00
- name: create group 'ansible'
group:
name: ansible
gid: 501
- name: create user 'ansible'
user:
name: ansible
uid: 501
group: ansible
home: /var/lib/ansible
password: "*" # disabled password but can be accessed with SSH
groups:
- ansible
- wheel
- name: make sure ansible owns its home
file:
state: directory
path: /var/lib/ansible
owner: ansible
group: ansible
mode: '2755'
- name: set ansible's authorized keys
authorized_key:
user: ansible
key: '{{ item }}'
path: /var/lib/ansible/.ssh/authorized_keys
with_file:
- public_keys/yubikey
- public_keys/ansible
2022-08-30 15:10:01 +02:00
- name: commit ansible's home to lbu
lbu:
include:
- /var/lib/ansible
- /var/lib/ansible/.ssh/authorized_keys
exclude:
- /var/lib/ansible/.ansible
- /var/lib/ansible/.ash_history