added woodpecker user

2022-08-30 15:06:40 +02:00 · 2022-08-30 15:06:40 +02:00 · 5ba72b1d88
parent 91d33c10ad
commit 5ba72b1d88
4 changed files with 44 additions and 0 deletions
--- a/roles/users/files/public_keys/woodpecker
+++ b/roles/users/files/public_keys/woodpecker
@ -0,0 +1 @@
 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDl+gVOUm8Tiy8rZfYgNs/K5FCcc8euD07ZZjzv0HgDxbvsV8NkXg8L0yktLqJwN0xSfjpX3lratPBak4fC0O5DEnRfnQVoKI1pWAvfE1WQsl5+a5w1rhHseMb7iiTOwxiFTbChflo7TFLC5sH1brYzb4wsyoioBfd0u2EWITnCeg3PnEw71f6xyP0cCexXmWcAjPuNSyoEOSGfip0+rkyaTp+0uQle0QU6NWcxhDhl/sUGyAn1wK681tMeek3rG4ec5nK0i6Z61SBSp4rFLcLpIIfOYxf89J+s25ldfGPrWHxn5RrTmwQHYZtI9mR9EnDa+gZ7PFxtp5rg18gdBhY+9ZEBgVFCSOjJ9rbtVB/eA+8/Hc/8YlI+64yW8PJ8QSWzmd53EA/27pbred2MyqxAuu+w8LbrUAKaHEDmMjw5R+zcDTlOJuuOoaN7ivwi1HPHcur7LBiMUzfmXRPDXt6uqfsjM9bwYQt6VsOldr6ftkdVZomx4YH3jsGRogR42LE= woodpecker ci
--- a/roles/users/tasks/alpine.yml
+++ b/roles/users/tasks/alpine.yml
@ -14,3 +14,11 @@
    exclude:
      - /var/lib/ansible/.ansible
      - /var/lib/ansible/.ash_history
 - name: commit woodpecker's home to lbu
  lbu:
    include:
      - /var/lib/woodpecker
      - /var/lib/woodpecker/.ssh/authorized_keys
    exclude:
      - /var/lib/woodpecker/.ash_history
--- a/roles/users/tasks/main.yml
+++ b/roles/users/tasks/main.yml
@ -4,6 +4,9 @@
 - name: setup user 'ansible'
  include_tasks: ansible.yml
 - name: setup user 'woodpecker'
  include_tasks: ansible.yml
 - name: commit user's home to alpine lbu
  include_tasks: alpine.yml
  when: ansible_distribution == "Alpine"
--- a/roles/users/tasks/woodpecker.yml
+++ b/roles/users/tasks/woodpecker.yml
@ -0,0 +1,32 @@
 - name: create group 'woodpecker'
  group:
    name: woodpecker
    gid: 502
 - name: create user 'woodpecker'
  user:
    name: woodpecker
    uid: 501
    group: woodpecker
    home: /var/lib/woodpecker
    password: "*"  # disabled password but can be accessed with SSH
    groups:
      - woodpecker
 - name: make sure woodpecker owns its home
  file:
    state: directory
    path: /var/lib/woodpecker
    owner: woodpecker
    group: woodpecker
    mode: '2755'
 - name: set woodpecker's authorized keys
  authorized_key:
    user: woodpecker
    key: '{{ item }}'
    path: /var/lib/woodpecker/.ssh/authorized_keys
  with_file:
    - public_keys/yubikey
    - public_keys/woodpecker
  register: woodpecker_keys
		`@ -0,0 +1 @@`
							ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDl+gVOUm8Tiy8rZfYgNs/K5FCcc8euD07ZZjzv0HgDxbvsV8NkXg8L0yktLqJwN0xSfjpX3lratPBak4fC0O5DEnRfnQVoKI1pWAvfE1WQsl5+a5w1rhHseMb7iiTOwxiFTbChflo7TFLC5sH1brYzb4wsyoioBfd0u2EWITnCeg3PnEw71f6xyP0cCexXmWcAjPuNSyoEOSGfip0+rkyaTp+0uQle0QU6NWcxhDhl/sUGyAn1wK681tMeek3rG4ec5nK0i6Z61SBSp4rFLcLpIIfOYxf89J+s25ldfGPrWHxn5RrTmwQHYZtI9mR9EnDa+gZ7PFxtp5rg18gdBhY+9ZEBgVFCSOjJ9rbtVB/eA+8/Hc/8YlI+64yW8PJ8QSWzmd53EA/27pbred2MyqxAuu+w8LbrUAKaHEDmMjw5R+zcDTlOJuuOoaN7ivwi1HPHcur7LBiMUzfmXRPDXt6uqfsjM9bwYQt6VsOldr6ftkdVZomx4YH3jsGRogR42LE= woodpecker ci