Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
ansible playbook setup user
---
- hosts: linode
remote_user: root
vars:
NORMAL_USER_NAME: 'yourusername'
tasks:
- name: Make sure we have a 'wheel' group
group:
name: wheel
state: present
- name: "Create a secondary, non-root user"
user: name={{ NORMAL_USER_NAME }}
password='$6$rounds=656000$W.dSlhtSxE2HdSc1$4WbCFM6zQV1hTQYTCqmcddnKrSXIZ9LfWRAjJBervBFG.rH953lTa7rMeZNrN65zPzEONntMtYt9Bw74PvAei0'
shell=/bin/bash
group=wheel
- name: Add remote authorized key to allow future passwordless logins
authorized_key: user={{ NORMAL_USER_NAME }} key="{{ lookup('file', '/Users/yourusename/.ssh/id_rsa.pub') }}"
- name: Allow 'wheel' group to have passwordless sudo
lineinfile:
dest: /etc/sudoers
state: present
regexp: '^%wheel'
line: '%wheel ALL=(ALL) NOPASSWD: ALL'
- name: Add sudoers users to wheel group
user:
name=nick
groups=wheel
append=yes
state=present
- hosts: all
vars:
sudoers:
- user1
- user2
- user3
tasks:
- name: Make sure we have a 'wheel' group
group:
name: wheel
state: present
- name: Allow 'wheel' group to have passwordless sudo
lineinfile:
dest: /etc/sudoers
state: present
regexp: '^%wheel'
line: '%wheel ALL=(ALL) NOPASSWD: ALL'
validate: visudo -cf %s
- name: Add sudoers users to wheel group
user:
name: "{{ item }}"
groups: wheel
append: yes
with_items: "{{ sudoers }}"
python -c "from passlib.hash import sha512_crypt; print sha512_crypt.encrypt('plaintextpassword')"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.