Last active
January 16, 2024 13:47
-
-
Save zeitounator/a08dda0f93f34d0493a874a330a5d0fa to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ tree | |
| . | |
| ├── test.yml | |
| ├── users_initial.yml | |
| ├── users_modify.yml | |
| └── Vagrantfile | |
| 0 directories, 4 files | |
| $ cat Vagrantfile | |
| # -*- mode: ruby -*- | |
| # vi: set ft=ruby : | |
| Vagrant.configure(2) do |config| | |
| config.vm.box = 'ubuntu/jammy64' | |
| # Disable default vagrant synced_folder | |
| config.vm.synced_folder ".", "/vagrant", disabled: true | |
| # Virtualbox configuration | |
| config.vm.provider "virtualbox" do |vb| | |
| vb.name = "proof" | |
| vb.memory = 1024 | |
| vb.cpus = 1 | |
| end | |
| # Provision with ansible | |
| config.vm.provision "ansible-initial", type: "ansible", run: "never" do |ansible| | |
| ansible.playbook = "test.yml" | |
| ansible.compatibility_mode = "2.0" | |
| end | |
| config.vm.provision "ansible-alter", type: "ansible", run: "never" do |ansible| | |
| ansible.playbook = "test.yml" | |
| ansible.extra_vars = { alter_users: true } | |
| ansible.compatibility_mode = "2.0" | |
| end | |
| end | |
| $ cat test.yml | |
| --- | |
| - hosts: all | |
| gather_facts: false | |
| user: vagrant | |
| become: true | |
| vars_files: | |
| - "users_{{ 'modify' if alter_users | d(false) | bool else 'initial' }}.yml" | |
| vars: | |
| my_hash_salt: totopipobingo | |
| tasks: | |
| - name: Create users in my test docker container | |
| ansible.builtin.user: | |
| name: "{{ item.username }}" | |
| password: "{{ item.password | password_hash('sha512', my_hash_salt) }}" | |
| loop: "{{ users }}" | |
| loop_control: | |
| label: "{{ item.username }}" | |
| - name: Add keys for each user | |
| ansible.posix.authorized_key: | |
| user: "{{ item.username }}" | |
| key: "{{ item.public_keys | join('\n') }}" | |
| exclusive: true | |
| loop: "{{ users }}" | |
| loop_control: | |
| label: "{{ item.username }}" | |
| - name: "[verify]: getauthorized key files contents" | |
| ansible.builtin.slurp: | |
| src: /home/{{ item.username }}/.ssh/authorized_keys | |
| register: key_files | |
| loop: "{{ users }}" | |
| loop_control: | |
| label: "{{ item.username }}" | |
| - name: "[verify]: show that each user has both keys" | |
| ansible.builtin.debug: | |
| msg: "{{ (item.content | b64decode).splitlines() }}" | |
| loop: "{{ key_files.results }}" | |
| loop_control: | |
| label: "{{ item.item.username }}" | |
| $ cat users_initial.yml | |
| users: | |
| - username: user1 | |
| password: secret1 | |
| public_keys: | |
| - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDau24KkhJiZ6OfuhZrkoxv/YxWKJRdefI0lULdI+Lhw user1@machine | |
| - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIGWtkBHm2bLuT40EJMC2d5gFVYl3N6qZcGLdf2BhA9F user1@machine | |
| - username: user2 | |
| password: secret2 | |
| public_keys: | |
| - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFbQwAiS7z6ea+5cZq3eNU5SZ+XwmYF52Z2ZUGEtS9C2 user2@machine | |
| - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII8PnDXPKAWBK6G29tjli796Pyj2Y55RiwGWh2JT1oRu user2@machine | |
| $ cat users_modify.yml | |
| --- | |
| users: | |
| - username: user1 | |
| password: secret1 | |
| public_keys: | |
| - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAGHndjn7XPC59Z9KyrJHjX9/ntoIlHMqqTHRC04U+T0 user1@machine | |
| - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIGWtkBHm2bLuT40EJMC2d5gFVYl3N6qZcGLdf2BhA9F user1@machine | |
| - username: user2 | |
| password: secret2 | |
| public_keys: | |
| - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII8PnDXPKAWBK6G29tjli796Pyj2Y55RiwGWh2JT1oRu user2@machine | |
| $ vagrant up | |
| Bringing machine 'default' up with 'virtualbox' provider... | |
| ==> default: Importing base box 'ubuntu/jammy64'... | |
| ==> default: Matching MAC address for NAT networking... | |
| ==> default: Checking if box 'ubuntu/jammy64' version '20240110.0.0' is up to date... | |
| ==> default: Setting the name of the VM: proof | |
| ==> default: Clearing any previously set network interfaces... | |
| ==> default: Preparing network interfaces based on configuration... | |
| default: Adapter 1: nat | |
| ==> default: Forwarding ports... | |
| default: 22 (guest) => 2222 (host) (adapter 1) | |
| ==> default: Running 'pre-boot' VM customizations... | |
| ==> default: Booting VM... | |
| ==> default: Waiting for machine to boot. This may take a few minutes... | |
| default: SSH address: 127.0.0.1:2222 | |
| default: SSH username: vagrant | |
| default: SSH auth method: private key | |
| default: | |
| default: Vagrant insecure key detected. Vagrant will automatically replace | |
| default: this with a newly generated keypair for better security. | |
| default: | |
| default: Inserting generated public key within guest... | |
| default: Removing insecure key from the guest if it's present... | |
| default: Key inserted! Disconnecting and reconnecting using new SSH key... | |
| ==> default: Machine booted and ready! | |
| ==> default: Checking for guest additions in VM... | |
| default: The guest additions on this VM do not match the installed version of | |
| default: VirtualBox! In most cases this is fine, but in rare cases it can | |
| default: prevent things such as shared folders from working properly. If you see | |
| default: shared folder errors, please make sure the guest additions within the | |
| default: virtual machine match the version of VirtualBox you have installed on | |
| default: your host and reload your VM. | |
| default: | |
| default: Guest Additions Version: 6.0.0 r127566 | |
| default: VirtualBox Version: 7.0 | |
| $ vagrant up --provision-with ansible-initial | |
| Bringing machine 'default' up with 'virtualbox' provider... | |
| ==> default: Checking if box 'ubuntu/jammy64' version '20240110.0.0' is up to date... | |
| ==> default: Running provisioner: ansible-initial (ansible)... | |
| default: Running ansible-playbook... | |
| PLAY [all] ********************************************************************* | |
| TASK [Create users in my test docker container] ******************************** | |
| changed: [default] => (item=user1) | |
| changed: [default] => (item=user2) | |
| TASK [Add keys for each user] ************************************************** | |
| changed: [default] => (item=user1) | |
| changed: [default] => (item=user2) | |
| TASK [[verify]: getauthorized key files contents] ****************************** | |
| ok: [default] => (item=user1) | |
| ok: [default] => (item=user2) | |
| TASK [[verify]: show that each user has both keys] ***************************** | |
| ok: [default] => (item=user1) => { | |
| "msg": [ | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDau24KkhJiZ6OfuhZrkoxv/YxWKJRdefI0lULdI+Lhw user1@machine", | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIGWtkBHm2bLuT40EJMC2d5gFVYl3N6qZcGLdf2BhA9F user1@machine" | |
| ] | |
| } | |
| ok: [default] => (item=user2) => { | |
| "msg": [ | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFbQwAiS7z6ea+5cZq3eNU5SZ+XwmYF52Z2ZUGEtS9C2 user2@machine", | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII8PnDXPKAWBK6G29tjli796Pyj2Y55RiwGWh2JT1oRu user2@machine" | |
| ] | |
| } | |
| PLAY RECAP ********************************************************************* | |
| default : ok=4 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 | |
| $ vagrant up --provision-with ansible-initial | |
| Bringing machine 'default' up with 'virtualbox' provider... | |
| ==> default: Checking if box 'ubuntu/jammy64' version '20240110.0.0' is up to date... | |
| ==> default: Running provisioner: ansible-initial (ansible)... | |
| default: Running ansible-playbook... | |
| PLAY [all] ********************************************************************* | |
| TASK [Create users in my test docker container] ******************************** | |
| ok: [default] => (item=user1) | |
| ok: [default] => (item=user2) | |
| TASK [Add keys for each user] ************************************************** | |
| ok: [default] => (item=user1) | |
| ok: [default] => (item=user2) | |
| TASK [[verify]: getauthorized key files contents] ****************************** | |
| ok: [default] => (item=user1) | |
| ok: [default] => (item=user2) | |
| TASK [[verify]: show that each user has both keys] ***************************** | |
| ok: [default] => (item=user1) => { | |
| "msg": [ | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDau24KkhJiZ6OfuhZrkoxv/YxWKJRdefI0lULdI+Lhw user1@machine", | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIGWtkBHm2bLuT40EJMC2d5gFVYl3N6qZcGLdf2BhA9F user1@machine" | |
| ] | |
| } | |
| ok: [default] => (item=user2) => { | |
| "msg": [ | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFbQwAiS7z6ea+5cZq3eNU5SZ+XwmYF52Z2ZUGEtS9C2 user2@machine", | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII8PnDXPKAWBK6G29tjli796Pyj2Y55RiwGWh2JT1oRu user2@machine" | |
| ] | |
| } | |
| PLAY RECAP ********************************************************************* | |
| default : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 | |
| $ vagrant up --provision-with ansible-alter | |
| Bringing machine 'default' up with 'virtualbox' provider... | |
| ==> default: Checking if box 'ubuntu/jammy64' version '20240110.0.0' is up to date... | |
| ==> default: Running provisioner: ansible-alter (ansible)... | |
| default: Running ansible-playbook... | |
| PLAY [all] ********************************************************************* | |
| TASK [Create users in my test docker container] ******************************** | |
| ok: [default] => (item=user1) | |
| ok: [default] => (item=user2) | |
| TASK [Add keys for each user] ************************************************** | |
| changed: [default] => (item=user1) | |
| changed: [default] => (item=user2) | |
| TASK [[verify]: getauthorized key files contents] ****************************** | |
| ok: [default] => (item=user1) | |
| ok: [default] => (item=user2) | |
| TASK [[verify]: show that each user has both keys] ***************************** | |
| ok: [default] => (item=user1) => { | |
| "msg": [ | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIGWtkBHm2bLuT40EJMC2d5gFVYl3N6qZcGLdf2BhA9F user1@machine", | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAGHndjn7XPC59Z9KyrJHjX9/ntoIlHMqqTHRC04U+T0 user1@machine" | |
| ] | |
| } | |
| ok: [default] => (item=user2) => { | |
| "msg": [ | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII8PnDXPKAWBK6G29tjli796Pyj2Y55RiwGWh2JT1oRu user2@machine" | |
| ] | |
| } | |
| PLAY RECAP ********************************************************************* | |
| default : ok=4 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 | |
| $ vagrant up --provision-with ansible-alter | |
| Bringing machine 'default' up with 'virtualbox' provider... | |
| ==> default: Checking if box 'ubuntu/jammy64' version '20240110.0.0' is up to date... | |
| ==> default: Running provisioner: ansible-alter (ansible)... | |
| default: Running ansible-playbook... | |
| PLAY [all] ********************************************************************* | |
| TASK [Create users in my test docker container] ******************************** | |
| ok: [default] => (item=user1) | |
| ok: [default] => (item=user2) | |
| TASK [Add keys for each user] ************************************************** | |
| ok: [default] => (item=user1) | |
| ok: [default] => (item=user2) | |
| TASK [[verify]: getauthorized key files contents] ****************************** | |
| ok: [default] => (item=user1) | |
| ok: [default] => (item=user2) | |
| TASK [[verify]: show that each user has both keys] ***************************** | |
| ok: [default] => (item=user1) => { | |
| "msg": [ | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIGWtkBHm2bLuT40EJMC2d5gFVYl3N6qZcGLdf2BhA9F user1@machine", | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAGHndjn7XPC59Z9KyrJHjX9/ntoIlHMqqTHRC04U+T0 user1@machine" | |
| ] | |
| } | |
| ok: [default] => (item=user2) => { | |
| "msg": [ | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII8PnDXPKAWBK6G29tjli796Pyj2Y55RiwGWh2JT1oRu user2@machine" | |
| ] | |
| } | |
| PLAY RECAP ********************************************************************* | |
| default : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 | |
| $ vagrant up --provision-with ansible-initial | |
| Bringing machine 'default' up with 'virtualbox' provider... | |
| ==> default: Checking if box 'ubuntu/jammy64' version '20240110.0.0' is up to date... | |
| ==> default: Running provisioner: ansible-initial (ansible)... | |
| default: Running ansible-playbook... | |
| PLAY [all] ********************************************************************* | |
| TASK [Create users in my test docker container] ******************************** | |
| ok: [default] => (item=user1) | |
| ok: [default] => (item=user2) | |
| TASK [Add keys for each user] ************************************************** | |
| changed: [default] => (item=user1) | |
| changed: [default] => (item=user2) | |
| TASK [[verify]: getauthorized key files contents] ****************************** | |
| ok: [default] => (item=user1) | |
| ok: [default] => (item=user2) | |
| TASK [[verify]: show that each user has both keys] ***************************** | |
| ok: [default] => (item=user1) => { | |
| "msg": [ | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIGWtkBHm2bLuT40EJMC2d5gFVYl3N6qZcGLdf2BhA9F user1@machine", | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDau24KkhJiZ6OfuhZrkoxv/YxWKJRdefI0lULdI+Lhw user1@machine" | |
| ] | |
| } | |
| ok: [default] => (item=user2) => { | |
| "msg": [ | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII8PnDXPKAWBK6G29tjli796Pyj2Y55RiwGWh2JT1oRu user2@machine", | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFbQwAiS7z6ea+5cZq3eNU5SZ+XwmYF52Z2ZUGEtS9C2 user2@machine" | |
| ] | |
| } | |
| PLAY RECAP ********************************************************************* | |
| default : ok=4 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment