mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-30 00:11:03 +01:00
61 lines
1.8 KiB
YAML
61 lines
1.8 KiB
YAML
- name: create administrator
|
|
user:
|
|
name: administrator
|
|
update_password: on_create
|
|
password: "{{ user_administrator_initial_password | password_hash('sha512') }}"
|
|
create_home: yes
|
|
generate_ssh_key: yes
|
|
ssh_key_type: rsa
|
|
ssh_key_bits: 8192
|
|
when: run_once_user_administrator is not defined
|
|
|
|
- name: "set correct rights for {{path_administrator_home}}"
|
|
file:
|
|
path: "{{path_administrator_home}}"
|
|
state: directory
|
|
owner: administrator
|
|
group: administrator
|
|
mode: 0700
|
|
when: run_once_user_administrator is not defined
|
|
|
|
- name: "create {{path_administrator_scripts}}"
|
|
file:
|
|
path: "{{path_administrator_home}}scripts"
|
|
state: directory
|
|
owner: administrator
|
|
group: administrator
|
|
mode: 0700
|
|
when: run_once_user_administrator is not defined
|
|
|
|
- name: create {{path_administrator_home}}.ssh/authorized_keys
|
|
copy:
|
|
src: "{{ inventory_dir }}/files/{{ inventory_hostname }}{{path_administrator_home}}.ssh/authorized_keys"
|
|
dest: "{{path_administrator_home}}.ssh/authorized_keys"
|
|
owner: administrator
|
|
group: administrator
|
|
mode: '0644'
|
|
when: run_once_user_administrator is not defined
|
|
|
|
- name: grant administrator sudo rights with password
|
|
copy:
|
|
src: "administrator"
|
|
dest: /etc/sudoers.d/administrator
|
|
mode: '0644'
|
|
owner: root
|
|
group: root
|
|
notify: sshd restart
|
|
when: run_once_user_administrator is not defined
|
|
|
|
- name: "create {{path_administrator_home}}volumes/"
|
|
file:
|
|
path: "{{path_administrator_home}}volumes"
|
|
state: directory
|
|
owner: administrator
|
|
group: administrator
|
|
mode: 0700
|
|
when: run_once_user_administrator is not defined
|
|
|
|
- name: run the user_administrator tasks once
|
|
set_fact:
|
|
run_once_user_administrator: true
|
|
when: run_once_user_administrator is not defined |