-
Notifications
You must be signed in to change notification settings - Fork 0
/
bootstrap.yml
47 lines (39 loc) · 1023 Bytes
/
bootstrap.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
---
- hosts: all
become: true
pre_tasks:
- name: install updates
tags: always
ansible.builtin.apt:
update_cache: yes
upgrade: dist
- hosts : all
become: true
tasks:
- name: Include ansible user and ssh key from ssh_config.yaml
ansible.builtin.include_vars:
file: ssh_config.yaml
- name: create ansible user
tags: always
ansible.builtin.user:
name: "{{ user_for_ansible }}"
shell: /bin/bash
state: present
- name: add ssh key
tags: always
ansible.builtin.authorized_key:
user: "{{ user_for_ansible }}"
key: "{{ user_for_ansible_ssh_key }}"
- name: add user to sudo group
tags: always
user:
name: "{{ user_for_ansible }}"
groups: sudo
append: yes
- name: allow passwordless sudo for the user
lineinfile:
path: /etc/sudoers
state: present
regexp: '^{{ user_for_ansible }}'
line: '{{ user_for_ansible }} ALL=(ALL) NOPASSWD:ALL'
validate: '/usr/sbin/visudo -cf %s'