ansible/ansible_collection_users
1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_collection_users.git synced 2024-08-16 10:29:50 +02:00
Code Releases Activity
ansible_collection_users/roles/sshd
History
L3D 0a1c76e21c
create l3d.users.sshd
2024-02-15 02:51:39 +01:00
..
defaults create l3d.users.sshd 2024-02-15 02:51:39 +01:00
handlers create l3d.users.sshd 2024-02-15 02:51:39 +01:00
tasks create l3d.users.sshd 2024-02-15 02:51:39 +01:00
templates create l3d.users.sshd 2024-02-15 02:51:39 +01:00
vars create l3d.users.sshd 2024-02-15 02:51:39 +01:00
README.md create l3d.users.sshd 2024-02-15 02:51:39 +01:00

README.md

Ansible Role SSHD

Ansible role l3d.users.sshd to Manage SSHD Configuration of the system and which Users are allowed to login.

WORK IN PROGRESS

There are two variables to define users. The l3d_users__default_users is ment to put to your group_vars to define a default for your system. The l3d_users__local_users could be put in your host_vars to define host-specific user and admin roles.

Variables:

User Management

  • The dictionary-variable for your group_vars to set your general users and admins is l3d_users__default_users.
  • The dictionary-variable for your host_vars to set your host-specific users and admins is: l3d_users__local_users. The Option of these directory-variables are the following.
option values description
name string The user you want to create
state present Create or delete user
shell /bin/bash The Shell of the User
create_home true create a user home (needed to store ssh keys)
admin false enable it to give the user superpowers
admin_commands string or list Commands that are allows to be run as admin, eg. 'ALL' or specific script
admin_nopassword false Need no Password for sudo
pubkeys string or lookup see examples
exklusive_pubkeys true delete all undefined ssh keys
password password hash See official FAQ
remove false completly remove user if state is absent

Other

name default value description
submodules_versioncheck false Optionaly enable simple versionscheck of this role

Example Playbook

- name: Create System with User and Passwords
  hosts: example.com
  roles:
    - {role: l3d.users.user, tags: 'user'}
  vars:
    l3d_users__local_users:
      - name: 'alice'
        state: 'present'
        shell: '/bin/bash'
        create_home: true
        admin: true
        admin_commands: 'ALL'
        pubkeys: |
          ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPvvXN33GwkTF4ZOwPgF21Un4R2z9hWUuQt1qIfzQyhC
          ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAG65EdcM+JLv0gnzT9LcqVU47Pkw0SqiIg7XipXENi8
          ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJz7zEvUVgJJJsIgfG3izsqYcM22IaKz4jGVUbNRL2PX          
        exklusive_pubkeys: true
      - name: 'bob'
        state: 'present'
        admin: false
        pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"

    l3d_users__create_ansible: true
    l3d_users__set_ansible_ssh_keys: true
    l3d_users__ansible_ssh_keys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
    submodules_versioncheck: true