Add user with sudo
This commit is contained in:
parent
5e5e19b7bd
commit
315c5d0da3
|
@ -1,14 +1,18 @@
|
||||||
user:
|
user:
|
||||||
name: ariejan
|
name: ariejan
|
||||||
|
password: $1$$$CW5QNaFq/vWd019fB9a/H.
|
||||||
full_name: "Ariejan de Vroom"
|
full_name: "Ariejan de Vroom"
|
||||||
primary_group: users
|
primary_group: users
|
||||||
additional_groups: docker,wheel
|
additional_groups: docker,wheel
|
||||||
shell: /bin/zsh
|
shell: /bin/zsh
|
||||||
country: Netherlands
|
country: Netherlands
|
||||||
|
|
||||||
host_name: archie
|
hostname: archie
|
||||||
|
|
||||||
pacman:
|
pacman:
|
||||||
parallel_downloads: 10
|
parallel_downloads: 10
|
||||||
|
|
||||||
aur_helper: yay
|
aur_helper: yay
|
||||||
|
|
||||||
|
packages:
|
||||||
|
- sudo
|
|
@ -4,3 +4,8 @@
|
||||||
that: ansible_distribution == "Archlinux"
|
that: ansible_distribution == "Archlinux"
|
||||||
fail_msg: "Distribution '{{ ansible_distribution }}' is not supported."
|
fail_msg: "Distribution '{{ ansible_distribution }}' is not supported."
|
||||||
success_msg: "I run Arch, btw"
|
success_msg: "I run Arch, btw"
|
||||||
|
|
||||||
|
- name: Set hostname to {{ hostname }}
|
||||||
|
ansible.builtin.hostname:
|
||||||
|
name: "{{ hostname }}"
|
||||||
|
become: true
|
27
roles/03_user/tasks/main.yml
Normal file
27
roles/03_user/tasks/main.yml
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
---
|
||||||
|
- name: Make sure we have a 'wheel' group
|
||||||
|
group:
|
||||||
|
name: wheel
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Create user
|
||||||
|
ansible.builtin.user:
|
||||||
|
name: "{{ user.name }}"
|
||||||
|
# Use: openssl passwd -salt <salt> -1 <plaintext>
|
||||||
|
password: "{{ user.hashed_password }}"
|
||||||
|
update_password: on_create
|
||||||
|
comment: "{{ user.full_name }}"
|
||||||
|
groups: "{{ user.additional_groups }}"
|
||||||
|
append: yes
|
||||||
|
shell: "{{ user.shell }}"
|
||||||
|
state: present
|
||||||
|
# Force user to change password on first login
|
||||||
|
expires: 0
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Setup sudo
|
||||||
|
copy:
|
||||||
|
dest: /etc/sudoers.d/{{ user.name }}
|
||||||
|
content: "{{ user.name }} ALL=(ALL:ALL) ALL"
|
||||||
|
mode: 0440
|
||||||
|
verify: /usr/sbin/visudo -cf %s
|
Loading…
Reference in New Issue
Block a user