andrelohmann.accounts

Panoramica Versioni Approfondimenti

Accounts

Last Test

Overview

This project helps you set up users and their public keys on your machines.

Requirements

This setup works on Ubuntu systems.

Role Variables

Create a list of users to be added to the system. You can configure various user settings available at Ansible User Module Documentation. You can also set key parameters (except for "user") from Ansible Authorized Key Module Documentation. The optional array "accounts_sshd_configs" is used for setting SSH configuration options.

accounts_users:
- name: __USERNAME__
  uid: __UID__
  state: present
  groups:
  - sudo
  public_keys:
  - key: ssh-rsa AAA...
    state: present

accounts_sshd_configs:
- key: PermitRootLogin
  value: 'no'
- key: AuthenticationMethods
  value: 'publickey password'
- key: PasswordAuthentication
  value: 'yes'

If you need to add extra users based on the host, you can create another list called accounts_host_users.

accounts_host_users:
- name: __USERNAME__
  uid: __UID__
  state: present
  groups:
  - sudo
  public_keys:
  - key: ssh-rsa AAA...
    state: present

Example Playbook

- hosts: accounts
  roles:
  - { role: andrelohmann.accounts }

Role Development

Special Features

This repository includes tools for easier role development:

  • YAML linting
  • Ansible linting
  • Molecule testing
  • GitHub actions
  • Automatic version updates
  • Updating Ansible Galaxy
  • Showing build status
  • Testing with Vagrant (for development)
  • Testing with Molecule (inside or outside Vagrant)
  • Testing with Docker
  • Development in Visual Studio Code

Prerequisites

For more details, visit Automated Testing with Molecule and GitHub Actions.

  • Install VirtualBox and Vagrant (if you want to use Vagrant).
  • Docker Desktop.
  • Visual Studio Code with the remote extension pack (dependencies specified in .vscode/extensions.json).

Development Setup

This Ansible role development uses Molecule for testing and relies on Visual Studio Code and a development container.

Testing occurs on two Ubuntu versions (focal and jammy).

To run tests within the development container, you need to bind the Docker socket.

Important Folders and Files

.devcontainer

  • Contains the Dockerfile for the development container.
  • Configures how the development container starts (including binding the Docker socket).

molecule/default/Dockerfile.js

  • Acts as a template for all platforms mentioned in molecule/default/molecule.yml.
  • Prepares environments for systemd services (required for some Ansible roles).
  • Installs necessary tools to run Ansible in the derived container.
  • Aligns with platform attributes in molecule/default/molecule.yml.
  • Check the Molecule documentation for more details.

Usage

Visual Studio Code

  • Navigate to your role's root directory and start VSCode:
code .
  • Inside the development container, use the following commands:
yamllint .
ansible-lint .
molecule create
molecule test

Vagrant + VirtualBox

  • Navigate to your role's root directory.
  • Go to the Vagrant folder.
  • Start and access the Vagrant machine:
vagrant up
vagrant ssh
  • Change to the role folder:
cd /etc/ansible/roles/ansible-role- [tab]
  • Now run all tests:
yamllint .
ansible-lint .
molecule create
molecule test

Build and Release Process

The Ansible role has several GitHub workflows to run tests and manage releases.

Protecting the Master/Main Branch

  1. Go to Settings -> Branches -> Add branch protection rule.
  2. Set Branch pattern name to main or master (depending on your default branch).
  3. Check "Require a pull request before merging".
  4. Handle "Require approvals" as needed.

Grant Read and Write Permissions to GITHUB_TOKEN

  • Go to Settings -> Actions -> General -> Workflow permissions -> Choose read and write permissions.

Commit Messages

Follow this format for commit messages to indicate patch, minor, or major version changes.

Patch (0.0.x)

fix(single_word): description

Minor (0.x.0)

feat(single_word): description

Major (x.0.0)

perf(single_word): description
BREAKING CHANGE: description of the breaking change

Make sure to mention "BREAKING CHANGE: " on the second line or later; it won't be recognized if it's on a single line.

Adding GALAXY_API_KEY Secret

  1. Log in to Ansible Galaxy with your GitHub account.
  2. Get the Galaxy API key from Preferences -> API Key.
  3. Open your GitHub repository for the role.
  4. Go to Settings -> Secrets and variables -> Actions -> New repository secret.
  5. Name it "GALAXY_API_KEY" and paste the copied key as the value.

License

MIT License

Author Information

© Andre Lohmann (and others) 2024

GitHub Page

Maintainer Contact

  • Andre Lohmann
    <lohmann.andre (at) gmail (dot) com>
Informazioni sul progetto

ansible galaxy role to deploy users and public keys

role account user public key
Installa
ansible-galaxy install andrelohmann.accounts
GitHub repository
0 stelle
0 fork
0 problemi aperti
Licenza
mit
Download
581
Proprietario