cchurch.admin-users

Panoramica Versioni Approfondimenti

Admin Users

This tool helps you manage admin users, their authorized keys, and their sudo access.

Note: Support for Ansible versions earlier than 2.8 has been removed starting from version 0.9.0.

Requirements

  • The sudo package will be installed if it's not already on your system.
  • If you're using Amazon Linux, you also need to install the shadow-utils package before using this tool.

Role Variables

You can customize the role using the following variables:

  • admin_users: A list of admin users to create or update (default is an empty list). Each user should have:

    • username: The admin user's username (required).
    • fullname: The full name of the admin user (optional).
    • shell: The default shell for the user; if you don't specify it, admin_users_default_shell will be used.
    • pubkey: The public key for the user. It can be:
      • A string with the public key content,
      • A URL to a list of keys (e.g., https://github.com/username.keys),
      • A list of strings with public key content or URLs.
      • Support for lists of keys was added in version 0.7.0.
    • pubkey_options: Additional options for the authorized_key module (optional).
    • exclusive: A boolean to indicate whether to remove all other public keys (optional).

  • admin_user_groups: A boolean to indicate whether to create or remove user groups (default is true).

  • admin_users_sudo_nopasswd: A boolean to enable sudo without a password for admin users (default is true).

  • admin_users_default_shell: The default shell for admin users (default is "/bin/bash").

  • admin_users_to_remove: A list of usernames to remove from the system (default is an empty list). If admin_user_groups is true, the groups for these usernames will also be removed.

Dependencies

There are no dependencies required for this role.

Example Playbook

Here is an example of how to update admin users on development and production servers using different options:

- hosts: dev-servers
  vars:
    dev_admin_users:
      - username: joe
        fullname: "Joe Dev"
        pubkey:
          - "ssh-rsa ..."
          - "ssh-dsa ..."
      - username: jim
        fullname: "Jim Dev"
        shell: "/bin/sh"
        pubkey: "https://github.com/jim.keys"
        exclusive: true
  roles:
    - role: cchurch.admin-users
      admin_users: dev_admin_users

- hosts: prod-servers
  vars:
    prod_admin_users:
      - username: jon
        fullname: "Jon Admin"
        pubkey: "ssh-rsa ..."
  roles:
    - role: cchurch.admin-users
      admin_users: prod_admin_users
      admin_users_sudo_nopasswd: false

License

This project is licensed under the BSD license.

Author Information

The author of this tool is Chris Church (cchurch).

Informazioni sul progetto

Manage admin users, authorized keys and sudo access.

role system
Installa
ansible-galaxy install cchurch.admin-users
GitHub repository
20 stelle
8 fork
9 problemi aperti
Licenza
other
Download
4k
Proprietario
Chris Church
Python/Django/Ansible, will code for sweet tea and beer.