Consensus: Admin Users

This role creates admin users and adds an 'ansible' role that allows for password-less sudo access. This is useful for running Ansible.

Requirements

No special requirements.

Role Variables

You need to specify a list of admin users in the admin_users variable. It's a good idea to define this globally so the same users are created across all servers, but you can also set them individually for each host. The only required details are name and ssh_pub_key.

admin_users:
  - name: ergonlogic                 # Required.
    comment: Christopher Gervais     # Optional, defaults to ''.
    shell: /bin/bash                  # Optional, defaults to '/bin/bash'.
    groups: 'sudo,adm'                # Optional, defaults to 'sudo,adm,ansible'.
    password: "$6$r4r..."             # Optional, defaults to '*', meaning no password.
    ssh_pub_keys:                     # Required.
      - "ssh-rsa AAAAB3..."

Dependencies

None.

Example Playbook

You can include this role in your playbook just like any other role. You can also add users specific to a host as shown below:

- hosts: servers
  vars:
    local_admin_users:
      - name: joe
        ssh_pub_keys:
          - "ssh-rsa AAAAB3..."
    admin_users: "{{ admin_users + local_admin_users }}"
  roles:
    - consensus.admin_users

License

This role is licensed under GNU AGPLv3.

Author Information

This role was originally written by Christopher Gervais in 2016, with updates from Dan Friedman and the team at Consensus Enterprises. To reach us, please use our Web contact form.