GROG.management-user
Management user
A role for managing a management user.
Requirements
- Hosts should be bootstrapped for ansible usage (have python,...)
- Root privileges, eg
become: yes useradd,userdelandusermodshould be available on the host- sudo should be available (attention: this role will enable sudoers.d if not enabled)
Role Variables
| Variable | Description | Default value |
|---|---|---|
management_user_list |
List of management users | [ management_user_settings ] |
management_user_list_host |
List of management users | [] |
management_user_list_group |
List of management users | [] |
management_user_settings |
Default Settings for the management user (see details!) | see details |
management_user_key |
SSH key for the default user settings | ~/.ssh/id_rsa.pub |
management_user_list, _list_host and _list_group are merged when managing the
users. You can use the host and group lists to specify users per host or group
off hosts.
management_user_settings details
By default a user with following data will be created;
management_user_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
management_user_settings:
name: management
comment: Ansible
shell: '/bin/bash'
authorized_keys:
- key: "{{ management_user_key }}"
exclusive: yes
sudo:
hosts: ALL
as: ALL
commands: ALL
nopasswd: yes
When using the default settings, the ssh key can be overridden using the
management_user_key variable.
It is however recomended to use your own custom user settings. More information about the available attributes can be found in the documentation of the GROG user, authorized-key and sudo roles.
Dependencies
Example Playbook
---
- hosts: all
roles:
- { role: GROG.management-user, become: yes }
Contributing
All assistance, changes or ideas welcome!
Author
By G. Roggemans
License
MIT
Install
ansible-galaxy install GROG.management-userLicense
mit
Downloads
174.8k
Owner
Open Source Science and Technology