management-user

Management user

Ansible Galaxy Build Status Latest tag Gitter chat

A role for managing a management user.

Requirements

  • Hosts should be bootstrapped for ansible usage (have python,...)
  • Root privileges, eg become: yes
  • useradd, userdel and usermod should be available on the host
  • sudo should be available (attention: this role will enable sudoers.d if not enabled)

Role Variables

Variable Description Default value
management_user_list List of management users [ management_user_settings ]
management_user_list_host List of management users []
management_user_list_group List of management users []
management_user_settings Default Settings for the management user (see details!) see details
management_user_key SSH key for the default user settings ~/.ssh/id_rsa.pub

management_user_list, _list_host and _list_group are merged when managing the users. You can use the host and group lists to specify users per host or group off hosts.

management_user_settings details

By default a user with following data will be created;

management_user_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"

management_user_settings:
  name: management
  comment: Ansible
  shell: '/bin/bash'
  authorized_keys:
    - key: "{{ management_user_key }}"
      exclusive: yes
  sudo:
    hosts: ALL
    as: ALL
    commands: ALL
    nopasswd: yes

When using the default settings, the ssh key can be overridden using the management_user_key variable.

It is however recomended to use your own custom user settings. More information about the available attributes can be found in the documentation of the GROG user, authorized-key and sudo roles.

Dependencies

Example Playbook

---
- hosts: all
  roles:
  - { role: GROG.management-user, become: yes }

Contributing

All assistance, changes or ideas welcome!

Author

By G. Roggemans

License

MIT

Install
ansible-galaxy install GROG/ansible-role-management-user
GitHub repository
License
mit
Downloads
151124
Owner
Open Source Science and Technology