jumpcloud
JumpCloud Role for Ansible
This role installs the JumpCloud agent and restarts the JumpCloud agent service as required. It also:
- make use of JumpCloud API to set JumpCloud System attributes.
- delete any system registered in JumpCloud with the same
displayName
Requirements
cURL and NTP should be installed as prerequisites.
Role Variables
[jumpcloud_api_key
][jumpcloud-api-key]
Default: none Used to modify the attribute of a System on JC portal.
The API key as shown in the JumpCloud's API Settings. To be retrieved from JumpCloud portal by a JC Admin account
To be stored in an Ansible Vault. It's very high-sensitivity Information.
Testing
See README file in the tests
directory
jumpcloud_x_connect_key
Default: none
The X_Connect key as displayed on the Servers > Add
screen. Mandatory.
jumpcloud_directory
Default: /opt/jc
Path to check if JumpCloud has been previously installed.
jumpcloud_x_connect_url
Default: 'https://kickstart.jumpcloud.com/Kickstart'
URL for the install script.
jumpcloud_force_install
Default: no
Used to determine whether or not to force installation of the client if it has been previously installed.
jumpcloud_agent_service
Default: jcagent
Name of the service to restart.
jumpcloud_use_sudo
Default: no
Whether or not to use sudo during installation.
[jumpcloud_tags
][jumpcloud-tags]
The list of JC tags you want a host or a group of hosts to be part of
- 'tag_one'
- 'tag_two'
jumpcloud_displayName
Default: ` {{ inventory_hostname }}``
jumpcloud_allowPublicKeyAuthentication
Default: 'true'
This value must be contained in single quotes "'"
jumpcloud_allowSshPasswordAuthentication
Default: 'true'
This value must be contained in single quotes "'"
jumpcloud_allowSshRootLogin
Default: 'true'
This value must be contained in single quotes "'"
jumpcloud_allowMultiFactorAuthentication
Default: 'false'
This value must be contained in single quotes "'"
Example Playbook
---
- hosts: production
roles:
- { role: inviqa.jumpcloud, jumpcloud_x_connect_key: 'abcdef012234343' }
vars:
jumpcloud_tags:
- 'tag_one'
- 'tag_two'
jumpcloud_displayName: "a new displayName"
jumpcloud_allowPublicKeyAuthentication: 'true'
jumpcloud_allowSshPasswordAuthentication: 'false'
jumpcloud_allowSshRootLogin: 'true'
jumpcloud_allowMultiFactorAuthentication: 'false'
...
License
Author Information
Author Marco Massari Calderone at Inviqa UK Ltd
Inspired by Barney Hanlon "shrikeh"'s Galaxy role ansible-jumpcloud
ansible-galaxy install inviqa/ansible-jumpcloud