deployAnsible.yml
1.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
---
- hosts: new-host
become: true
tasks:
- name: New Ansbile Group
group:
name: ansible
state: present
- name: Allow 'ansible' group to have passwordless sudo
lineinfile:
dest: /etc/sudoers
state: present
regexp: '^%ansible'
line: '%ansible ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'
- name: New Ansible User
user:
uid: 1111
home: /home/ansible
name: ansible
group: ansible
shell: /bin/bash
system: no
createhome: yes
- name: Grant Permission
command: usermod -aG sudo ansible
- name: New Directory for authorized_keys
file:
path: "{{ item.path }}"
owner: "{{ item.owner }}"
group: "{{ item.owner }}"
state: directory
with_items:
- { owner: ansible, path: /home/ansible/.ssh }
- copy:
src: /tmp/configuration/authorized_keys
dest: /home/ansible/.ssh/authorized_keys
owner: ansible
group: ansible
mode: 0600
# Update 2