lab-ansible/roles/common/tasks/users.yml

# vim: ft=yaml.ansible
# code: language=ansible
---
- name: Add users
  ansible.builtin.user:
    name: "{{ item.name }}"
    comment: "{{ item.comment }}"
    groups: "{{ item.groups }}"
    shell: /bin/bash
    state: present
  loop: "{{ users }}"

- name: Add SSH keys to users
  ansible.posix.authorized_key:
    user: "{{ item.name }}"
    key: "{{ item.ssh_keys | join('\n') }}"
    exclusive: true
  loop: "{{ users }}"

- name: Allow passwordless sudo to 'sudo' group
  ansible.builtin.lineinfile:
    path: /etc/sudoers
    regexp: '^%sudo ALL='
    line: '%sudo ALL=(ALL:ALL) NOPASSWD: ALL'
    validate: /usr/sbin/visudo -cf %s
    state: present
Initial commit 2023-10-28 23:00:05 +00:00			`# vim: ft=yaml.ansible`
Prepare multi-host Ansible repo 2023-10-29 19:46:52 +00:00			`# code: language=ansible`
Initial commit 2023-10-28 23:00:05 +00:00			`---`
			`- name: Add users`
			`ansible.builtin.user:`
			`name: "{{ item.name }}"`
			`comment: "{{ item.comment }}"`
			`groups: "{{ item.groups }}"`
			`shell: /bin/bash`
Simplify even more stuff 2023-11-05 18:08:26 +00:00			`state: present`
Initial commit 2023-10-28 23:00:05 +00:00			`loop: "{{ users }}"`

Allow passwordless sudo 2023-11-11 15:35:14 +00:00			`- name: Add SSH keys to users`
Initial commit 2023-10-28 23:00:05 +00:00			`ansible.posix.authorized_key:`
			`user: "{{ item.name }}"`
			`key: "{{ item.ssh_keys \| join('\n') }}"`
			`exclusive: true`
			`loop: "{{ users }}"`
Allow passwordless sudo 2023-11-11 15:35:14 +00:00
			`- name: Allow passwordless sudo to 'sudo' group`
			`ansible.builtin.lineinfile:`
			`path: /etc/sudoers`
			`regexp: '^%sudo ALL='`
			`line: '%sudo ALL=(ALL:ALL) NOPASSWD: ALL'`
			`validate: /usr/sbin/visudo -cf %s`
			`state: present`