diff options
-rw-r--r-- | Makefile | 8 | ||||
-rw-r--r-- | README | 2 | ||||
-rw-r--r-- | playbook.yml | 22 |
3 files changed, 19 insertions, 13 deletions
@@ -3,10 +3,10 @@ ifdef LIMIT endif ifndef INVENTORY - ARGS += -i inventory -else - ARGS += -i $(INVENTORY) + INVENTORY = inventory endif -all: inventory playbook.yml +ARGS += -i $(INVENTORY) + +all: $(INVENTORY) playbook.yml ansible-playbook playbook.yml $(ARGS) @@ -3,7 +3,7 @@ Okay, so this is simple. 1. populate the inventory file with hosts and the username to add like this: myhost username=myname -theirhost username=theirname +theirhost username=theirname password=somethingsecure theirhost username=myname 2. Add any ssh keys required to the keys directory, one key per file, as myname.pub. diff --git a/playbook.yml b/playbook.yml index 298db81..ada182f 100644 --- a/playbook.yml +++ b/playbook.yml @@ -2,22 +2,28 @@ - hosts: all sudo: yes tasks: - - name: Create user + - name: Create user without password user: name={{ username }} + when: password is not defined - - name: Check for user key - stat: path=keys/{{ username }}.pub - register: user_key + - name: Hash password if extant + local_action: command mkpasswd --method=SHA-512 {{ password }} + register: crypted_password + when: password is defined + + - name: Create user with password + user: name={{ username }} + password={{ crypted_password.stdout }} + when: crypted_password is defined - name: Upload user key authorized_key: user={{ username }} - key="{{ item }}" - when: user_key.stat.exists - with_file: + key={{ lookup('file', item) }} + with_fileglob: - keys/{{ username }}.pub - name: Upload global keys authorized_key: user={{ username }} - key="{{ lookup('file', item) }}" + key={{ lookup('file', item) }} with_fileglob: - keys/global/*.pub |