add the ansible user to the common role

2021-11-11 20:46:24 +01:00 · 2021-11-11 20:46:24 +01:00 · 2f7cbf2eba
parent 3293d7c822
commit 2f7cbf2eba
2 changed files with 20 additions and 0 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -36,6 +36,24 @@
 - name: "Lock root user"
  command: "passwd -l root"

+- name: Add deploy user
+  user:
+    name: "{{ common_deploy_user_name }}"
+    shell: /bin/bash
+
+- name: Add authorized keys for deploy user
+  authorized_key:
+    user: "{{ common_deploy_user_name }}"
+    key: "{{ lookup('file', item) }}"
+  with_items: "{{ common_deploy_public_key }}"
+
+- name: Add deploy user to sudoers
+  lineinfile:
+    dest: "/etc/sudoers"
+    regexp: "{{ common_deploy_user_name }} ALL"
+    line: "{{ common_deploy_user_name }} ALL=(ALL) NOPASSWD: ALL"
+    state: "present"
+
 - name: "Download Pip"
  get_url:
    url: "https://bootstrap.pypa.io/get-pip.py"
--- a/vars/main.yml
+++ b/vars/main.yml
@ -13,3 +13,5 @@ apt_packages:
  - mosh

 timezone: Europe/Zurich
+
+common_deploy_user_name: ansible