변군이글루

[ANSIBLE] 일반 계정 생성 본문

프___기타

[ANSIBLE] 일반 계정 생성

변군 변군이글루 2017.04.25 11:02

[ANSIBLE] 일반 계정 생성

 

: 일반 계정 생성

  --- 패스워드 설정, SSH 키, sudoer 등록

 

$ vi initialize_basic_user.yml
------
---
- hosts: 192.168.56.111
  remote_user: root
  vars:
    NORMAL_USER_NAME: 'devops5'
  tasks:
    - name: "Create a secondary, non-root user"
      user: name={{ NORMAL_USER_NAME }}
            password='$6$fiyFUkCW$Eb46egUj8Ta1OqMTZfZUmXV2TxIGeKjlMXTZWdRXV0n99aY97yhLEe8LHjpfRSoLKNHJCiKIpQjr/bklT2C9I1'
            shell=/bin/bash

    - name: Add remote authorized key to allow future passwordless logins
      authorized_key: user={{ NORMAL_USER_NAME }} key="{{ lookup('file', '.ssh/id_rsa.pub') }}"
      #authorized_key: user={{ NORMAL_USER_NAME }} key="{{ lookup('file', '/home/{{ NORMAL_USER_NAME }}/.ssh/id_rsa.pub') }}"

    - name: Add normal user to sudoers
      lineinfile: dest=/etc/sudoers
                  regexp="{{ NORMAL_USER_NAME }} ALL"
                  line="{{ NORMAL_USER_NAME }} ALL=(ALL) NOPASSWD:ALL"
                  state=present
------

 

$ ansible-playbook --ask-pass -u root initialize_basic_user.yml

 

$ tree -a
.
├── .ssh
│   ├── id_rsa
│   └── id_rsa.pub
└── initialize_basic_user.yml

 

$ cat a_useradd.yml
---
- hosts: 192.168.56.111,192.168.56.112,192.168.56.113
  remote_user: root
  vars:
    USER_NAME: 'devops5'
  tasks:
    - name: "new account"
      user: name={{ USER_NAME }}
            password='$6$r8QrZkp/$nyrCAy3TQVrnHOO7wn0cAhqpgsJUnOOo1r9OLwhjPSaUzEP6yvYNXVC/QR.lLPMZc3bcf3A1Az2QjUsXpWIv41'
            #password : P@ssw0rd

$ ansible-playbook --ask-pass -u root a_useradd.yml

 

원본URL: https://www.linode.com/docs/applications/configuration-management/getting-started-with-ansible

0 Comments
댓글쓰기 폼