PeterEdmond/Icingaweb2
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Icingaweb2/ANSIBLE/roles/svc_acct/tasks/main.yml
hbaxter 17c666ff97 Role: svc_acct 
Basic service account ssh key management setup
2025-07-04 09:52:16 +01:00

45 lines
1.1 KiB
YAML
Raw Blame History

- name: Add Local User
user:
name: "{{ svc_acct_name }}"
comment: General Service Account
password_lock: true
shell: "/bin/bash"
create_home: true
- name: Wheel Group
when: ansible_facts['os_family'] == "RedHat"
user:
name: servicelink
groups: wheel
append: true
- name: sudo Group
when: ansible_facts['distribution'] == "Ubuntu"
user:
name: "{{ svc_acct_name }}"
groups: sudo
append: true
- name: Make servicelink sudo Passwordless
lineinfile:
path: /etc/sudoers
state: present
line: "{{ svc_acct_name }} ALL=(ALL) NOPASSWD: ALL"
validate: /usr/sbin/visudo -cf %s
- name: "Make .ssh dir"
file:
path: "/home/{{ svc_acct_name }}/.ssh/"
state: directory
owner: "{{ svc_acct_name }}"
group: "{{ svc_acct_name }}"
mode: "0700"
- name: Make Authorised Key
file:
path: "/home/{{ svc_acct_name }}/.ssh/authorized_keys"
# state: touch
owner: "{{ svc_acct_name }}"
group: "{{ svc_acct_name }}"
mode: "0600"
- name: Add Publickey
lineinfile:
path: "/home//{{ svc_acct_name }}/.ssh/authorized_keys"
line: "{{ item }}"
loop: "{{ svc_acct_keys }}"
Reference in New Issue View Git Blame Copy Permalink