Merge pull request 'role-utilizadores-ansol' (#7) from role-utilizadores-ansol into master

Reviewed-on: #7
2022-03-06 15:06:11 +00:00 · 2022-03-06 15:06:11 +00:00 · dca0962415
parent ca802e834e c903486fba
commit dca0962415
3 changed files with 42 additions and 0 deletions
--- a/00_preps.yaml
+++ b/00_preps.yaml
@ -4,6 +4,7 @@
  become: true
  roles:
    - fail2ban
+    - utilizadores
  tasks:
    - name: PREPS -- install needed packages
      become: true
--- a/roles/utilizadores/defaults/main.yml
+++ b/roles/utilizadores/defaults/main.yml
@ -0,0 +1,6 @@
+---
+utilizadores:
+  - name: tc
+    github: tcarrondo
+  - name: hugopeixoto
+    github: hugopeixoto
--- a/roles/utilizadores/tasks/main.yml
+++ b/roles/utilizadores/tasks/main.yml
@ -0,0 +1,35 @@
+---
+# Grupo ansoladm
+
+- name: Create group 'ansoladm'
+  group:
+    name: ansoladm
+    state: present
+- name: 'Allow ansoladm users to sudo without a password'
+  lineinfile:
+    dest: '/etc/sudoers'
+    state: 'present'
+    regexp: '^%ansoladm'
+    line: '%ansoladm ALL=(ALL) NOPASSWD: ALL'
+
+# Utilizadores e chaves
+
+- name: Add user(s)
+  become: true
+  user:
+    name: '{{ item.name }}'
+    shell: /bin/bash
+    groups:
+      - ansoladm
+      - lxd
+    append: yes
+  with_items:
+    - '{{utilizadores}}'
+- name: Add authorized key(s)
+  become: true
+  authorized_key:
+    user: '{{ item.name }}'
+    state: present
+    key: https://github.com/{{ item.github }}.keys
+  with_items:
+    - '{{utilizadores}}'