From dd89fb3261a42d8e8deba7f1fa237cfa1b7180f7 Mon Sep 17 00:00:00 2001 From: Tiago Carrondo Date: Thu, 3 Mar 2022 22:43:09 +0000 Subject: [PATCH 1/4] =?UTF-8?q?primeira=20vers=C3=A3o=20da=20role?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- roles/utilizadores/tasks/main.yml | 45 +++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 roles/utilizadores/tasks/main.yml diff --git a/roles/utilizadores/tasks/main.yml b/roles/utilizadores/tasks/main.yml new file mode 100644 index 0000000..e73d5a3 --- /dev/null +++ b/roles/utilizadores/tasks/main.yml @@ -0,0 +1,45 @@ +--- +# Grupo ansoladm + +- name: Create group 'ansoladm' + group: + name: ansoladm + state: present +- name: 'Allow ansoladm users to sudo without a password' + lineinfile: + dest: '/etc/sudoers' + state: 'present' + regexp: '^%ansoladm' + line: '%ansoladm ALL=(ALL) NOPASSWD: ALL' + +# Tiago Carrondo + +- name: Add user 'tc' + become: true + user: + name: tc + shell: /bin/bash + groups: ansoladm + append: yes +- name: Add 'tc' authorized keys + become: true + authorized_key: + user: tc + state: present + key: https://github.com/tcarrondo.keys + +# Hugo Peixoto + +- name: Add user 'hugopeixoto' + become: true + user: + name: hugopeixoto + shell: /bin/bash + groups: ansoladm + append: yes +- name: Add 'hugopeixoto' authorized keys + become: true + authorized_key: + user: hugopeixoto + state: present + key: https://github.com/hugopeixoto.keys From 62a4d1b4706e4b27eae2d5296bd810c46122e34b Mon Sep 17 00:00:00 2001 From: Tiago Carrondo Date: Thu, 3 Mar 2022 22:43:23 +0000 Subject: [PATCH 2/4] usar a role --- 00_preps.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/00_preps.yaml b/00_preps.yaml index 11691a5..8ce776f 100644 --- a/00_preps.yaml +++ b/00_preps.yaml @@ -4,6 +4,7 @@ become: true roles: - fail2ban + - utilizadores tasks: - name: PREPS -- install needed packages become: true From 1f672dbfeb8ee18b6526a4fb93fb5cc05551be7d Mon Sep 17 00:00:00 2001 From: Tiago Carrondo Date: Thu, 3 Mar 2022 23:11:02 +0000 Subject: [PATCH 3/4] less is more --- roles/utilizadores/defaults/main.yml | 6 ++++++ roles/utilizadores/tasks/main.yml | 32 +++++++++------------------- 2 files changed, 16 insertions(+), 22 deletions(-) create mode 100644 roles/utilizadores/defaults/main.yml diff --git a/roles/utilizadores/defaults/main.yml b/roles/utilizadores/defaults/main.yml new file mode 100644 index 0000000..965ff25 --- /dev/null +++ b/roles/utilizadores/defaults/main.yml @@ -0,0 +1,6 @@ +--- +utilizadores: + - name: tc + github: tcarrondo + - name: hugopeixoto + github: hugopeixoto diff --git a/roles/utilizadores/tasks/main.yml b/roles/utilizadores/tasks/main.yml index e73d5a3..2019845 100644 --- a/roles/utilizadores/tasks/main.yml +++ b/roles/utilizadores/tasks/main.yml @@ -12,34 +12,22 @@ regexp: '^%ansoladm' line: '%ansoladm ALL=(ALL) NOPASSWD: ALL' -# Tiago Carrondo +# Utilizadores e chaves -- name: Add user 'tc' +- name: Add user(s) become: true user: - name: tc + name: '{{ item.name }}' shell: /bin/bash groups: ansoladm append: yes -- name: Add 'tc' authorized keys + with_items: + - '{{utilizadores}}' +- name: Add authorized key(s) become: true authorized_key: - user: tc + user: '{{ item.name }}' state: present - key: https://github.com/tcarrondo.keys - -# Hugo Peixoto - -- name: Add user 'hugopeixoto' - become: true - user: - name: hugopeixoto - shell: /bin/bash - groups: ansoladm - append: yes -- name: Add 'hugopeixoto' authorized keys - become: true - authorized_key: - user: hugopeixoto - state: present - key: https://github.com/hugopeixoto.keys + key: https://github.com/{{ item.github }}.keys + with_items: + - '{{utilizadores}}' From c903486fbad96aa91cb04fa2fe8012713161f46c Mon Sep 17 00:00:00 2001 From: Tiago Carrondo Date: Sun, 6 Mar 2022 14:55:33 +0000 Subject: [PATCH 4/4] add users to group lxd --- roles/utilizadores/tasks/main.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/utilizadores/tasks/main.yml b/roles/utilizadores/tasks/main.yml index 2019845..b2c0092 100644 --- a/roles/utilizadores/tasks/main.yml +++ b/roles/utilizadores/tasks/main.yml @@ -19,7 +19,9 @@ user: name: '{{ item.name }}' shell: /bin/bash - groups: ansoladm + groups: + - ansoladm + - lxd append: yes with_items: - '{{utilizadores}}'