00_preps.yaml

@@ -4,6 +4,7 @@
   become: true
   roles:
     - fail2ban
+    - utilizadores
   tasks:
     - name: PREPS -- install needed packages
       become: true

roles/utilizadores/defaults/main.yml

@@ -0,0 +1,6 @@
+---
+utilizadores:
+  - name: tc
+    github: tcarrondo
+  - name: hugopeixoto
+    github: hugopeixoto

roles/utilizadores/tasks/main.yml

@@ -0,0 +1,35 @@
+---
+# Grupo ansoladm
+
+- name: Create group 'ansoladm'
+  group:
+    name: ansoladm
+    state: present
+- name: 'Allow ansoladm users to sudo without a password'
+  lineinfile:
+    dest: '/etc/sudoers'
+    state: 'present'
+    regexp: '^%ansoladm'
+    line: '%ansoladm ALL=(ALL) NOPASSWD: ALL'
+
+# Utilizadores e chaves
+
+- name: Add user(s)
+  become: true
+  user:
+    name: '{{ item.name }}'
+    shell: /bin/bash
+    groups:
+      - ansoladm
+      - lxd
+    append: yes
+  with_items:
+    - '{{utilizadores}}'
+- name: Add authorized key(s)
+  become: true
+  authorized_key:
+    user: '{{ item.name }}'
+    state: present
+    key: https://github.com/{{ item.github }}.keys
+  with_items:
+    - '{{utilizadores}}'