diff options
author | Quentin <quentin@deuxfleurs.fr> | 2020-09-12 20:17:07 +0200 |
---|---|---|
committer | Quentin <quentin@deuxfleurs.fr> | 2020-09-12 20:17:07 +0200 |
commit | a23e08ce20887efb4e158a02ffee1f775a0db89f (patch) | |
tree | 493a2cef5496aec74e57ad453574fdef6856f92b /os/config/roles/users | |
parent | fb4ffbc7faa0d123ce9bf817d240a8c670c494e3 (diff) | |
download | infrastructure-a23e08ce20887efb4e158a02ffee1f775a0db89f.tar.gz infrastructure-a23e08ce20887efb4e158a02ffee1f775a0db89f.zip |
Refactor 2
Diffstat (limited to 'os/config/roles/users')
-rw-r--r-- | os/config/roles/users/files/alex-key1.pub | 1 | ||||
-rw-r--r-- | os/config/roles/users/files/alex-key2.pub | 1 | ||||
-rw-r--r-- | os/config/roles/users/files/florian-key1.pub | 1 | ||||
-rw-r--r-- | os/config/roles/users/files/florian-key2.pub | 1 | ||||
-rw-r--r-- | os/config/roles/users/files/maximilien-key1.pub | 1 | ||||
-rw-r--r-- | os/config/roles/users/files/quentin-key1.pub | 1 | ||||
-rw-r--r-- | os/config/roles/users/files/quentin-key2.pub | 1 | ||||
-rw-r--r-- | os/config/roles/users/tasks/main.yml | 39 | ||||
-rw-r--r-- | os/config/roles/users/vars/main.yml | 30 |
9 files changed, 76 insertions, 0 deletions
diff --git a/os/config/roles/users/files/alex-key1.pub b/os/config/roles/users/files/alex-key1.pub new file mode 100644 index 0000000..93514ab --- /dev/null +++ b/os/config/roles/users/files/alex-key1.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIDdVbA9fEdqSr5UJ77NnoIqDTVp8ca5kHExhZYI4ecBExFJfonJllXMBN9KdC4ukxtY8Ug47PcMOfMaTBZQc+e+KpvDWpkBt15Xpem3RCxmMBES79sLL7LgtAdBXc5mNaCX8EOEVixWKdarjvxRyf6py6the51G5muaiMpoj5fae4ZpRGjhGTPefzc7y7zRWBUUZ8pYHW774BIaK6XT9gn3hyHV+Occjl/UODXvodktk55YtnuPi8adXTYEsHrVVz8AkFhx+cr0U/U8vtQnsTrZG+JmgQLqpXVs0RDw5bE1RefEbMuYNKxutYKUe3L+ZJtDe0M0MqOFI8a4F5TxP5 katchup@konata diff --git a/os/config/roles/users/files/alex-key2.pub b/os/config/roles/users/files/alex-key2.pub new file mode 100644 index 0000000..1eddcc8 --- /dev/null +++ b/os/config/roles/users/files/alex-key2.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJk4tAEhDkLeik9eEHIHMliyckM/gWr/k6fX/CSmayCM katchup@charlotte diff --git a/os/config/roles/users/files/florian-key1.pub b/os/config/roles/users/files/florian-key1.pub new file mode 100644 index 0000000..47b5593 --- /dev/null +++ b/os/config/roles/users/files/florian-key1.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC/qOM2BYy3UFycDylioACWrnDwg69AoTNE6Ym9W4WI2R+FXd6A1DDG+NLW2orUfkARcJGYEXkzsd3wjDg0s+FS23QWTP+JTkZbdGzuMAcoNeJBtgsCq6m5Q2kvrQc5RscYBr/OZtx2PUfrGyRE3yiVCj38zOgRLRWY0Iqs97tlH74YP4BG3jQ/MI5zXEptWcXBO86FtISB3QyHPRg5OH0192094X/QcG18GKd2ORxC/ZcwK9GdEbJJHgkxJ0TbsQO3KfNTEFBCiynYpYViBsQZsrdBkw4sHHy5OKEahIexdpUg8EJhpyzLn6pvGSqua/mVxirJazgNgtvLlrUsAuNd4/HoWRSqzh51/4hQJ3BV4Yed/tX0rwlT/ZzIIzpGw+qJF3IVuxdvXIineNAEyjVfLVT6hADyQu52ziHSE0cVmUkWT0R7ZgPku0PRBuSeewJIm8uLM69GU/GeRt+mSNl6xOvtBrY/j6sRHcMROlgSHhJ6YnvmkiYXl0MyrH9YGc8= diff --git a/os/config/roles/users/files/florian-key2.pub b/os/config/roles/users/files/florian-key2.pub new file mode 100644 index 0000000..f9935b3 --- /dev/null +++ b/os/config/roles/users/files/florian-key2.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC0OcDsEZdiizsz8UIgOIqOQilnHWq0sOxuu6idOqqLVYLPZEv8owdeC5oIgQj94BcKnRzpe8UHxN13GQdEWsqCim6Zn8G5x1HdZDBC83466x3i6KBkMP0dk+h47tENxKFXBPUbh/2sR8r/lZXEhzCCo7tpVuRZpCc/r8WPbAQpLgDO2D0dR7etwf3ndgObxQU0w7WbN+7NzmaHE+VQLu/pqH0op8jZyebfb26XhZ1JnNrDhp86KYbusagn6wUwp3vaJmK9UyEMi21E5HI0ri51+FP8kaTCUpgIRmgIkKFFWiup5I56K8cpgZHcJ4NY7G3jHJeI3KBlazVMyhDVJ5glI1mV0zgdr7BRGqhn70hjf5vbkzcHbRVaMaGzGENLpTFWnaONB/EbqRghWsiVpV75BYzvxSSM8Yrx8pwKUBtLWU+FjljwuumXNLigLIc/FTxdcLvZudn51+XdJXtCBrBI1H22Q7kYXz7Pi800CDLQ8rUWkW8upQ+zu5fSRH+Ptwc= diff --git a/os/config/roles/users/files/maximilien-key1.pub b/os/config/roles/users/files/maximilien-key1.pub new file mode 100644 index 0000000..963b1f9 --- /dev/null +++ b/os/config/roles/users/files/maximilien-key1.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHMMR6zNzz8NQU80wFquhUCeiXJuGphjP+zNouKbn228GyESu8sfNBwnuZq86vblR11Lz8l2rtCM73GfAKg29qmUWUHRKWvRIYWv2vaUJcCdy0bAxIzcvCvjZX0SpnIKxe9y3Rp0LGO5WLYfw0ZFaavwFZP0Z8w1Kj9/zBmL2X2avbhkaYHi/C1yXhbvESYQysmqLa48EX/TS616MBrgR9zbI9AoTQ9NOHnR14Tve/AP/khcZoBJdm4hTttMbNkEc0wonzdylTDew263SPRs/uoqnQIpUtErdPHqU10Yup8HjXjEyFJsSwcZcM5sZOw5JKckKJwmcd0yjO/x/4/Mk5 diff --git a/os/config/roles/users/files/quentin-key1.pub b/os/config/roles/users/files/quentin-key1.pub new file mode 100644 index 0000000..f3667e0 --- /dev/null +++ b/os/config/roles/users/files/quentin-key1.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDT1+H08FdUSvdPpPKdcafq4+JRHvFVjfvG5Id97LAoROmFRUb/ZOMTLdNuD7FqvW0Da5CPxIMr8ZxfrFLtpGyuG7qdI030iIRZPlKpBh37epZHaV+l9F4ZwJQMIBO9cuyLPXgsyvM/s7tDtrdK1k7JTf2EVvoirrjSzBaMhAnhi7//to8zvujDtgDZzy6aby75bAaDetlYPBq2brWehtrf9yDDG9WAMYJqp//scje/WmhbRR6eSdim1HaUcWk5+4ZPt8sQJcy8iWxQ4jtgjqTvMOe5v8ZPkxJNBine/ZKoJsv7FzKem00xEH7opzktaGukyEqH0VwOwKhmBiqsX2yN quentin@dufour.io diff --git a/os/config/roles/users/files/quentin-key2.pub b/os/config/roles/users/files/quentin-key2.pub new file mode 100644 index 0000000..c1b19fd --- /dev/null +++ b/os/config/roles/users/files/quentin-key2.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBu+KUebaWwlugMC5fGbNhHc6IaQDAC6+1vMc4Ww7nVU1rs2nwI7L5qcWxOwNdhFaorZQZy/fJuCWdFbF61RCKGayBWPLZHGPsfqDuggYNEi1Qil1kpeCECfDQNjyMTK058ZBBhOWNMHBjlLWXUlRJDkRBBECY0vo4jRv22SvSaPUCAnkdJ9rbAp/kqb497PTIb2r1l1/ew8YdhINAlpYQFQezZVfkZdTKxt22n0QCjhupqjfh3gfNnbBX0z/iO+RvAOWRIZsjPFLC+jXl+n7cnu2cq1nvST5eHiYfXXeIgIwmeENLKqp+2Twr7PIdv22PnJkh6iR5kx7eTRxkNZdN quentin@deuxfleurs.fr diff --git a/os/config/roles/users/tasks/main.yml b/os/config/roles/users/tasks/main.yml new file mode 100644 index 0000000..990a041 --- /dev/null +++ b/os/config/roles/users/tasks/main.yml @@ -0,0 +1,39 @@ +- name: Add users in the system + user: + name: "{{ item.username }}" + #groups: docker + shell: "{{ item.shell | default('/bin/bash') }}" + append: no + loop: "{{ active_users + | selectattr('is_admin', 'defined') + | rejectattr('is_admin') + | list + | union( active_users + | selectattr('is_admin', 'undefined') + | list )}}" + +- name: Set admin rights + user: + name: "{{ item.username }}" + groups: docker, sudo + shell: "{{ item.shell | default('/bin/bash') }}" + append: no + loop: "{{ active_users + | selectattr('is_admin', 'defined') + | selectattr('is_admin') + | list }}" + +# [V How SSH Key works] magic is done by subelements, understand the trick at: +# https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#subelements-filter +- name: Add SSH keys + authorized_key: + user: "{{ item.0.username }}" + state: present + key: "{{ lookup('file', item.1) }}" + loop: "{{ active_users | subelements('ssh_keys', skip_missing=True) }}" + +- name: Disable old users + user: + name: "{{ item }}" + state: absent + loop: "{{ disabled_users }}" diff --git a/os/config/roles/users/vars/main.yml b/os/config/roles/users/vars/main.yml new file mode 100644 index 0000000..5f4df4d --- /dev/null +++ b/os/config/roles/users/vars/main.yml @@ -0,0 +1,30 @@ +--- +active_users: + - username: 'quentin' + is_admin: true + ssh_keys: + - 'quentin-key1.pub' + - 'quentin-key2.pub' + + - username: 'alex' + is_admin: true + ssh_keys: + - 'alex-key1.pub' + - 'alex-key2.pub' + + - username: 'maximilien' + is_admin: true + ssh_keys: + - 'maximilien-key1.pub' + + - username: 'florian' + is_admin: false + ssh_keys: + - 'quentin-key1.pub' + #- 'florian-key1.pub' + #- 'florian-key2.pub' + +disabled_users: + - 'john.doe' + - 'erwan' + - 'valentin' |