Gotweb

Commit Diff

Commit:: 106cdbf15992fbf796c2a991007932680adbb32e
From:: gonzalo <gonzalo@gonzalo>
Date:: Wed Jul 25 23:41:54 2018 UTC
Message:: initial ansible-role-adduser
Actions:: Patch | Tree
commit - /dev/null
commit + 106cdbf15992fbf796c2a991007932680adbb32e
blob - /dev/null
blob + 36bbf6208cfd42ac91bfbe7f9126bc9044e186c6 (mode 644)
--- /dev/null
+++ .travis.yml
@@ -0,0 +1,29 @@
+---
+language: python
+python: "2.7"
+
+# Use the new container infrastructure
+sudo: false
+
+# Install ansible
+addons:
+  apt:
+    packages:
+    - python-pip
+
+install:
+  # Install ansible
+  - pip install ansible
+
+  # Check ansible version
+  - ansible --version
+
+  # Create ansible.cfg with correct roles_path
+  - printf '[defaults]\nroles_path=../' >ansible.cfg
+
+script:
+  # Basic role syntax check
+  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/
\ No newline at end of file
blob - /dev/null
blob + c848a99ccc72470369e4dfef0cd9b7ff023c8fac (mode 644)
--- /dev/null
+++ README.md
@@ -0,0 +1,24 @@
+Ansible Role Adduser for OpenBSD
+================================
+
+Create users, the .pub key and put them on doas.conf
+
+Example Playbook
+----------------
+
+     ---
+     - hosts: all
+       roles:
+       - role: gonzalo-.adduser
+
+       become: True
+       become_method: doas
+
+       vars:
+           username: pepe
+           password: HoLa.321
+
+License
+-------
+
+BSD
blob - /dev/null
blob + 57d60d1e91ab283efd9c960380115617165bb5a4 (mode 644)
--- /dev/null
+++ defaults/main.yml
@@ -0,0 +1,10 @@
+---
+adduser_user_name: '{{ username }}'
+adduser_user_home: '/home/{{ username }}'
+adduser_user_home_perms: '0700'
+adduser_user_comments: '{{ username }}'
+adduser_password: '{{ password }}'
+
+adduser_public_keys:
+#- {{ username }}.pub
+- /etc/ansible/keys/{{ username }}.pub
blob - /dev/null
blob + 549b09e511647b31c22b9c83c3d716b3fec1eb6c (mode 644)
--- /dev/null
+++ files/gonzalo.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQtj+WxYvV7hX/nCX4KgzVXD9XD+DNUNyfCWLNp6sFE9Gj1xFyJB3L1RbrI0J9E5KVAoJ84m7RSC3bCy60e9CXYqNOPCwGg+woO0z7xIwCJol760aboXNDIaaGTxiumIZ7uxDH+Ul0WHmRFOONyCQT9wOCvGZVURDPprlgIcumsiQdekjWZzuLTS2jUVCVMiyJRu9efHGweUpaVY6CYJmHGfC5MMaFn4bBgr90AmL7Wmt8VxzFnoD0KUvREx3CeVa2VNn7h+0KsFf1zoaKfmiTzyf8so6gjCGUH9TSCVwwKu/dFm2ycjVqWFnegRIBJrMxJdqGrL9KyQzW1WFQoxV/ gonzalo@r0nin.x61.com.ar
blob - /dev/null
blob + ed9f78ffc770e1a47d277b8fd5593d8848fa609e (mode 644)
--- /dev/null
+++ handlers/main.yml
@@ -0,0 +1,2 @@
+---
+# handlers file for adduser
blob - /dev/null
blob + 17268a0da7dcb290b71930b46327a2dad4f07ea6 (mode 644)
--- /dev/null
+++ meta/main.yml
@@ -0,0 +1,21 @@
+---
+galaxy_info:
+  author: gonzalo-
+  description: Add OpenBSD user and in doas.conf file
+  license: BSD
+  min_ansible_version: 1.9
+  galaxy_tags:
+  - openbsd
+  - system
+  - ssh
+  platforms:
+  - name: OpenBSD
+    versions:
+     - all
+     - 5.6
+     - 5.7
+     - 5.8
+     - 5.9
+     - 6.0
+dependencies: []
+
blob - /dev/null
blob + 56e8a6bc186c942b56ae6dc26fadc5820fe6432a (mode 644)
--- /dev/null
+++ tasks/main.yml
@@ -0,0 +1,42 @@
+---
+- name: Add user
+  user: name={{ adduser_user_name }} password="{{ adduser_password }}" comment="{{ adduser_user_comments }}" shell=/bin/sh
+  become: yes
+
+- name: Add user OpenBSD
+  user: name={{ adduser_user_name }} shell=/bin/sh
+  become: yes
+  when: ansible_distribution == 'OpenBSD'
+
+- name: Set /home/{{  adduser_user_name }} permissions to 0700
+  file: "dest={{ adduser_user_home }} owner={{ adduser_user_name }} mode={{ adduser_user_home_perms }} state=directory"
+  become: yes
+
+- debug: var=adduser_public_keys
+- name: Add authorized keys for {{ adduser_user_name }} user
+  authorized_key:
+    "user='{{ adduser_user_name }}' key='{{ item }}'"
+  with_file: "{{ adduser_public_keys }}"
+  when: adduser_public_keys is defined and adduser_public_keys != "" and adduser_sshkey_options is not defined
+  become: yes
+
+- name: Add authorized keys for {{ adduser_user_name }} user - key_options
+  authorized_key:
+    user: "{{ adduser_user_name }}"
+    key: "{{ item }}"
+    key_options: "{{ adduser_sshkey_options }}"
+  with_file: "{{ adduser_public_keys }}"
+  when: adduser_public_keys is defined and adduser_public_keys != "" and adduser_sshkey_options is defined
+  become: yes
+
+- name: SSH authorized_keys {{ adduser_user_name }}
+  file:
+    dest={{ adduser_user_home }}/.ssh owner={{ adduser_user_name }} mode=700 state=directory
+  become: yes
+  when: ansible_distribution != 'OpenBSD' and ansible_os_family != 'Darwin'
+
+- stat: path=/etc/doas.conf
+  register: doas
+- name: Add user to doas.conf
+  lineinfile: "dest=/etc/doas.conf line='permit {{ adduser_user_name }} as root' state=present"
+  become: yes
blob - /dev/null
blob + d18580b3c364645735235c667c2a546e28c273bb (mode 644)
--- /dev/null
+++ tests/inventory
@@ -0,0 +1 @@
+localhost
\ No newline at end of file
blob - /dev/null
blob + 9a7b6f515b3aa8b5dfdc921cc6a62053f43a7eb7 (mode 644)
--- /dev/null
+++ tests/test.yml
@@ -0,0 +1,10 @@
+---
+- hosts: all
+  roles:
+  - role: adduser
+
+  become: True
+
+  vars:
+  username: gonzalo
+  password: HoLa.321
blob - /dev/null
blob + 7f903e6c5fdc94faddac2089b15b942ba9849887 (mode 644)
--- /dev/null
+++ vars/main.yml
@@ -0,0 +1,2 @@
+---
+# vars file for adduser