commit 106cdbf15992fbf796c2a991007932680adbb32e from: gonzalo date: Wed Jul 25 23:41:54 2018 UTC initial ansible-role-adduser commit - /dev/null commit + 106cdbf15992fbf796c2a991007932680adbb32e blob - /dev/null blob + 36bbf6208cfd42ac91bfbe7f9126bc9044e186c6 (mode 644) --- /dev/null +++ .travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file blob - /dev/null blob + c848a99ccc72470369e4dfef0cd9b7ff023c8fac (mode 644) --- /dev/null +++ README.md @@ -0,0 +1,24 @@ +Ansible Role Adduser for OpenBSD +================================ + +Create users, the .pub key and put them on doas.conf + +Example Playbook +---------------- + + --- + - hosts: all + roles: + - role: gonzalo-.adduser + + become: True + become_method: doas + + vars: + username: pepe + password: HoLa.321 + +License +------- + +BSD blob - /dev/null blob + 57d60d1e91ab283efd9c960380115617165bb5a4 (mode 644) --- /dev/null +++ defaults/main.yml @@ -0,0 +1,10 @@ +--- +adduser_user_name: '{{ username }}' +adduser_user_home: '/home/{{ username }}' +adduser_user_home_perms: '0700' +adduser_user_comments: '{{ username }}' +adduser_password: '{{ password }}' + +adduser_public_keys: +#- {{ username }}.pub +- /etc/ansible/keys/{{ username }}.pub blob - /dev/null blob + 549b09e511647b31c22b9c83c3d716b3fec1eb6c (mode 644) --- /dev/null +++ files/gonzalo.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQtj+WxYvV7hX/nCX4KgzVXD9XD+DNUNyfCWLNp6sFE9Gj1xFyJB3L1RbrI0J9E5KVAoJ84m7RSC3bCy60e9CXYqNOPCwGg+woO0z7xIwCJol760aboXNDIaaGTxiumIZ7uxDH+Ul0WHmRFOONyCQT9wOCvGZVURDPprlgIcumsiQdekjWZzuLTS2jUVCVMiyJRu9efHGweUpaVY6CYJmHGfC5MMaFn4bBgr90AmL7Wmt8VxzFnoD0KUvREx3CeVa2VNn7h+0KsFf1zoaKfmiTzyf8so6gjCGUH9TSCVwwKu/dFm2ycjVqWFnegRIBJrMxJdqGrL9KyQzW1WFQoxV/ gonzalo@r0nin.x61.com.ar blob - /dev/null blob + ed9f78ffc770e1a47d277b8fd5593d8848fa609e (mode 644) --- /dev/null +++ handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for adduser blob - /dev/null blob + 17268a0da7dcb290b71930b46327a2dad4f07ea6 (mode 644) --- /dev/null +++ meta/main.yml @@ -0,0 +1,21 @@ +--- +galaxy_info: + author: gonzalo- + description: Add OpenBSD user and in doas.conf file + license: BSD + min_ansible_version: 1.9 + galaxy_tags: + - openbsd + - system + - ssh + platforms: + - name: OpenBSD + versions: + - all + - 5.6 + - 5.7 + - 5.8 + - 5.9 + - 6.0 +dependencies: [] + blob - /dev/null blob + 56e8a6bc186c942b56ae6dc26fadc5820fe6432a (mode 644) --- /dev/null +++ tasks/main.yml @@ -0,0 +1,42 @@ +--- +- name: Add user + user: name={{ adduser_user_name }} password="{{ adduser_password }}" comment="{{ adduser_user_comments }}" shell=/bin/sh + become: yes + +- name: Add user OpenBSD + user: name={{ adduser_user_name }} shell=/bin/sh + become: yes + when: ansible_distribution == 'OpenBSD' + +- name: Set /home/{{ adduser_user_name }} permissions to 0700 + file: "dest={{ adduser_user_home }} owner={{ adduser_user_name }} mode={{ adduser_user_home_perms }} state=directory" + become: yes + +- debug: var=adduser_public_keys +- name: Add authorized keys for {{ adduser_user_name }} user + authorized_key: + "user='{{ adduser_user_name }}' key='{{ item }}'" + with_file: "{{ adduser_public_keys }}" + when: adduser_public_keys is defined and adduser_public_keys != "" and adduser_sshkey_options is not defined + become: yes + +- name: Add authorized keys for {{ adduser_user_name }} user - key_options + authorized_key: + user: "{{ adduser_user_name }}" + key: "{{ item }}" + key_options: "{{ adduser_sshkey_options }}" + with_file: "{{ adduser_public_keys }}" + when: adduser_public_keys is defined and adduser_public_keys != "" and adduser_sshkey_options is defined + become: yes + +- name: SSH authorized_keys {{ adduser_user_name }} + file: + dest={{ adduser_user_home }}/.ssh owner={{ adduser_user_name }} mode=700 state=directory + become: yes + when: ansible_distribution != 'OpenBSD' and ansible_os_family != 'Darwin' + +- stat: path=/etc/doas.conf + register: doas +- name: Add user to doas.conf + lineinfile: "dest=/etc/doas.conf line='permit {{ adduser_user_name }} as root' state=present" + become: yes blob - /dev/null blob + d18580b3c364645735235c667c2a546e28c273bb (mode 644) --- /dev/null +++ tests/inventory @@ -0,0 +1 @@ +localhost \ No newline at end of file blob - /dev/null blob + 9a7b6f515b3aa8b5dfdc921cc6a62053f43a7eb7 (mode 644) --- /dev/null +++ tests/test.yml @@ -0,0 +1,10 @@ +--- +- hosts: all + roles: + - role: adduser + + become: True + + vars: + username: gonzalo + password: HoLa.321 blob - /dev/null blob + 7f903e6c5fdc94faddac2089b15b942ba9849887 (mode 644) --- /dev/null +++ vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for adduser