FIX: vars_files removed from inventory hosts file. User is not added to its own group (it happens automatically). Vault password file argument added to run_playbook.sh
This commit is contained in:
@@ -1,7 +1,5 @@
|
|||||||
---
|
---
|
||||||
physical:
|
physical:
|
||||||
vars_files:
|
|
||||||
../../data/secrets.yaml
|
|
||||||
hosts:
|
hosts:
|
||||||
192.168.0.5:
|
192.168.0.5:
|
||||||
ansible_become_password: "{{ ansible_become_password }}"
|
ansible_become_password: "{{ ansible_become_password }}"
|
||||||
@@ -24,13 +24,13 @@
|
|||||||
name: sshusers
|
name: sshusers
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
## Add the user to its own group, sshusers (for ssh access) and sudo (gain root access)
|
## Add the user to sshusers (for ssh access) and sudo (gain root access)
|
||||||
- name: Create a new user with a password for Ansible
|
- name: Create a new user with a password for Ansible
|
||||||
user:
|
user:
|
||||||
name: ansible
|
name: ansible
|
||||||
password: "{{ ansible_user_passwd_hash }}"
|
password: "{{ ansible_user_passwd_hash }}"
|
||||||
|
|
||||||
groups: ansible,sshusers,sudo
|
groups: sshusers,sudo
|
||||||
append: yes
|
append: yes
|
||||||
|
|
||||||
## Since password authentication in SSH will be disabled, we need to add an authorized key
|
## Since password authentication in SSH will be disabled, we need to add an authorized key
|
||||||
|
|||||||
+1
-1
@@ -1,2 +1,2 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
ansible-playbook -i inventory/deploy/hosts.yaml playbooks/deploy.yaml --private-key ~/.ssh/ansible_key
|
ansible-playbook -i inventory/deploy/hosts.yaml playbooks/deploy.yaml --private-key ~/.ssh/ansible_key --vault-password-file .vault_pass
|
||||||
Reference in New Issue
Block a user