41 lines
1.1 KiB
YAML
41 lines
1.1 KiB
YAML
---
|
|
## Installing packages
|
|
- name: Install sudo on apt systems
|
|
when: (ansible_facts['distribution'] == "Debian") or
|
|
(ansible_facts['distribution'] == "Ubuntu")
|
|
apt:
|
|
name:
|
|
- sudo
|
|
update-cache: yes
|
|
|
|
- name: Update Alpine packages
|
|
when: (ansible_facts['distribution'] == "Alpine")
|
|
command: /sbin/apk update
|
|
|
|
- name: Install sudo package on Alpine
|
|
when: (ansible_facts['distribution'] == "Alpine")
|
|
command: /sbin/apk add sudo
|
|
|
|
|
|
## Creating and setting up the ansible user
|
|
## First, create sshusers group to grant ssh access
|
|
- name: Ensure group "sshusers" exists
|
|
ansible.builtin.group:
|
|
name: sshusers
|
|
state: present
|
|
|
|
## Add the user to sshusers (for ssh access) and sudo (gain root access)
|
|
- name: Create a new user with a password for Ansible
|
|
user:
|
|
name: ansible
|
|
password: "{{ ansible_user_passwd_hash }}"
|
|
|
|
groups: sshusers,sudo
|
|
append: yes
|
|
|
|
## Since password authentication in SSH will be disabled, we need to add an authorized key
|
|
- name: Set authorized key taken from file
|
|
ansible.posix.authorized_key:
|
|
user: ansible
|
|
state: present
|
|
key: "{{ ansible_ssh_key }}" |