-
Notifications
You must be signed in to change notification settings - Fork 8
Expand file tree
/
Copy pathcreate_cyhy_user.yml
More file actions
27 lines (25 loc) · 892 Bytes
/
create_cyhy_user.yml
File metadata and controls
27 lines (25 loc) · 892 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
---
# The bastion is the only instance that does not need a cyhy user for
# operational functionality.
- name: Create the cyhy user and set up SSH access
hosts: all:!bastion
become: true
become_method: ansible.builtin.sudo
tasks:
- name: Create the cyhy user
ansible.builtin.user:
home: "{{ cyhy_user_home_directory }}"
name: "{{ cyhy_user_username }}"
shell: /bin/bash
uid: "{{ cyhy_user_uid }}"
register: user_info
- name: Modify permissions on the home directory
ansible.builtin.file:
mode: u=rwx,g=rx,o=
path: "{{ user_info.home }}"
- name: Add the SSH public key as an authorized key
ansible.posix.authorized_key:
key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOreUDnms12MPI0gh7K+YGaESYgC2TY1zA+kSK/g+n5+ cyhy
user: "{{ cyhy_user_username }}"
vars_files:
- vars/cyhy_user.yml