-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsetup_shell.yml
More file actions
77 lines (64 loc) · 2.02 KB
/
setup_shell.yml
File metadata and controls
77 lines (64 loc) · 2.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
- hosts: localhost
gather_facts: false
# privilege user read from encrypted file
vars_files: passwd.yml
vars:
ansible_become: true
ansible_become_method: sudo
ansible_become_user: "{{ root_username }}"
ansible_become_pass: "{{ root_password }}" # from passwd.yam vault
tasks:
- name: Create a script
copy:
content: |
#!/bin/bash
user=$1
if [[ -z "$user" ]]; then
echo "Provide username"
exit 1
else
#echo "Creating group $user "
#sudo groupadd $user
#echo "Creating user $user "
#sudo useradd $user
echo "Creating user $user"
sudo useradd -m -s $(which bash) $user
readme=readme_bob.txt
if [ -f "$readme" ]; then
echo "File $readme exists. Changing permissions to read-only..."
sudo chown $user:$user $readme
sudo chmod 0440 $readme
else
echo "File $file does not exist."
fi
file=$2
if [ -f "$file" ]; then
echo "File $file exists. Updating authorized_keys"
sudo mkdir -p /home/$user/.ssh ;
sudo chmod 700 /home/$user/.ssh
sudo touch /home/$user/.ssh/authorized_keys
sudo chmod 600 /home/$user/.ssh/authorized_keys
cat $file | sudo tee -a /home/$user/.ssh/authorized_keys >/dev/null
sudo chown $user:$user /home/$user/.ssh/authorized_keys
sudo rm $file
else
echo "File $file does not exist."
fi
fi
exit 0
dest: /tmp/script.sh
mode: 0755
- name: Run the script
shell: /tmp/script.sh "{{ user_to_add }}" "{{ public_key_filepath }}"
register: script_result
ignore_errors: true
- debug:
msg: "Success!"
when: script_result.rc == 0
- debug:
msg: "{{script_result.stdout}}"
when: script_result.rc != 0
- name: Delete the script
file:
state: absent
path: /tmp/script.sh