diff options
| author | boom2 <blizzack@blizzack.com> | 2023-12-19 22:23:26 -0500 |
|---|---|---|
| committer | boom2 <blizzack@blizzack.com> | 2023-12-19 22:23:26 -0500 |
| commit | a6ddee3b7d7ca882772677013c7e02bb7a27a526 (patch) | |
| tree | 481d99a7351f79495b6eb1dcb7c8444186c26cae /ansible-practice/system/13_1-create-update-user-with-prompt.yml | |
| parent | 870d6c431b8abaf3df05dc33c45a187f85652f2d (diff) | |
- removed backup files
- add .gitignore
- journal entries on slack packages
- add two new ansible playbooks on create/update users
Diffstat (limited to 'ansible-practice/system/13_1-create-update-user-with-prompt.yml')
| -rw-r--r-- | ansible-practice/system/13_1-create-update-user-with-prompt.yml | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/ansible-practice/system/13_1-create-update-user-with-prompt.yml b/ansible-practice/system/13_1-create-update-user-with-prompt.yml new file mode 100644 index 0000000..7bd0760 --- /dev/null +++ b/ansible-practice/system/13_1-create-update-user-with-prompt.yml @@ -0,0 +1,73 @@ +# +# https://www.howtouselinux.com/post/create-user-with-ansible +# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/user_module.html +# https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html +# https://docs.ansible.com/ansible/latest/collections/community/crypto/openssh_keypair_module.html +# https://www.codesandnotes.be/2020/01/13/generate-ssh-keys-using-ansible/ +# https://docs.ansible.com/ansible/latest/collections/ansible/posix/authorized_key_module.html +# +# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/file_module.html +# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/find_module.html +# +# https://stackoverflow.com/questions/4411457/how-do-i-verify-check-test-validate-my-ssh-passphrase +# +# - an issue i found while trying to update a user's ssh key +# - although the docs state that this can be done...it did not work for me ! +# - the only thing that worked was to remove previous keys and then add new ones +# +# +--- +- name: "13.1 -- custom ansible - create/update user with a prompt" + hosts: dev + become: yes # Run tasks with root/sudo privileges + vars: + username: testuser1 + + vars_prompt: + - name: "passphrase" + prompt: "enter the passphrase for the ssh key" + + tasks: +# - name: backup users ssh keys +# ansible.builtin.shell: | +# sudo mv /home/{{ username }}/.ssh/id_ed25519 /home/{{ username }}/.ssh/id_ed25519_BAK +# mv /home/{{ username }}/.ssh/id_ed25519.pub /home/{{ username }}/.ssh/id_ed25519.pub_BAK +# exit 0 +# tags: ['backup_ssh_files'] + + - name: find files to delete w/ wildcard + ansible.builtin.find: + path: /home/{{ username }}/.ssh + patterns: 'id_ed25519*' + register: ssh_keys + + - name: remove users ssh keys + ansible.builtin.file: + path: "{{ item.path }}" + state: absent + with_items: "{{ ssh_keys.files }}" + tags: ['remove_ssh_files'] + + - name: update user + ansible.builtin.user: + name: "{{ username }}" + state: present # ensure the user is present + generate_ssh_key: true + force: true + ssh_key_type: ed25519 + ssh_key_passphrase: "{{ passphrase }}" + ssh_key_file: .ssh/id_ed25519 + tags: ['update_user'] + +# +# received the following when running this playbook: +# +# TASK [create user] ************************************************* +# +# [DEPRECATION WARNING]: Encryption using the Python crypt module is +# deprecated. The Python crypt module is deprecated and will be removed +# from Python 3.13. Install the passlib library for continued encryption +# functionality. This feature will be removed in version +# 2.17. Deprecation warnings can be disabled by setting +# deprecation_warnings=False in ansible.cfg. +# |