- removed backup files

- add .gitignore

- journal entries on slack packages

- add two new ansible playbooks on create/update users

10 files changed, 102 insertions, 190 deletions

diff --git a/ansible-practice/system/08-playbook-add-gpg-keys.yml~ b/ansible-practice/system/08-playbook-add-gpg-keys.yml~
deleted file mode 100644
index 889d146..0000000
--- a/ansible-practice/system/08-playbook-add-gpg-keys.yml~
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: "08 - custom ansible - add slackware-related gpg keys to users keychain"
-  hosts: localhost
-  roles:
-    - bash_config
\ No newline at end of file
diff --git a/ansible-practice/system/09-playbook-copy-system-files-on-controller.yml~ b/ansible-practice/system/09-playbook-copy-system-files-on-controller.yml~
deleted file mode 100644
index 90ca529..0000000
--- a/ansible-practice/system/09-playbook-copy-system-files-on-controller.yml~
+++ /dev/null
@@ -1,81 +0,0 @@
-# create backup copies of system files on control node
-#
-#   https://www.freekb.net/Article?id=759
-#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html
-#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/file_module.html
-#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html
-#   https://phoenixnap.com/kb/ansible-check-if-file-exists
-#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#registering-variables
-#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_conditionals.html
-#
-#   https://www.howtouselinux.com/post/ansible-copy-module-examples-to-copy-file-to-remote-server
-#   
-#
-#   had to run the command like so:
-#
-#     ansible-playbook 09-playbook-copy-system-files.yml --ask-become-pass
-#     
-#        -or-
-#
-#     ansible-playbook 09-playbook-copy-system-files.yml -K
-#
-#        -or-
-#
-#     ansible-playbook 09-playbook-copy-system-files.yml --become -K
-#
-
----
-- name: "09 - custom ansible - backup system files"
-  hosts: localhost
-  tasks:
-  - name: check backup directory status
-    ansible.builtin.stat:
-      path: "{{ backup_etc_dir }}"
-    register: backup_dir
-    tags: ['backup_dir_status']
-
-  - name: create backup directory if it does not exist
-    ansible.builtin.file:
-      path: "{{ backup_etc_dir }}"
-      state: directory
-    when: backup_dir.stat.isdir is not defined
-    tags: ['create_backup_dir']
-
-#- name: Print a debug message
-#  ansible.builtin.debug:
-#    msg: "isdir isn't defined (path doesn't exist)"
-#  when: backup_dir.stat.islnk is not defined
-
-#  - name: backup '/etc/fstab' 
-#    ansible.builtin.copy:
-#      src: /etc/fstab
-#      remote_src: true
-#      dest: "{{ backup_etc_dir }}/fstab"
-##      backup: true
-#    when: backup_dir.stat.isdir is defined
-#    delegate_to: localhost
-#    run_once: true
-#    tags: ['fstab']
-
-#  - name: backup '/etc/fstab' locally
-#    ansible.builtin.shell: sudo cp -a /etc/fstab {{ backup_etc_dir }}/
-#    delegate_to: localhost
-#    run_once: true
-#    when: backup_dir.stat.isdir is defined
-#    tags: ['fstab']
-
-  - name: backup special '/etc/' files locally
-    ansible.builtin.shell: |
-      sudo cp -a /etc/hosts.allow {{ backup_etc_dir }}/
-           cp -a /etc/hosts.deny {{ backup_etc_dir }}/
-	   cp -a /etc/inetd.conf {{ backup_etc_dir }}/
-	   cp -a /etc/sudoers {{ backup_etc_dir }}/
-	   cp -a /etc/hosts {{ backup_etc_dir }}/
-	   cp -a /etc/fstab {{ backup_etc_dir }}/
-	   cp -a /etc/inittab {{ backup_etc_dir }}/
-      exit 0
-    delegate_to: localhost
-    run_once: true
-    when: backup_dir.stat.isdir is defined
-    tags: ['fstab']
-
diff --git a/ansible-practice/system/09-playbook-copy-system-files.yml~ b/ansible-practice/system/09-playbook-copy-system-files.yml~
deleted file mode 100644
index 17b0f00..0000000
--- a/ansible-practice/system/09-playbook-copy-system-files.yml~
+++ /dev/null
@@ -1,32 +0,0 @@
-# reboot a host
-#   https://www.freekb.net/Article?id=3078
-#   https://www.freekb.net/Article?id=2395
-#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/reboot_module.html
-#
-#   - will need to find another option for reboot cuz this was a wonky behavior from ansible
-#     - it asked me to enter my passphrase 5 times before actually took properly
-#   
-#   had to run the command like so:
-#
-#     ansible-playbook 11-playbook-reboot.yml --ask-become-pass
-#
-#        -or-
-#
-#     ansible-playbook 11-playbook-reboot.yml -K
-#
-#        -or-
-#
-#     ansible-playbook 11-playbook-reboot.yml --become -K
-#
-
----
-- name: "08 - custom ansible - backup system files"
-  hosts: all
-  tasks:
-    - name: reboot a host
-      ansible.builtin.reboot:
-        msg: "reboot initiated by ansible"
-        connect_timeout: 5
-        post_reboot_delay: 30
-      become: yes
-...
\ No newline at end of file
diff --git a/ansible-practice/system/10-playbook-copy-system-files-on-node.yml~ b/ansible-practice/system/10-playbook-copy-system-files-on-node.yml~
deleted file mode 100644
index 460dd21..0000000
--- a/ansible-practice/system/10-playbook-copy-system-files-on-node.yml~
+++ /dev/null
@@ -1,25 +0,0 @@
-# create backup copies of system files on control node
-#
-#   https://www.freekb.net/Article?id=759
-#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html
-#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/file_module.html
-#   https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html
-#   https://phoenixnap.com/kb/ansible-check-if-file-exists
-#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#registering-variables
-#   https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_conditionals.html
-#
-#   https://www.howtouselinux.com/post/ansible-copy-module-examples-to-copy-file-to-remote-server
-#   
-#
-#   had to run the command like so:
-#
-#     ansible-playbook 10-playbook-copy-system-files-on-node.yml --ask-become-pass
-#     
-#        -or-
-#
-#     ansible-playbook 10-playbook-copy-system-files-on-node.yml -K
-#
-#        -or-
-#
-#     ansible-playbook 10-playbook-copy-system-files-on-node.yml --become -K
-#
diff --git a/ansible-practice/system/11-playbook-herd-new-host.yml~ b/ansible-practice/system/11-playbook-herd-new-host.yml~
deleted file mode 100644
index 6ffe1ea..0000000
--- a/ansible-practice/system/11-playbook-herd-new-host.yml~
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: "11 - custom ansible - herd new host"
-  hosts: localhost
-  roles:
-    - bash_config
\ No newline at end of file
diff --git a/ansible-practice/system/12-replace-text.yml~ b/ansible-practice/system/12-replace-text.yml~
deleted file mode 100644
index 1848ea6..0000000
--- a/ansible-practice/system/12-replace-text.yml~
+++ /dev/null
@@ -1,15 +0,0 @@
----
-- name: "12 - custom ansible - replace text"
-  hosts: dev
-  tasks:
-  - name: update slackpg blacklist
-    ansible.builtin.replace:
-      path: "{{ backup_etc_dir }}/blacklist"
-  #    regexp: '^#(kernel-.+)$'
-  #    replace: '\1'
-      regexp: "kernel"
-      replace: "kerneldaryll"
-      owner: root
-      group: root
-      backup: yes
-      tags: ['slackpkg_blacklist']
diff --git a/ansible-practice/system/13-create-update-user.yml~ b/ansible-practice/system/13-create-update-user.yml~
deleted file mode 100644
index d7fc422..0000000
--- a/ansible-practice/system/13-create-update-user.yml~
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# https://www.howtouselinux.com/post/create-user-with-ansible
-#
----
-- name: "13 - custom ansible - create/update user"
-  hosts: dev
-  become: yes  # Run tasks with root/sudo privileges
-  tasks:
diff --git a/ansible-practice/system/13_1-create-update-user-with-prompt.yml b/ansible-practice/system/13_1-create-update-user-with-prompt.yml
new file mode 100644
index 0000000..7bd0760
--- /dev/null
+++ b/ansible-practice/system/13_1-create-update-user-with-prompt.yml
@@ -0,0 +1,73 @@
+#
+# https://www.howtouselinux.com/post/create-user-with-ansible
+# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/user_module.html
+# https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html
+# https://docs.ansible.com/ansible/latest/collections/community/crypto/openssh_keypair_module.html
+# https://www.codesandnotes.be/2020/01/13/generate-ssh-keys-using-ansible/
+# https://docs.ansible.com/ansible/latest/collections/ansible/posix/authorized_key_module.html
+#
+# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/file_module.html
+# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/find_module.html
+#
+# https://stackoverflow.com/questions/4411457/how-do-i-verify-check-test-validate-my-ssh-passphrase
+#
+# - an issue i found while trying to update a user's ssh key
+#   - although the docs state that this can be done...it did not work for me !
+#   - the only thing that worked was to remove previous keys and then add new ones
+#
+#
+---
+- name: "13.1 -- custom ansible - create/update user with a prompt"
+  hosts: dev
+  become: yes  # Run tasks with root/sudo privileges
+  vars:
+    username: testuser1
+
+  vars_prompt:
+    - name: "passphrase"
+      prompt: "enter the passphrase for the ssh key"
+
+  tasks:
+#    - name: backup users ssh keys
+#      ansible.builtin.shell: |
+#        sudo mv /home/{{ username }}/.ssh/id_ed25519 /home/{{ username }}/.ssh/id_ed25519_BAK 
+#             mv /home/{{ username }}/.ssh/id_ed25519.pub /home/{{ username }}/.ssh/id_ed25519.pub_BAK 
+#        exit 0
+#      tags: ['backup_ssh_files']
+
+    - name: find files to delete w/ wildcard
+      ansible.builtin.find:
+        path: /home/{{ username }}/.ssh
+        patterns: 'id_ed25519*'
+      register: ssh_keys      
+
+    - name: remove users ssh keys
+      ansible.builtin.file:
+        path: "{{ item.path  }}"
+        state: absent
+      with_items: "{{ ssh_keys.files }}"
+      tags: ['remove_ssh_files']
+
+    - name: update user
+      ansible.builtin.user:
+        name: "{{ username }}"
+        state: present                                         # ensure the user is present
+        generate_ssh_key: true
+        force: true
+        ssh_key_type: ed25519
+        ssh_key_passphrase: "{{ passphrase }}"
+        ssh_key_file: .ssh/id_ed25519
+      tags: ['update_user']
+
+#
+# received the following when running this playbook:
+#
+#   TASK [create user] *************************************************
+#  
+#   [DEPRECATION WARNING]: Encryption using the Python crypt module is
+#   deprecated. The Python crypt module is deprecated and will be removed
+#   from Python 3.13. Install the passlib library for continued encryption
+#   functionality. This feature will be removed in version
+#   2.17. Deprecation warnings can be disabled by setting
+#   deprecation_warnings=False in ansible.cfg.
+# 
diff --git a/ansible-practice/system/13_2-create-update-user-authorized_key.yml b/ansible-practice/system/13_2-create-update-user-authorized_key.yml
new file mode 100644
index 0000000..c046fe9
--- /dev/null
+++ b/ansible-practice/system/13_2-create-update-user-authorized_key.yml
@@ -0,0 +1,29 @@
+#
+# https://www.codesandnotes.be/2020/01/13/generate-ssh-keys-using-ansible/
+# https://docs.ansible.com/ansible/latest/collections/ansible/posix/authorized_key_module.html
+# https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_lookups.html
+#
+# - i couldnt really understand why we would use this module 'after' we created the
+#   'testuser' w/ an ssh key.
+#
+#   tldr; you don't !!!!
+#
+#   - the correct way to use this is if u have a list of users and their public keys
+#     stored on the controller node.  then when you create a managed node
+#     you can loop thru creating new users on it and add their public keys to that
+#     new node in a playbook.
+#
+---
+- name: "13.2 -- custom ansible - create/update user with a prompt"
+  hosts: dev
+  become: yes  # Run tasks with root/sudo privileges
+  vars:
+    username: testuser1
+    ssh_path: "keys/{{ username }}/id_ed25519.pub"
+
+  tasks:
+    - name: set authorized key taken from file
+      ansible.posix.authorized_key:
+        user: "{{ username }}"
+        state: present                                         # ensure the user is present
+        key: "{{ lookup('file', ssh_path) }}"
diff --git a/ansible-practice/system/14-verify-user.yml~ b/ansible-practice/system/14-verify-user.yml~
deleted file mode 100644
index 4be4c36..0000000
--- a/ansible-practice/system/14-verify-user.yml~
+++ /dev/null
@@ -1,19 +0,0 @@
-#
-# https://www.howtouselinux.com/post/create-user-with-ansible
-#
----
-- name: "14 - custom ansible - verifyl user"
-  hosts: dev
-  become: yes  # Run tasks with root/sudo privileges
-
-  tasks:
-    - name: check if user exists
-      ansible.builtin.shell:
-      register: user_check
-      ignore_errors: true
-
-    - name: display user information
-      ansible.builtin.debug:
-        msg: "user '{{ username  }}' exists !"
-	when: user_check.rc == 0
-