32 lines
837 B
YAML
32 lines
837 B
YAML
---
|
|
- hosts: all
|
|
become: true
|
|
become_method: su
|
|
become_user: root
|
|
tasks:
|
|
- name: Create the ansible user
|
|
ansible.builtin.user:
|
|
name: ansible
|
|
append: true
|
|
state: present
|
|
createhome: true
|
|
shell: /bin/bash
|
|
|
|
- name: Make sure the sudoers dropin directory exists
|
|
ansible.builtin.file:
|
|
path: "/etc/sudoers.d"
|
|
state: directory
|
|
|
|
- name: Create a sudoers file for the ansible user
|
|
ansible.builtin.lineinfile:
|
|
path: "/etc/sudoers.d/50-ansible"
|
|
line: "ansible ALL=(ALL) NOPASSWD: ALL"
|
|
create: true
|
|
validate: "visudo -cf"
|
|
|
|
- name: Add authorized key for ansible user
|
|
ansible.builtin.authorized_key:
|
|
user: ansible
|
|
key: "{{ lookup('ansible.builtin.file', '/home/ansible/.ssh/id_rsa.pub') }}"
|
|
|