Code Review
/
csit.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
feat(ansible): Migrate Ubuntu Jammy II
[csit.git]
/
fdio.infra.ansible
/
roles
/
user_add
/
tasks
/
main.yaml
diff --git
a/fdio.infra.ansible/roles/user_add/tasks/main.yaml
b/fdio.infra.ansible/roles/user_add/tasks/main.yaml
index
f980aff
..
329c6ab
100644
(file)
--- a/
fdio.infra.ansible/roles/user_add/tasks/main.yaml
+++ b/
fdio.infra.ansible/roles/user_add/tasks/main.yaml
@@
-2,7
+2,7
@@
# file: roles/user_add/tasks/main.yaml
- name: Conf - Add User
# file: roles/user_add/tasks/main.yaml
- name: Conf - Add User
- user:
+
ansible.builtin.
user:
append: "{{ item.append | default(omit) }}"
createhome: "{{ 'yes' if users_create_homedirs else 'no' }}"
generate_ssh_key: "{{ item.generate_ssh_key | default(omit) }}"
append: "{{ item.append | default(omit) }}"
createhome: "{{ 'yes' if users_create_homedirs else 'no' }}"
generate_ssh_key: "{{ item.generate_ssh_key | default(omit) }}"
@@
-16,33
+16,24
@@
- user-add-conf
- name: Conf - SSH keys
- user-add-conf
- name: Conf - SSH keys
- authorized_key:
+ a
nsible.builtin.a
uthorized_key:
user: "{{ item.0.username }}"
key: "{{ item.1 }}"
with_subelements:
- "{{ users }}"
- ssh_key
user: "{{ item.0.username }}"
key: "{{ item.1 }}"
with_subelements:
- "{{ users }}"
- ssh_key
- - skip_missing:
yes
+ - skip_missing:
true
tags:
- user-add-conf
tags:
- user-add-conf
-- name: Conf -
Allow
Password Login
- lineinfile:
+- name: Conf -
Disable
Password Login
+
ansible.builtin.
lineinfile:
dest: "/etc/ssh/sshd_config"
dest: "/etc/ssh/sshd_config"
- regexp: "^PasswordAuthentication
no
"
- line: "PasswordAuthentication
yes
"
+ regexp: "^PasswordAuthentication
yes
"
+ line: "PasswordAuthentication
no
"
notify:
- "Restart SSHd"
notify:
- "Restart SSHd"
+ when:
+ - sshd_disable_password_login
tags:
- user-add-conf
tags:
- user-add-conf
-
-- name: Conf - Add Visudo Entry
- lineinfile:
- dest: "/etc/sudoers"
- state: present
- line: "{{ item.username }} ALL=(ALL) NOPASSWD: ALL"
- validate: "visudo -cf %s"
- with_items: "{{ users }}"
- tags:
- - user-add-conf
-