Add create user and sudo

This commit is contained in:
Bertrand Benjamin 2018-08-22 21:14:04 +02:00
parent d0f1d4d8a2
commit 0a1068bf8e
5 changed files with 44 additions and 2 deletions

View File

@ -8,3 +8,4 @@
tasks: tasks:
- include: tasks/arch_base_packages.yml - include: tasks/arch_base_packages.yml
- include: tasks/users.yml - include: tasks/users.yml
- include: tasks/sudo.yml

12
files/sudoers Normal file
View File

@ -0,0 +1,12 @@
root ALL=(ALL) ALL
%sudo ALL=(ALL) ALL
# Allow the build user access to pacman. This user can't be accessed without
# being in the sudo group, anyway.
makepkg ALL=NOPASSWD: /usr/bin/pacman *
# If you managed to run malicious code as my user, I'm already fucked, so err
# on the side of usability.
{% for user in deploy_users %}
{{ user }} ALL=(ALL) NOPASSWD:ALL
{% endfor %}

23
tasks/sudo.yml Normal file
View File

@ -0,0 +1,23 @@
---
- name: Install sudo
pacman:
name: sudo
state: present
- name: Configure sudoers
template:
src: files/sudoers
dest: /etc/sudoers
mode: 0440
- name: Create sudo group
group:
name: sudo
state: present
- name: Add local user to sudo group
user:
name: {{ item }}
groups: sudo
append: yes
with_items: '{{ deploy_users }}'

View File

@ -1,2 +1,8 @@
--- ---
- name: Add users
user:
name: "{{ username }}"
password: "{{ password }}"
shell: /bin/zsh
with_items: "{{ users }}"

View File

@ -1,8 +1,8 @@
--- ---
users: users:
- { username: 'lafrite', passworld: ''} - { username: 'lafrite', password: '$6$OnPrZgotbSWZlh0T$VSyF8lUhD/N881d1GsggE7jDFt0uAzls2r.pqgDV6XQKbTqZWfv0X4QWd/3wivUDyzaSjP4LQWVfne7KYR6Vv1'}
- { username: 'waha', passworld: ''} - { username: 'waha', password: '$6$tQLlZ3lI/NDcT3.C$VCBzrpNxDgOK7b2que2/BnAYWl.zKVugZrQEPxtsq3iWcskEzQ1NvytZRXkB4GCDa/xEohxiodyCaZyFnhxby1'}
deploy_users: deploy_users:
- waha - waha