slococo
/
ansible-playground
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Update local_accounts

This commit is contained in:
Santiago Lo Coco 2024-04-12 21:10:59 +00:00
parent ab3bd183f5
commit 7c88dcf5f7
5 changed files with 109 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
slococo/playground/README.md
View File

@ -1,3 +1,106 @@
# Ansible Collection - slococo.playground
Documentation for the collection.
## Overview
This Ansible collection contains two roles: `local_accounts` and `ssh_config`. These roles are designed to automate the configuration of local user accounts and SSH daemon settings on target hosts.
## Requirements
- Ansible version supporting collections (`ansible-core` > 2.12)
## Role: local_accounts
### Description
This role configures multiple local user accounts on the target host as specified in a list of dictionaries variable.
### Variables
- `local_users`: List of dictionaries defining each local user account with the following fields:
- `name`: Username
- `shell`: Login shell for the user
- `userid`: User ID
- `expiry_date`: Expiry date for the account (optional)
- `home`: Path for the home directory (optional)
- `groups`: List of groups the user belongs to (optional)
### Usage
Include the `local_accounts` role in your playbook and define the `local_users` variable accordingly.
```yaml
- name: Configure local accounts
hosts: target_hosts
roles:
- role: slococo.playground.local_accounts
vars:
local_accounts_list:
- name: local_adm
shell: /bin/bash
userid: 38000087
expiry_date: null
home: /home/local_adm
groups: [primary_group]
- name: local_log
shell: /bin/sh
userid: 38000088
expiry_date: "2024-12-31"
home: /home/local_log
groups: [primary_group]
```
### Additional Functionality
The role also supports configuring passwordless authentication for the local users created.
## Role: ssh_config
### Description
This role ensures the SSH daemon on the target host has specific options configured.
### Variables
No additional variables required.
### Usage
Include the `ssh_config` role in your playbook.
```yaml
- name: Configure SSH
hosts: target_hosts
roles:
- role: MyAutomationCollection.ssh_config
```
### SSH Configuration
The role ensures the following SSH options are configured with the specified values:
- `PasswordAuthentication`: yes
- `PermitEmptyPasswords`: no
- `PermitRootLogin`: no
## Bonus Task: Dry-run (Checkmode) Support
Both roles support dry-run (checkmode) and are idempotent.
## Testing
Test the roles on a test host, such as a local VM.
## Uploading to Ansible Galaxy
While not required for this task, the collection is prepared for uploading to Ansible Galaxy or any private Automation Hub.
## Author
[Your Name]
## License
[License information]
## Acknowledgments
[Optional: Any acknowledgments or credits]

2
slococo/playground/meta/runtime.yml
View File

@ -1,2 +1,2 @@
---
requires_ansible: '>=2.15.0'
requires_ansible: '>=2.12.0'

5
slococo/playground/roles/local_accounts/meta/argument_specs.yml
View File

@ -22,10 +22,9 @@ argument_specs:
required: true
description: The user ID for the local user.
expiry_date:
type: float
type: str
required: false
default: null
description: The expiry date for the local user (in epoch).
description: The expiry date for the local user (in '%Y-%m-%d', e.g. 2024-12-31).
home:
type: path
required: false

2
slococo/playground/roles/local_accounts/tasks/main.yml
View File

@ -4,7 +4,7 @@
name: "{{ item.name }}"
shell: "{{ item.shell }}"
uid: "{{ item.userid }}"
expires: "{{ item.expiry_date | default(omit) }}"
expires: "{{ (((item.expiry_date + ' 00:00:00') | to_datetime).strftime('%s')) if item.expiry_date is defined else omit }}"
home: "{{ item.home | default(omit) }}"
groups: "{{ item.groups | default(omit) }}"
generate_ssh_key: yes

2
slococo/playground/roles/local_accounts/tests/test.yml
View File

@ -12,7 +12,7 @@
- name: test_user2
shell: /bin/zsh
userid: 1002
expiry_date: '1735689599'
expiry_date: '2024-12-31'
home: /home/test_user3
groups: docker