slococo
/
ansible-playground
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Update README.md
ci/woodpecker/push/woodpecker Pipeline was successful Details

This commit is contained in:
Santiago Lo Coco 2024-04-15 16:33:08 +02:00
parent fa02e91582
commit 96c744c4d0
5 changed files with 23 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -1,3 +1,4 @@
.vscode
inventory
ansible.cfg
ansible.cfg
test.sh

24
slococo/playground/README.md
View File

@ -7,6 +7,7 @@ This Ansible collection contains two roles: `local_accounts` and `ssh_config`. T
## Requirements
- Ansible version supporting collections (`ansible-core` > 2.12)
- `community.crypto` collection
## Role: local_accounts
@ -23,6 +24,9 @@ This role configures multiple local user accounts on the target host as specifie
- `expiry_date`: Expiry date for the account (optional)
- `home`: Path for the home directory (optional)
- `groups`: List of groups the user belongs to (optional)
- `passwordless`: Enable or disable passwordless authentication (optional)
- `local_accounts_pk_path`: Path to the private key on the Ansible control node (optional)
### Usage
@ -38,23 +42,12 @@ Include the `local_accounts` role in your playbook and define the `local_users`
- name: local_adm
shell: /bin/bash
userid: 38000087
expiry_date: null
home: /home/local_adm
groups: [primary_group]
- name: local_log
shell: /bin/sh
userid: 38000088
expiry_date: "2024-12-31"
home: /home/local_log
groups: [primary_group]
```
<!-- TODO -->
<!-- ### Additional Functionality -->
<!-- The role also supports configuring passwordless authentication for the local users created. -->
## Role: ssh_config
### Description
@ -63,7 +56,14 @@ This role ensures the SSH daemon on the target host has specific options configu
### Variables
No additional variables required.
- `ssh_config_options`: Dictionary containing SSH configuration options. Each option is a key-value pair where the key represents the SSH option as found in `/etc/ssh/sshd_config`, and the value represents the desired value for that option.
Example:
```yaml
ssh_config_options:
PasswordAuthentication: 'yes'
```
### Usage

4
slococo/playground/molecule/default/converge.yml
View File

@ -4,14 +4,14 @@
become: true
pre_tasks:
- name: Update the apt cache
- name: Update the apt cache and install openssh packages
ansible.builtin.apt:
update_cache: true
name:
- openssh-server
- openssh-client
- name: Stop and Start ssh
- name: Restart ssh service
ansible.builtin.service:
name: sshd
state: restarted

6
slococo/playground/roles/local_accounts/README.md
View File

@ -1,4 +1,4 @@
Role Name
local_accounts
=========
An Ansible Role to create local user accounts.
@ -8,6 +8,7 @@ Requirements
- Ansible 2.12.0 or later
- This role requires elevated privileges. Make sure to set `become: true` when using this role.
- `community.crypto` collection
Role Variables
--------------
@ -20,6 +21,9 @@ local_accounts_list:
expiry_date: # Expiry date for the local user in the format 'YYYY-MM-DD' (optional, default: never)
home: # Home directory path for the local user (optional, default: "/home/{{ name }}")
groups: # List of groups the local user belongs to (optional, default: its own group)
passwordless: # Boolean value indicating whether SSH key pairs should be generated for passwordless authentication (optional, default: false)
local_accounts_pk_path: # Path to the private key on the Ansible control node (optional, default: "/tmp")
```
Example Playbook

5
slococo/playground/roles/ssh_config/README.md
View File

@ -1,4 +1,4 @@
Role Name
ssh_config
=========
An Ansible Role to manage SSH configuration on Linux systems.
@ -7,12 +7,11 @@ An Ansible Role to manage SSH configuration on Linux systems.
- Ansible 2.12.0 or later
- This role requires elevated privileges. Make sure to set `become: true` when using this role.
- `community.crypto` collection
## Role Variables
```yaml
options:
ssh_config_options:
PasswordAuthentication: 'yes' # Allow password authentication (default: yes)
PermitEmptyPasswords: 'no' # Permit users to have empty passwords (default: no)
PermitRootLogin: 'no' # Permit root login (default: no)