slococo
/
ansible-playground
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
ansible-playground/slococo/playground/README.md

3.1 KiB
Raw Blame History

Ansible Collection - slococo.playground

Overview

This Ansible collection contains two roles: local_accounts and ssh_config. These roles are designed to automate the configuration of local user accounts and SSH daemon settings on target hosts.

Requirements

  • Ansible version supporting collections (ansible-core > 2.12)
  • community.crypto collection

Role: local_accounts

Description

This role configures multiple local user accounts on the target host as specified in a list of dictionaries variable.

Variables

  • local_users: List of dictionaries defining each local user account with the following fields:

    • name: Username
    • shell: Login shell for the user
    • userid: User ID
    • expiry_date: Expiry date for the account (optional)
    • home: Path for the home directory (optional)
    • groups: List of groups the user belongs to (optional)
    • passwordless: Enable or disable passwordless authentication (optional)

  • local_accounts_key_path: Path to the private key on the Ansible control node (optional)

  • local_accounts_key_type: Type of the private key used for SSH authentication (optional)

Usage

Include the local_accounts role in your playbook and define the local_users variable accordingly.

- name: Configure local accounts
  hosts: target_hosts
  roles:
    - role: slococo.playground.local_accounts
      vars:
        local_accounts_list:
          - name: local_adm
            shell: /bin/bash
            userid: 38000087
          - name: local_log
            shell: /bin/sh
            userid: 38000088
            expiry_date: "2024-12-31"

Role: ssh_config

Description

This role ensures the SSH daemon on the target host has specific options configured.

Variables

  • ssh_config_options: Dictionary containing SSH configuration options. Each option is a key-value pair where the key represents the SSH option as found in /etc/ssh/sshd_config, and the value represents the desired value for that option.

Example:

ssh_config_options:
  PasswordAuthentication: 'yes'

Usage

Include the ssh_config role in your playbook.

- name: Configure SSH
  hosts: target_hosts
  roles:
    - role: slococo.playground.ssh_config

SSH Configuration

The role ensures the following SSH options are configured with the specified values:

  • PasswordAuthentication: yes
  • PermitEmptyPasswords: no
  • PermitRootLogin: no

Molecule testing

This collection includes Molecule tests to ensure the correctness of the roles. Molecule is a testing framework for Ansible roles.

Prerequisites

Before running the Molecule tests, ensure that Molecule is installed. You can find installation instructions in the official Molecule documentation.

Running tests

Once Molecule is installed, you can run the tests by executing the following command in the root directory of the collection:

molecule test

This command will run both roles (local_accounts and ssh_config) in a Docker container, simulating real-world scenarios.