105 lines
3.1 KiB
Markdown
105 lines
3.1 KiB
Markdown
# Ansible Collection - slococo.playground
|
|
|
|
## Overview
|
|
|
|
This Ansible collection contains two roles: `local_accounts` and `ssh_config`. These roles are designed to automate the configuration of local user accounts and SSH daemon settings on target hosts.
|
|
|
|
## Requirements
|
|
|
|
- Ansible version supporting collections (`ansible-core` > 2.12)
|
|
- `community.crypto` collection
|
|
|
|
## Role: local_accounts
|
|
|
|
### Description
|
|
|
|
This role configures multiple local user accounts on the target host as specified in a list of dictionaries variable.
|
|
|
|
### Variables
|
|
|
|
- `local_users`: List of dictionaries defining each local user account with the following fields:
|
|
- `name`: Username
|
|
- `shell`: Login shell for the user
|
|
- `userid`: User ID
|
|
- `expiry_date`: Expiry date for the account (optional)
|
|
- `home`: Path for the home directory (optional)
|
|
- `groups`: List of groups the user belongs to (optional)
|
|
- `passwordless`: Enable or disable passwordless authentication (optional)
|
|
|
|
- `local_accounts_key_path`: Path to the private key on the Ansible control node (optional)
|
|
- `local_accounts_key_type`: Type of the private key used for SSH authentication (optional)
|
|
|
|
### Usage
|
|
|
|
Include the `local_accounts` role in your playbook and define the `local_users` variable accordingly.
|
|
|
|
```yaml
|
|
- name: Configure local accounts
|
|
hosts: target_hosts
|
|
roles:
|
|
- role: slococo.playground.local_accounts
|
|
vars:
|
|
local_accounts_list:
|
|
- name: local_adm
|
|
shell: /bin/bash
|
|
userid: 38000087
|
|
- name: local_log
|
|
shell: /bin/sh
|
|
userid: 38000088
|
|
expiry_date: "2024-12-31"
|
|
```
|
|
|
|
## Role: ssh_config
|
|
|
|
### Description
|
|
|
|
This role ensures the SSH daemon on the target host has specific options configured.
|
|
|
|
### Variables
|
|
|
|
- `ssh_config_options`: Dictionary containing SSH configuration options. Each option is a key-value pair where the key represents the SSH option as found in `/etc/ssh/sshd_config`, and the value represents the desired value for that option.
|
|
|
|
Example:
|
|
|
|
```yaml
|
|
ssh_config_options:
|
|
PasswordAuthentication: 'yes'
|
|
```
|
|
|
|
### Usage
|
|
|
|
Include the `ssh_config` role in your playbook.
|
|
|
|
```yaml
|
|
- name: Configure SSH
|
|
hosts: target_hosts
|
|
roles:
|
|
- role: slococo.playground.ssh_config
|
|
```
|
|
|
|
### SSH Configuration
|
|
|
|
The role ensures the following SSH options are configured with the specified values:
|
|
|
|
- `PasswordAuthentication`: yes
|
|
- `PermitEmptyPasswords`: no
|
|
- `PermitRootLogin`: no
|
|
|
|
## Molecule testing
|
|
|
|
This collection includes Molecule tests to ensure the correctness of the roles. Molecule is a testing framework for Ansible roles.
|
|
|
|
### Prerequisites
|
|
|
|
Before running the Molecule tests, ensure that Molecule is installed. You can find installation instructions in the [official Molecule documentation](https://molecule.readthedocs.io/en/latest/installation.html).
|
|
|
|
### Running tests
|
|
|
|
Once Molecule is installed, you can run the tests by executing the following command in the root directory of the collection:
|
|
|
|
```bash
|
|
molecule test
|
|
```
|
|
|
|
This command will run both roles (`local_accounts` and `ssh_config`) in a Docker container, simulating real-world scenarios.
|