--- # Copyright 2019 Red Hat, Inc. # All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. - name: create user {{ tripleo_admin_user }} user: name: '{{ tripleo_admin_user }}' generate_ssh_key: '{{ tripleo_admin_generate_key }}' - name: grant admin rights to user {{ tripleo_admin_user }} copy: dest: /etc/sudoers.d/{{ tripleo_admin_user }} content: | {{ tripleo_admin_user }} ALL=(ALL) NOPASSWD:ALL mode: 0440 - name: ensure .ssh dir exists for user {{ tripleo_admin_user }} file: path: /home/{{ tripleo_admin_user }}/.ssh state: directory owner: '{{ tripleo_admin_user }}' group: '{{ tripleo_admin_user }}' mode: 0700 - name: ensure authorized_keys file exists for user {{ tripleo_admin_user }} file: path: /home/{{ tripleo_admin_user }}/.ssh/authorized_keys state: touch owner: '{{ tripleo_admin_user }}' group: '{{ tripleo_admin_user }}' mode: 0600 - name: get remote {{ tripleo_admin_user }} public key slurp: src: /home/{{ tripleo_admin_user }}/.ssh/id_rsa.pub register: key when: - tripleo_admin_generate_key | bool - name: append {{ tripleo_admin_user }} public key to authorized_keys lineinfile: path: /home/{{ tripleo_admin_user }}/.ssh/authorized_keys line: "{{ key['content'] | b64decode }}" state: present owner: '{{ tripleo_admin_user }}' group: '{{ tripleo_admin_user }}' mode: 0600 when: - tripleo_admin_generate_key | bool