From: Jakub Czajka Date: Mon, 16 Oct 2023 23:29:52 +0000 (+0200) Subject: Create necessary system users. X-Git-Url: https://git.ekhem.eu.org/?a=commitdiff_plain;h=9771e762a2f254fca6483e57be4ac297d96c7606;p=turnup.git Create necessary system users. --- diff --git a/README b/README index 8405adf..6226871 100644 --- a/README +++ b/README @@ -3,10 +3,18 @@ turnup Automation scripts for turning up system configuration. +Install +------- + +``` +ansible-galaxy collection install ansible.posix +``` + Instructions ------------ ``` ansible-playbook turnup.yaml --extra-vars @.yaml \ + --extra-vars ssh_key= \ --extra-vars key_file= --ask-vault-password ``` diff --git a/turnup.yaml b/turnup.yaml index 4f13818..39ef558 100644 --- a/turnup.yaml +++ b/turnup.yaml @@ -1,6 +1,9 @@ # Copyright (c) 2023 Jakub Czajka # License: GPL-3.0 or later. +- name: Ensure necessary users exist + import_playbook: users.yaml + - hosts: servers vars_files: - sources.yaml diff --git a/users.yaml b/users.yaml new file mode 100644 index 0000000..16081f5 --- /dev/null +++ b/users.yaml @@ -0,0 +1,32 @@ +# Copyright (c) 2023 Jakub Czajka +# License: GPL-3.0 or later. + +- hosts: servers + tasks: + - name: Install git + package: + name: + - git + state: latest + become: yes + - name: Ensure user git exists + user: + name: "git" + become: yes + - name: Copy the SSH key for user git + authorized_key: + user: "git" + state: present + key: "{{ lookup('file', '{{ ssh_key }}') }}" + key_options: > + "no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty" + become: true + - name: Ensure git uses the git-web shell + user: + name: "git" + shell: "/usr/bin/git-shell" + become: yes + - name: Ensure user opendkim exists + user: + name: "opendkim" + become: yes