Ansible Server Manager User Role

• Ansible Server Manager User Role
  • Introduction
  • Intent
  • Requirements
  • Getting Started
    • Install in playbook
    • Define required variables
  • Role Variables
  • Dependencies
  • Examples
    • Example Playbook
    • Advanced Example

Introduction

A really simple ansible role to create sysadmin user on the remote system for accessing via ansible.

Intent

When working with ansible-playbooks, I usually access the server's via a custom ansible user. This user is only used by ansible.
Other users of the system get their own users. This ensures better logging and user management.

Requirements

None.

Getting Started

Install in playbook

• Using global ansible galaxy: ansible-galaxy install diffy0712.sysadmin_user_manager
• Using ansible galaxy requirements.yml: Add to requirements.yml:

---
roles:
  - 'diffy0712.sysadmin_user_manager'

Then run ansible-galaxy install -r requirements.yml -p roles

• Using git: git clone git@github.com:diffy0712/ansible-role-sysadmin-user-manager.git

Define required variables

Define the folliwing variables:

sysadmin_password: example
sysadmin_keys: 
  - yourpublickey

Thats it.

Role Variables

Available variables are listed below, along with default values (see defaults/main.yml):

Variable (default value)	Description	Default Value
sysadmin_user	The user's name	sysadmin
sysadmin_password	The user's password	astrongpasswordfromavaultfile
sysadmin_keys	An array of public keys the user should have authorized.	[somekey, otherkey]
sysadmin_issudoer	Add user as sudoer	yes
sysadmin_files	List of files or directory to copy to remote for the user. eg: dotfiles	{file: ./files/.bashrc, dest: /home/ansible/.bashrc}[]

Dependencies

No dependencies.

Examples

Example Playbook

Using roles

---
- hosts: all
  vars:
    - sysadmin_password: example
    - sysadmin_keys: 
        - yourpublickey
  roles:
      - role: diffy0712.sysadmin_user_manager

Using include_role

---
- hosts: all
  vars:
    - sysadmin_password: "{{ 'example'|password_hash('sha512','somesalt') }}"
    - sysadmin_keys: 
        - yourpublickey
  tasks:
    - name: Print a message
      ansible.builtin.debug:
        msg: "this task runs before the example role"

    - name: Include sysadmin-user-manager role
      include_role:
        name: diffy0712.sysadmin_user_manager

Advanced Example

---
- hosts: all
  vars:
    - sysadmin_user: ansible
    - sysadmin_password: "{{ 'example'|password_hash('sha512','somesalt') }}"
    - sysadmin_shell: '/bin/bash'
    - sysadmin_issudoer: yes
    - sysadmin_keys: 
        - yourpublickey
    - sysadmin_files:
        - file: ./files/.bashrc
          dest: /home/ansible/.bashrc
        - file: ./files/test.txt
          dest: /home/ansible/test.txt
  roles:
      - role: diffy0712.sysadmin_user_manager