본문 바로가기

리눅스

[Ansible ] 일반 계정 생성

반응형

ANSIBLE 일반 계정 생성

 

: 일반 계정 생성

  --- 패스워드 설정, SSH 키, sudoer 등록

initialize_basic_user.yml 편집

vi initialize_basic_user.yml
---
- hosts: 192.168.56.111
  remote_user: root
  vars:
    NORMAL_USER_NAME: 'devops5'
  tasks:
    - name: "Create a secondary, non-root user"
      user: name={{ NORMAL_USER_NAME }}
            password='$6$fiyFUkCW$Eb46egUj8Ta1OqMTZfZUmXV2TxIGeKjlMXTZWdRXV0n99aY97yhLEe8LHjpfRSoLKNHJCiKIpQjr/bklT2C9I1'
            shell=/bin/bash

    - name: Add remote authorized key to allow future passwordless logins
      authorized_key: user={{ NORMAL_USER_NAME }} key="{{ lookup('file', '.ssh/id_rsa.pub') }}"
      #authorized_key: user={{ NORMAL_USER_NAME }} key="{{ lookup('file', '/home/{{ NORMAL_USER_NAME }}/.ssh/id_rsa.pub') }}"

    - name: Add normal user to sudoers
      lineinfile: dest=/etc/sudoers
                  regexp="{{ NORMAL_USER_NAME }} ALL"
                  line="{{ NORMAL_USER_NAME }} ALL=(ALL) NOPASSWD:ALL"
                  state=present

ansible-playbook 실행

ansible-playbook --ask-pass -u root initialize_basic_user.yml
$ tree -a
.
├── .ssh
│   ├── id_rsa
│   └── id_rsa.pub
└── initialize_basic_user.yml

a_useradd.yml 편집

vi a_useradd.yml
---
- hosts: 192.168.56.111,192.168.56.112,192.168.56.113
  remote_user: root
  vars:
    USER_NAME: 'devops5'
  tasks:
    - name: "new account"
      user: name={{ USER_NAME }}
            password='$6$r8QrZkp/$nyrCAy3TQVrnHOO7wn0cAhqpgsJUnOOo1r9OLwhjPSaUzEP6yvYNXVC/QR.lLPMZc3bcf3A1Az2QjUsXpWIv41'
            #password : P@ssw0rd

ansible-playbook 실행

 

ansible-playbook --ask-pass -u root a_useradd.yml

 

참고URL

- https://www.linode.com/docs/applications/configuration-management/getting-started-with-ansible

 

728x90
반응형