- name: "Playing with Ansible and Git" hosts: test remote_user: phil become: yes become_method: su become_user: root vars: users: -username: "william" tasks: - name: Install the latest version dimidecode package: name=dmidecode state=latest - name: Install the latest libselinux-python a SeLinux Python libarary to allow sudo permissions package: name=libselinux-python state=latest - name: Ensure group "tig_sysadmin" exists with correct gid group: name: tig_sysadmin state: present gid: 2001 - name: Ensure group "tig_app" exists with correct gid group: name: tig_app state: present gid: 2002 - name: Ensure group "tig_webapp" exists with correct gid group: name: tig_webapp state: present gid: 2003 - name: Ensure group "tig_logview" exists with correct gid group: name: tig_logview state: present gid: 2004 - name: Create a login user for william user: name: william #Generate with "mkpasswd william@trade-ideas2050 --method=sha-512" password: '$6$zkv3jsFT/on4GgO$Fye0yWgtwNswdA8l7aBfa.RAmLYqzPPwzCQIXmTYZ8AaKD3.VNYyFbrPQsyEw998f5a5usIED/nkkcwUMtRNn1' groups: tig_logview, wheel # Empty by default. uid: 1505 state: present shell: /bin/bash # Defaults to /bin/bash system: no # Defaults to no home: /home/william # Defaults to /home/ - name: Deploy SSH Key authorized_key: user=william key="{{ lookup('file', 'files/william_ssh_pubic.key') }}" state=present - name: Add provision user to the sudoers copy: dest: "/etc/sudoers.d/william" content: | Cmnd_Alias WILLIAM_CMDS = /usr/sbin/dmidecode, /home/william/server_config.sh william ALL= NOPASSWD: WILLIAM_CMDS - name: Copy server_config.sh file copy: src: files/server_config.sh dest: /home/william force: yes mode: '0775' owner: william group: william