Criando Usuário no linux usando ansible

Nesse artigo irei mostra uma forma de criar um usuário linux usando ansible.

 

Precisamos do ansible instalado ansible e ansible-playbook .

1 – Vamos criar dois arquivos usuários : user.yml  e de hosts: hosts-user

No arquivo de hosts “hosts-user”.

[remote_host]
#nome do host e ip do host
host_1 ansible_host=192.168.250.10  
[remote_host:vars]
ansible_user=julio 
ansible_connection=ssh 
ansible_port=22 
ansible_ssh_private_key_file=/home/julio/.ssh/id_rsa
ansible_become=yes
ansible_become_method=sudo
ansible_become=yes
#caso precise elevar privilégio com senha.
#ansible_become_pass='sua senha'

2 – Criar a senha do usuário, vamos utilizar esse utilitário “mkpasswd”

mkpasswd –method=sha-512
julio@julio:~$ mkpasswd --method=sha-512
Senha: 
$6$ubkSHSrqMhc$7Qs2Kk82H9M7s3rQcnhsGLRgptFrSeVJIWIxMZ/CoucWPXbwX3855j3nKc3g6dS0RgWiQQjUCi/4vH5h5dtz9.

3 – Criar o arquivo “user.yml”.

---
- hosts: all
  become: yes
  vars:
    - user: julio2
    - password: $6$ubkSHSrqMhc$7Qs2Kk82H9M7s3rQcnhsGLRgptFrSeVJIWIxMZ/CoucWPXbwX3855j3nKc3g6dS0RgWiQQjUCi/4vH5h5dtz9.
      #forma de criar a senha
      #mkpasswd --method=sha-512 
  tasks:
      - name: Create a login user {{ user }}
        user:
          name: "{{ user }}"
          password: "{{ password }}"
          shell: /bin/bash
          #Caso queira que ele pertença a um grupo
          # groups:
          #   - sudo
          #caso precise remover a pasta usuário mude para absent
          state: present
          #caso precise remover a pasta usuário
          #remove: yes 

      - name: Add public key to authorized_keys 
        authorized_key:
          user: "{{ user }}"
          state: present
          key: "{{ lookup('file', '/home/julio/.ssh/id_rsa.pub') }}"

      - name: Add {{ user }} to sudoers file
        ansible.builtin.lineinfile:
          path: /etc/sudoers
          regexp: '^{{ user }}'
          #sudo sem senha
          #line: '{{ user }} ALL=(ALL) NOPASSWD: ALL'
          #sudo com senha
          line: '{{ user }} ALL=(ALL) ALL'

 

Caso precise remover o usuário mudar o campo present para absent , caso queira remover o diretório home também descomente a linha remove: yes

4 – Executar o anslible.

ansible-playbook   -i hosts-user    user.yml
julio@julio:~/create-user$ ansible-playbook   -i hosts-user    user.yml  

PLAY [all] ***************************************************************************************************************************************************************************

TASK [Gathering Facts] ***************************************************************************************************************************************************************
ok: [host_1]

TASK [Create a login user julio2] ****************************************************************************************************************************************************
changed: [host_1]

TASK [Add public key to authorized_keys] *********************************************************************************************************************************************
changed: [host_1]

TASK [Add julio2 to sudoers file] ****************************************************************************************************************************************************
changed: [host_1]

PLAY RECAP ***************************************************************************************************************************************************************************
host_1                     : ok=4    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

 

Documentação de referência : https://docs.ansible.com/ansible/latest/collections/ansible/builtin/user_module.html

 

Deixe um comentário

O seu endereço de e-mail não será publicado. Campos obrigatórios são marcados com *