66643762323130663763643061333862666539633832356663663832376239326534393837356237
6532373435616636650a343532616364623864373863376166333538306130626637373235616130
38666666623932363937336532343633353732643434616536666339343630663564
+all:
+ vars:
+ users:
+ - name: alex
+ shell: /usr/bin/bash
+ authorized_keys: "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsmNM+izEWl/tIRncLIc9UFHwjL4b64VGD9ZTqeR/fEbfrhUjcQNmwHMbfF3l35OEFnPw6Afm8TzL/RwM+ePpdxj7HzZW6XBOVf258Dcs3olw/JuG8+oSvLoXUiTS1rqgNNp7RLEQN1IxYOUCreu6ju6y2WDi8Ota2vO1DpGgfHB1M6KbGBpLpZBCAKzrhI9I0y6nx6WEWWYJpcvN947oAgQRf/Bv4j9pNUATXhe14rNSWwk5lvOYZSEu7XZeg55GSzJSQjIO29F2SW8b886pB3hbRV+OFtLwWaMvsQwNp25n4wePQJX5OczKZxbN6rfjf4kuOmeGbVP3PmHa8hrmEw== alex@case"
--- /dev/null
+# Users
+
+## Initial set up
+
+This role creates users in the `sudo` group.
+`sudo` requires a password.
+
+To set your password, run `su -c 'passwd $(whoami)'`.
+
+From then on, use `sudo` for privileged actions.
+Remember to only modify the system using Ansible.
--- /dev/null
+- name: create user
+ ansible.builtin.user:
+ name: "{{ item.name }}"
+ shell: "{{ item.shell }}"
+ groups:
+ - sudo
+ loop: "{{ users }}"
+- name: create .ssh directory
+ ansible.builtin.file:
+ path: "/home/{{ item.name }}/.ssh"
+ state: directory
+ owner: "{{ item.name }}"
+ group: "{{ item.name }}"
+ loop: "{{ users }}"
+- name: set authorized keys
+ ansible.builtin.copy:
+ dest: "/home/{{ item.name }}/.ssh/authorized_keys"
+ owner: "{{ item.name }}"
+ group: "{{ item.name }}"
+ mode: '0400'
+ content: "{{ item.authorized_keys }}"
+ loop: "{{ users }}"
--- /dev/null
+---
+- hosts: all
+ roles:
+ - users
projects / infrastructure.git / commitdiff