diff options
author | Trygve Laugstøl <trygvis@inamo.no> | 2018-04-10 09:04:50 +0200 |
---|---|---|
committer | Trygve Laugstøl <trygvis@inamo.no> | 2018-04-10 09:04:50 +0200 |
commit | 0f9a79c433f26ef12c8e22a97c41d755ce3b8590 (patch) | |
tree | c299531781d3a2c1d423f4eb4c402012dc45a5c3 /ansible/roles | |
parent | 9e31be4a459959ced8ca47f88360f63088775945 (diff) | |
download | infra-0f9a79c433f26ef12c8e22a97c41d755ce3b8590.tar.gz infra-0f9a79c433f26ef12c8e22a97c41d755ce3b8590.tar.bz2 infra-0f9a79c433f26ef12c8e22a97c41d755ce3b8590.tar.xz infra-0f9a79c433f26ef12c8e22a97c41d755ce3b8590.zip |
o Adding numquam and superusers role.
Diffstat (limited to 'ansible/roles')
-rw-r--r-- | ansible/roles/superusers/tasks/main.yml | 30 | ||||
-rw-r--r-- | ansible/roles/timezone/tasks/main.yml | 3 |
2 files changed, 32 insertions, 1 deletions
diff --git a/ansible/roles/superusers/tasks/main.yml b/ansible/roles/superusers/tasks/main.yml new file mode 100644 index 0000000..3a1e974 --- /dev/null +++ b/ansible/roles/superusers/tasks/main.yml @@ -0,0 +1,30 @@ +--- +- name: superuser accounts + tags: superusers + become: yes + user: + name: "{{ item.username }}" + groups: sudo,systemd-journal + shell: /bin/bash + append: yes + with_items: + - "{{ superusers }}" + +- name: superuser authorized_keys + tags: superusers + become: yes + authorized_key: + user: "{{ item.username }}" + state: "{{ item.state }}" + key: "{{ users[item.username].authorized_keys }}" + with_items: + - "{{ superusers }}" + +- name: Allow 'sudo' group to have passwordless sudo + tags: superusers + become: yes + lineinfile: + dest: /etc/sudoers + state: present + regexp: '^%sudo' + line: '%sudo ALL=(ALL) NOPASSWD: ALL' diff --git a/ansible/roles/timezone/tasks/main.yml b/ansible/roles/timezone/tasks/main.yml index e60de32..0a7744a 100644 --- a/ansible/roles/timezone/tasks/main.yml +++ b/ansible/roles/timezone/tasks/main.yml @@ -2,7 +2,8 @@ - tags: - timezone block: - - file: + - become: yes + file: src: /usr/share/zoneinfo/Europe/Oslo dest: /etc/localtime state: link |