Marty Oehme
996560410e
This should allow just having a general 'target' system for ansible which will take all the modifications - but not care whether we connect to it locally (i.e. running from void) or through chroot. We can set the connection method for the specific system(s) in whatever we group as part of the target group then. For local installation we simply add locally connected hosts and for chroot set up chrooted hosts.
38 lines
929 B
YAML
38 lines
929 B
YAML
- name: Set up primary user
|
|
hosts: target_system
|
|
become: true
|
|
vars:
|
|
user_name: marty
|
|
user_pass: marty
|
|
user_shell: zsh
|
|
user_groups:
|
|
- wheel
|
|
- _seatd # TODO: This will error if it does not exist (seatd not installed)
|
|
- audio
|
|
- dialout
|
|
- disk
|
|
- input
|
|
- kvm
|
|
- lp
|
|
- plugdev
|
|
- scanner
|
|
- storage
|
|
- usbmon
|
|
- video
|
|
|
|
tasks:
|
|
- name: Enable sudo for "wheel" group
|
|
ansible.builtin.lineinfile:
|
|
path: "/etc/sudoers"
|
|
regexp: '^# %wheel ALL=(ALL) ALL$'
|
|
line: '%wheel ALL=(ALL) ALL'
|
|
|
|
- name: Add user
|
|
ansible.builtin.user:
|
|
name: "{{ user_name }}"
|
|
password: "{{ user_pass | password_hash('sha512', 'supersecretsalt') }}"
|
|
create_home: true
|
|
shell: "/bin/{{ user_shell }}"
|
|
group: "{{ user_name }}"
|
|
groups: "{{ user_groups }}"
|
|
generate_ssh_key: true
|