|
|
@@ -1,29 +1,23 @@
|
|
|
- name: create users in webserver
|
|
|
- hosts: webservers
|
|
|
+ hosts: webservers,database
|
|
|
gather_facts: no
|
|
|
become: true
|
|
|
vars_files:
|
|
|
- secret.yml
|
|
|
- user_list.yml
|
|
|
tasks:
|
|
|
- - name: create user
|
|
|
+ - name: create webserver user
|
|
|
user:
|
|
|
name: "{{ item.username }}"
|
|
|
uid: "{{ item.uid }}"
|
|
|
+ groups: wheel
|
|
|
+ password: "{{ user_password | password_hash ('sha512') }}"
|
|
|
+ update_password: on_create
|
|
|
+ when: (( item.uid >= 1000) and ( item.uid < 2000) and 'webservers' in group_names) or (( item.uid >= 2000) and ( item.uid < 3000 ) and 'database' in group_names)
|
|
|
loop: "{{ users }}"
|
|
|
- when: ( item.uid >= 1000) and ( item.uid < 2000)
|
|
|
-
|
|
|
-- name: create users in database
|
|
|
- hosts: database
|
|
|
- gather_facts: no
|
|
|
- become: true
|
|
|
- vars_files:
|
|
|
- - secret.yml
|
|
|
- - user_list.yml
|
|
|
- tasks:
|
|
|
- - name: create user
|
|
|
- user:
|
|
|
- name: "{{ item.username }}"
|
|
|
- uid: "{{ item.uid }}"
|
|
|
+ - name: ssh keys exists in mngd hosts
|
|
|
+ authorized_key:
|
|
|
+ user: "{{ item.username }}"
|
|
|
+ key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
|
|
|
+ state: present
|
|
|
loop: "{{ users }}"
|
|
|
- when: ( item.uid >= 2000) and ( item.uid < 3000)
|
