ansible-infra/roles/common/tasks/user.yml

22 lines
705 B
YAML
Raw Normal View History

2020-04-13 14:46:45 +02:00
---
# Create an user and add their SSH public keys
- name: Create user {{ user.name }} with no password
user:
name: "{{ user.name }}"
shell: /bin/bash
# See https://unix.stackexchange.com/questions/193066/how-to-unlock-account-for-public-key-ssh-authorization-but-not-for-password-aut/193131#193131
password: '*'
groups:
- sudo
append: yes
state: present
update_password: on_create
- name: Add SSH public keys for user {{ user.name }}
authorized_key:
user: "{{ user.name }}"
state: present
# we can pass multiple SSH keys, but they must be separated by newlines
key: "{{ user.ssh_keys | join('\n') }}"
# remove obsolete keys
exclusive: yes