-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbootstrap.yml
77 lines (64 loc) · 2.45 KB
/
bootstrap.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
---
- hosts: localhost
name: Santity check
gather_facts: no
become: yes
vars:
_bootstrap_initial_user: "{{ bootstrap_initial_user | default('root') }}"
_bootstrap_initial_password: "{{ bootstrap_initial_password }}"
_bootstrap_ip: "{{ bootstrap_ip }}"
_bootstrap_user: "{{ bootstrap_user | lower | default('deploy', true) }}"
_bootstrap_password: "{{ bootstrap_encrypted_password| default('*', true) }}"
_bootstrap_key: "{{ bootstrap_key }}"
tasks:
- name: Sanity check- Check password
fail: msg="Error. This play requires 'bootstrap_encrypted_password'"
when: _bootstrap_password is not defined
- name: Sanity check- Check public key
fail: msg="Error. This play requires 'bootstrap_key'"
when: _bootstrap_key is not defined
- name: Sanity check- Check initial password
fail: msg="Error. This play requires 'bootstrap_initial_password'"
when: _bootstrap_initial_password is not defined
- name: Sanity check- Check ip
fail: msg="Error. This play requires 'bootstrap_ip'"
when: _bootstrap_ip is not defined
- name: Add new host to inventory
add_host:
hostname: "{{ _bootstrap_ip }}"
groupname: "new_hosts"
- hosts: new_hosts
name: Deploy bootstrap user on hosts
gather_facts: no
become: yes
vars:
_bootstrap_initial_user: "{{ bootstrap_initial_user | default('root') }}"
_bootstrap_initial_password: "{{ bootstrap_initial_password }}"
_bootstrap_ip: "{{ bootstrap_ip }}"
_bootstrap_user: "{{ bootstrap_user | lower | default('deploy', true) }}"
_bootstrap_password: "{{ bootstrap_encrypted_password| default('*', true) }}"
_bootstrap_key: "{{ bootstrap_key }}"
ansible_host: "{{ _bootstrap_ip }}"
ansible_user: "{{ _bootstrap_initial_user }}"
ansible_password: "{{ _bootstrap_initial_password }}"
tasks:
- name: Add new user
ansible.builtin.user:
name: "{{ _bootstrap_user }}"
password: "{{ _bootstrap_password }}"
comment: "Deploy user"
update_password: on_create
- name: Add user to the sudoers
ansible.builtin.template:
src: "templates/sudoers"
dest: "/etc/sudoers.d/{{ _bootstrap_user }}"
- name: Deploy SSH Key
ansible.posix.authorized_key:
user: "{{ _bootstrap_user }}"
key: "{{ _bootstrap_key }}"
state: present
- hosts: new_hosts
name: Check connectivity
gather_facts: yes
vars:
ansible_user: "{{ bootstrap_user | lower | default('deploy', true) }}"