Use the singleplatform-eng.users role to create the kayobe ansible user

2017-09-08 16:06:41 +00:00 · 2017-09-08 16:06:41 +00:00 · 1216fec5e3
commit 1216fec5e3
parent 287acd1f92
1 changed files with 16 additions and 24 deletions
--- a/ansible/kayobe-ansible-user.yml
+++ b/ansible/kayobe-ansible-user.yml
@ -3,28 +3,20 @@
  hosts: seed:overcloud
  vars:
    ansible_user: "{{ bootstrap_user }}"
-  tasks:
+  roles:
-    - block:
+    - role: singleplatform-eng.users
-        - name: Ensure the Kayobe Ansible group exists
+      users:
-          group:
+        - username: "{{ kayobe_ansible_user }}"
-            name: "{{ kayobe_ansible_user }}"
+          name: Kayobe deployment user
-            state: present
+          append: True
-
+          ssh_key:
-        - name: Ensure the Kayobe Ansible user account exists
+            - "{{ lookup('file', ssh_public_key_path) }}"
-          user:
+      become: True
-            name: "{{ kayobe_ansible_user }}"
+
-            group: "{{ kayobe_ansible_user }}"
+  post_tasks:
-            comment: "Kayobe Ansible SSH access"
+    - name: Ensure the Kayobe Ansible user has passwordless sudo
-            state: present
+      copy:
-
+        content: "{{ kayobe_ansible_user }} ALL=(ALL) NOPASSWD: ALL"
-        - name: Ensure the Kayobe Ansible user has passwordless sudo
+        dest: "/etc/sudoers.d/kayobe-ansible-user"
-          copy:
+        mode: 0440
            content: "{{ kayobe_ansible_user }} ALL=(ALL) NOPASSWD: ALL"
            dest: "/etc/sudoers.d/kayobe-ansible-user"
            mode: 0440
        - name: Ensure the Kayobe Ansible user has authorized our SSH key
          authorized_key:
            user: "{{ kayobe_ansible_user }}"
            key: "{{ lookup('file', ssh_public_key_path) }}"
      become: True