server_automation
This repo is destined for my server automations and setup.
6.5 KB•YML
user.yml
6.5 KB • 156 lines • yaml
1---
2# ============================================================================
3# User Management Playbook - Dynamic Host Targeting
4# ============================================================================
5#
6# This playbook installs and configures users on target servers with
7# dynamic host targeting via variables. Perfect for quick user setup
8# on any server in your homelab.
9#
10# ============================================================================
11
12- name: "User Management - Dynamic Host Targeting"
13 hosts: "{{ target_host | default('localhost') }}"
14 become: true
15 gather_facts: true
16
17 # Variable mapping for role compatibility
18 vars:
19 # Create user yannick (connects as ansible, creates yannick)
20 my_user_username: yannick
21 my_user_groups: "{{ user_groups | default(['docker', 'sudo']) }}"
22 my_user_ssh_public_key: "{{ user_ssh_keys[0] | default('') if user_ssh_keys is defined and user_ssh_keys|length > 0 else '' }}"
23
24 # Load configuration from group_vars and host_vars
25 # Override with command line variables as needed
26
27 pre_tasks:
28 - name: Validate target_host variable is provided
29 fail:
30 msg: |
31 ERROR: target_host variable is required
32
33 Usage examples:
34 ansible-playbook user.yml -e target_host=192.168.1.100
35 ansible-playbook user.yml -e target_host=my-server
36 ansible-playbook user.yml -e target_host=homeassistant
37 ansible-playbook user.yml -e target_host=all
38
39 Available hosts in inventory:
40 {{ groups['all'] | join(', ') }}
41 when: target_host is not defined
42 tags: always
43
44 - name: Display deployment information
45 debug:
46 msg: |
47 ============================================================================
48 User Management Deployment Starting
49 ============================================================================
50 Target Host: {{ inventory_hostname }}
51 Target IP: {{ ansible_default_ipv4.address | default('Unknown') }}
52 OS: {{ ansible_distribution | default('Unknown') }} {{ ansible_distribution_version | default('') }}
53 Architecture: {{ ansible_architecture | default('Unknown') }}
54 User to Create: {{ my_user_username }}
55 User Groups: {{ my_user_groups | join(', ') }}
56 SSH Keys: {{ 'Configured' if my_user_ssh_public_key | length > 0 else 'Not configured' }}
57 ============================================================================
58 tags: always
59
60 - name: Verify sudo access
61 command: whoami
62 become: true
63 register: sudo_check
64 changed_when: false
65 failed_when: sudo_check.stdout != "root"
66 tags: always
67
68 # ============================================================================
69 # USER ROLE EXECUTION
70 # ============================================================================
71
72 roles:
73 - role: user
74 tags: [user, setup, configuration]
75
76 # ============================================================================
77 # POST-INSTALLATION VALIDATION
78 # ============================================================================
79
80 post_tasks:
81 - name: Validate user creation
82 block:
83 - name: Check if user exists
84 user:
85 name: "{{ my_user_username }}"
86 register: user_check
87 failed_when: false
88
89 - name: Verify user groups
90 command: "groups {{ my_user_username }}"
91 register: groups_check
92 changed_when: false
93
94 - name: Check SSH key installation
95 stat:
96 path: "/home/{{ my_user_username }}/.ssh/authorized_keys"
97 register: ssh_keys_check
98 when: my_user_ssh_public_key | length > 0
99
100 - name: Test sudo access
101 command: "sudo -u {{ my_user_username }} whoami"
102 register: sudo_test
103 changed_when: false
104 when: "'sudo' in my_user_groups"
105
106 tags: [validation, user]
107
108 - name: Display installation summary
109 debug:
110 msg: |
111 ============================================================================
112 User Management Complete!
113 ============================================================================
114
115 ð¤ User Information:
116 Username: {{ my_user_username }}
117 Home Directory: /home/{{ my_user_username }}
118 Shell: {{ user_shell | default('/bin/bash') }}
119 Groups: {{ groups_check.stdout | default('Unknown') }}
120
121 ð Access Configuration:
122 SSH Access: {{ 'Enabled' if ssh_keys_check.stat.exists | default(false) else 'No keys configured' }}
123 Sudo Access: {{ 'Enabled (passwordless)' if "'sudo' in my_user_groups" else 'Disabled' }}
124 Docker Access: {{ 'Enabled' if "'docker' in my_user_groups" else 'Disabled' }}
125
126 ð System Information:
127 Target Host: {{ inventory_hostname }}
128 IP Address: {{ ansible_default_ipv4.address | default('Unknown') }}
129 OS: {{ ansible_distribution | default('Unknown') }} {{ ansible_distribution_version | default('') }}
130
131 ð§ Validation Results:
132 User Created: {{ 'â Success' if user_check.name is defined else 'â Failed' }}
133 Groups Assigned: {{ 'â Success' if groups_check.rc == 0 else 'â Failed' }}
134 SSH Keys: {{ 'â Installed' if ssh_keys_check.stat.exists | default(false) else 'â¹ Not configured' }}
135 Sudo Test: {{ 'â Working' if sudo_test.stdout == my_user_username else 'â¹ Not tested' }}
136
137 ð¡ Usage Examples:
138 SSH Login: ssh {{ my_user_username }}@{{ ansible_default_ipv4.address | default(inventory_hostname) }}
139 Switch User: sudo su - {{ my_user_username }}
140 Docker Commands: docker ps (if user in docker group)
141
142 ð Next Steps:
143 1. Test SSH access with your private key
144 2. Configure additional SSH keys if needed
145 3. Set up user-specific configurations (dotfiles, etc.)
146 4. Add to additional groups if required
147
148 â ï¸ Important Notes:
149 - SSH key authentication is recommended over password
150 - Keep user credentials secure
151 - Review group memberships for appropriate permissions
152 - Consider setting up user-specific backup strategies
153
154 ============================================================================
155 tags: always
156