server_automation

This repo is destined for my server automations and setup.

6.5 KB•YML

user.yml

6.5 KB • 156 lines • yaml

1---
2# ============================================================================
3# User Management Playbook - Dynamic Host Targeting
4# ============================================================================
5#
6# This playbook installs and configures users on target servers with 
7# dynamic host targeting via variables. Perfect for quick user setup
8# on any server in your homelab.
9#
10# ============================================================================
11
12- name: "User Management - Dynamic Host Targeting"
13  hosts: "{{ target_host | default('localhost') }}"
14  become: true
15  gather_facts: true
16  
17  # Variable mapping for role compatibility
18  vars:
19    # Create user yannick (connects as ansible, creates yannick)
20    my_user_username: yannick
21    my_user_groups: "{{ user_groups | default(['docker', 'sudo']) }}"
22    my_user_ssh_public_key: "{{ user_ssh_keys[0] | default('') if user_ssh_keys is defined and user_ssh_keys|length > 0 else '' }}"
23  
24  # Load configuration from group_vars and host_vars
25  # Override with command line variables as needed
26
27  pre_tasks:
28    - name: Validate target_host variable is provided
29      fail:
30        msg: |
31          ERROR: target_host variable is required
32          
33          Usage examples:
34            ansible-playbook user.yml -e target_host=192.168.1.100
35            ansible-playbook user.yml -e target_host=my-server
36            ansible-playbook user.yml -e target_host=homeassistant
37            ansible-playbook user.yml -e target_host=all
38          
39          Available hosts in inventory:
40          {{ groups['all'] | join(', ') }}
41      when: target_host is not defined
42      tags: always
43
44    - name: Display deployment information
45      debug:
46        msg: |
47          ============================================================================
48          User Management Deployment Starting
49          ============================================================================
50          Target Host: {{ inventory_hostname }}
51          Target IP: {{ ansible_default_ipv4.address | default('Unknown') }}
52          OS: {{ ansible_distribution | default('Unknown') }} {{ ansible_distribution_version | default('') }}
53          Architecture: {{ ansible_architecture | default('Unknown') }}
54          User to Create: {{ my_user_username }}
55          User Groups: {{ my_user_groups | join(', ') }}
56          SSH Keys: {{ 'Configured' if my_user_ssh_public_key | length > 0 else 'Not configured' }}
57          ============================================================================
58      tags: always
59
60    - name: Verify sudo access
61      command: whoami
62      become: true
63      register: sudo_check
64      changed_when: false
65      failed_when: sudo_check.stdout != "root"
66      tags: always
67
68  # ============================================================================
69  # USER ROLE EXECUTION
70  # ============================================================================
71  
72  roles:
73    - role: user
74      tags: [user, setup, configuration]
75
76  # ============================================================================
77  # POST-INSTALLATION VALIDATION
78  # ============================================================================
79
80  post_tasks:
81    - name: Validate user creation
82      block:
83        - name: Check if user exists
84          user:
85            name: "{{ my_user_username }}"
86          register: user_check
87          failed_when: false
88
89        - name: Verify user groups
90          command: "groups {{ my_user_username }}"
91          register: groups_check
92          changed_when: false
93
94        - name: Check SSH key installation
95          stat:
96            path: "/home/{{ my_user_username }}/.ssh/authorized_keys"
97          register: ssh_keys_check
98          when: my_user_ssh_public_key | length > 0
99
100        - name: Test sudo access
101          command: "sudo -u {{ my_user_username }} whoami"
102          register: sudo_test
103          changed_when: false
104          when: "'sudo' in my_user_groups"
105
106      tags: [validation, user]
107
108    - name: Display installation summary
109      debug:
110        msg: |
111          ============================================================================
112          User Management Complete!
113          ============================================================================
114          
115          ð¤ User Information:
116             Username: {{ my_user_username }}
117             Home Directory: /home/{{ my_user_username }}
118             Shell: {{ user_shell | default('/bin/bash') }}
119             Groups: {{ groups_check.stdout | default('Unknown') }}
120          
121          ð Access Configuration:
122             SSH Access: {{ 'Enabled' if ssh_keys_check.stat.exists | default(false) else 'No keys configured' }}
123             Sudo Access: {{ 'Enabled (passwordless)' if "'sudo' in my_user_groups" else 'Disabled' }}
124             Docker Access: {{ 'Enabled' if "'docker' in my_user_groups" else 'Disabled' }}
125          
126          ð System Information:
127             Target Host: {{ inventory_hostname }}
128             IP Address: {{ ansible_default_ipv4.address | default('Unknown') }}
129             OS: {{ ansible_distribution | default('Unknown') }} {{ ansible_distribution_version | default('') }}
130          
131          ð§ Validation Results:
132             User Created: {{ 'â Success' if user_check.name is defined else 'â Failed' }}
133             Groups Assigned: {{ 'â Success' if groups_check.rc == 0 else 'â Failed' }}
134             SSH Keys: {{ 'â Installed' if ssh_keys_check.stat.exists | default(false) else 'â¹ Not configured' }}
135             Sudo Test: {{ 'â Working' if sudo_test.stdout == my_user_username else 'â¹ Not tested' }}
136          
137          ð¡ Usage Examples:
138             SSH Login: ssh {{ my_user_username }}@{{ ansible_default_ipv4.address | default(inventory_hostname) }}
139             Switch User: sudo su - {{ my_user_username }}
140             Docker Commands: docker ps (if user in docker group)
141          
142          ð Next Steps:
143             1. Test SSH access with your private key
144             2. Configure additional SSH keys if needed
145             3. Set up user-specific configurations (dotfiles, etc.)
146             4. Add to additional groups if required
147          
148          â ï¸  Important Notes:
149             - SSH key authentication is recommended over password
150             - Keep user credentials secure
151             - Review group memberships for appropriate permissions
152             - Consider setting up user-specific backup strategies
153          
154          ============================================================================
155      tags: always
156

1--- 2# ============================================================================ 3# User Management Playbook - Dynamic Host Targeting 4# ============================================================================ 5# 6# This playbook installs and configures users on target servers with 7# dynamic host targeting via variables. Perfect for quick user setup 8# on any server in your homelab. 9# 10# ============================================================================ 11 12- name: "User Management - Dynamic Host Targeting" 13 hosts: "{{ target_host | default('localhost') }}" 14 become: true 15 gather_facts: true 16 17 # Variable mapping for role compatibility 18 vars: 19 # Create user yannick (connects as ansible, creates yannick) 20 my_user_username: yannick 21 my_user_groups: "{{ user_groups | default(['docker', 'sudo']) }}" 22 my_user_ssh_public_key: "{{ user_ssh_keys[0] | default('') if user_ssh_keys is defined and user_ssh_keys|length > 0 else '' }}" 23 24 # Load configuration from group_vars and host_vars 25 # Override with command line variables as needed 26 27 pre_tasks: 28 - name: Validate target_host variable is provided 29 fail: 30 msg: | 31 ERROR: target_host variable is required 32 33 Usage examples: 34 ansible-playbook user.yml -e target_host=192.168.1.100 35 ansible-playbook user.yml -e target_host=my-server 36 ansible-playbook user.yml -e target_host=homeassistant 37 ansible-playbook user.yml -e target_host=all 38 39 Available hosts in inventory: 40 {{ groups['all'] | join(', ') }} 41 when: target_host is not defined 42 tags: always 43 44 - name: Display deployment information 45 debug: 46 msg: | 47 ============================================================================ 48 User Management Deployment Starting 49 ============================================================================ 50 Target Host: {{ inventory_hostname }} 51 Target IP: {{ ansible_default_ipv4.address | default('Unknown') }} 52 OS: {{ ansible_distribution | default('Unknown') }} {{ ansible_distribution_version | default('') }} 53 Architecture: {{ ansible_architecture | default('Unknown') }} 54 User to Create: {{ my_user_username }} 55 User Groups: {{ my_user_groups | join(', ') }} 56 SSH Keys: {{ 'Configured' if my_user_ssh_public_key | length > 0 else 'Not configured' }} 57 ============================================================================ 58 tags: always 59 60 - name: Verify sudo access 61 command: whoami 62 become: true 63 register: sudo_check 64 changed_when: false 65 failed_when: sudo_check.stdout != "root" 66 tags: always 67 68 # ============================================================================ 69 # USER ROLE EXECUTION 70 # ============================================================================ 71 72 roles: 73 - role: user 74 tags: [user, setup, configuration] 75 76 # ============================================================================ 77 # POST-INSTALLATION VALIDATION 78 # ============================================================================ 79 80 post_tasks: 81 - name: Validate user creation 82 block: 83 - name: Check if user exists 84 user: 85 name: "{{ my_user_username }}" 86 register: user_check 87 failed_when: false 88 89 - name: Verify user groups 90 command: "groups {{ my_user_username }}" 91 register: groups_check 92 changed_when: false 93 94 - name: Check SSH key installation 95 stat: 96 path: "/home/{{ my_user_username }}/.ssh/authorized_keys" 97 register: ssh_keys_check 98 when: my_user_ssh_public_key | length > 0 99 100 - name: Test sudo access 101 command: "sudo -u {{ my_user_username }} whoami" 102 register: sudo_test 103 changed_when: false 104 when: "'sudo' in my_user_groups" 105 106 tags: [validation, user] 107 108 - name: Display installation summary 109 debug: 110 msg: | 111 ============================================================================ 112 User Management Complete! 113 ============================================================================ 114 115 ð¤ User Information: 116 Username: {{ my_user_username }} 117 Home Directory: /home/{{ my_user_username }} 118 Shell: {{ user_shell | default('/bin/bash') }} 119 Groups: {{ groups_check.stdout | default('Unknown') }} 120 121 ð Access Configuration: 122 SSH Access: {{ 'Enabled' if ssh_keys_check.stat.exists | default(false) else 'No keys configured' }} 123 Sudo Access: {{ 'Enabled (passwordless)' if "'sudo' in my_user_groups" else 'Disabled' }} 124 Docker Access: {{ 'Enabled' if "'docker' in my_user_groups" else 'Disabled' }} 125 126 ð System Information: 127 Target Host: {{ inventory_hostname }} 128 IP Address: {{ ansible_default_ipv4.address | default('Unknown') }} 129 OS: {{ ansible_distribution | default('Unknown') }} {{ ansible_distribution_version | default('') }} 130 131 ð§ Validation Results: 132 User Created: {{ 'â Success' if user_check.name is defined else 'â Failed' }} 133 Groups Assigned: {{ 'â Success' if groups_check.rc == 0 else 'â Failed' }} 134 SSH Keys: {{ 'â Installed' if ssh_keys_check.stat.exists | default(false) else 'â¹ Not configured' }} 135 Sudo Test: {{ 'â Working' if sudo_test.stdout == my_user_username else 'â¹ Not tested' }} 136 137 ð¡ Usage Examples: 138 SSH Login: ssh {{ my_user_username }}@{{ ansible_default_ipv4.address | default(inventory_hostname) }} 139 Switch User: sudo su - {{ my_user_username }} 140 Docker Commands: docker ps (if user in docker group) 141 142 ð Next Steps: 143 1. Test SSH access with your private key 144 2. Configure additional SSH keys if needed 145 3. Set up user-specific configurations (dotfiles, etc.) 146 4. Add to additional groups if required 147 148 â ï¸ Important Notes: 149 - SSH key authentication is recommended over password 150 - Keep user credentials secure 151 - Review group memberships for appropriate permissions 152 - Consider setting up user-specific backup strategies 153 154 ============================================================================ 155 tags: always 156