From 1a62835f3fc98d9d09d379213ae8ddecb806a62e Mon Sep 17 00:00:00 2001 From: David Knight Date: Sun, 12 Apr 2020 18:39:14 -0700 Subject: [PATCH] add setup_new_droplet.yml playbook --- .gitignore | 2 ++ playbooks/setup_new_droplet.yml | 46 +++++++++++++++++++++++++++++++++ run_playbook.sh | 20 ++++++++++++++ 3 files changed, 68 insertions(+) create mode 100644 .gitignore create mode 100644 playbooks/setup_new_droplet.yml create mode 100755 run_playbook.sh diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7025fbd --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*.tmp +.DS_Store diff --git a/playbooks/setup_new_droplet.yml b/playbooks/setup_new_droplet.yml new file mode 100644 index 0000000..78466b7 --- /dev/null +++ b/playbooks/setup_new_droplet.yml @@ -0,0 +1,46 @@ +--- +- hosts: ip_addr + remote_user: root + + vars_prompt: + - name: username + prompt: "new username" + private: no + - name: password + prompt: "new password" + private: yes + encrypt: "sha512_crypt" + confirm: yes + salt_size: 16 + + tasks: + - name: test if user exists + command: "ls -d /home/{{ username }}" + register: home_dir_test + - name: ensure that the user exists + user: + name: "{{ username }}" + state: present + create_home: yes + append: yes + groups: sudo + shell: /bin/bash + password: "{{ password }}" + # uncomment to not override existing passwords + # update_password: on_create + - name: create .ssh dir + file: + path: "/home/{{ username }}/.ssh" + state: directory + owner: "{{ username }}" + group: "{{ username }}" + - name: install copy of authorized_keys from root + copy: + src: /root/.ssh/authorized_keys + dest: "/home/{{ username }}/.ssh/authorized_keys" + remote_src: yes + owner: "{{ username }}" + group: "{{ username }}" + - name: reminder to disable root login + debug: + msg: "REMEMBER TO DISABLE SSH ROOT LOGIN!" diff --git a/run_playbook.sh b/run_playbook.sh new file mode 100755 index 0000000..df2af75 --- /dev/null +++ b/run_playbook.sh @@ -0,0 +1,20 @@ +#!/bin/bash +# +# Script to run an Ansible playbook on a specific host. +# +# Usage: ./run_playbook.sh [playbook yml] [host ip/name] +# + +if [[ -z $2 ]]; then + echo "Usage: ./run_playbook.sh [playbook yml] [host ip/name]" +fi + +PLAYBOOK_PATH=$1 +HOST=$2 + +rm -f .ansible_hosts.tmp + +echo "[ip_addr]" > .ansible_hosts.tmp +echo "$HOST" >> .ansible_hosts.tmp + +ansible-playbook $PLAYBOOK_PATH -i .ansible_hosts.tmp \ No newline at end of file -- 2.45.2