A => .gitignore +2 -0
@@ 1,2 @@
+*.tmp
+.DS_Store
A => playbooks/setup_new_droplet.yml +46 -0
@@ 1,46 @@
+---
+- hosts: ip_addr
+ remote_user: root
+
+ vars_prompt:
+ - name: username
+ prompt: "new username"
+ private: no
+ - name: password
+ prompt: "new password"
+ private: yes
+ encrypt: "sha512_crypt"
+ confirm: yes
+ salt_size: 16
+
+ tasks:
+ - name: test if user exists
+ command: "ls -d /home/{{ username }}"
+ register: home_dir_test
+ - name: ensure that the user exists
+ user:
+ name: "{{ username }}"
+ state: present
+ create_home: yes
+ append: yes
+ groups: sudo
+ shell: /bin/bash
+ password: "{{ password }}"
+ # uncomment to not override existing passwords
+ # update_password: on_create
+ - name: create .ssh dir
+ file:
+ path: "/home/{{ username }}/.ssh"
+ state: directory
+ owner: "{{ username }}"
+ group: "{{ username }}"
+ - name: install copy of authorized_keys from root
+ copy:
+ src: /root/.ssh/authorized_keys
+ dest: "/home/{{ username }}/.ssh/authorized_keys"
+ remote_src: yes
+ owner: "{{ username }}"
+ group: "{{ username }}"
+ - name: reminder to disable root login
+ debug:
+ msg: "REMEMBER TO DISABLE SSH ROOT LOGIN!"
A => run_playbook.sh +20 -0
@@ 1,20 @@
+#!/bin/bash
+#
+# Script to run an Ansible playbook on a specific host.
+#
+# Usage: ./run_playbook.sh [playbook yml] [host ip/name]
+#
+
+if [[ -z $2 ]]; then
+ echo "Usage: ./run_playbook.sh [playbook yml] [host ip/name]"
+fi
+
+PLAYBOOK_PATH=$1
+HOST=$2
+
+rm -f .ansible_hosts.tmp
+
+echo "[ip_addr]" > .ansible_hosts.tmp
+echo "$HOST" >> .ansible_hosts.tmp
+
+ansible-playbook $PLAYBOOK_PATH -i .ansible_hosts.tmp<
\ No newline at end of file