infra-ansible
ansible script to ship alpine/ssh/wireguard
git clone https://9o.is/git/infra-ansible.git
user.yml
(704B)
1 ---
2 - name: install doas
3 package:
4 name: doas
5 state: present
6
7 - name: create group user
8 group:
9 name: user
10 state: present
11
12 - name: create user
13 user:
14 name: user
15 group: user
16 password: '*'
17 shell: /bin/sh
18
19 - name: assign user doas privilege
20 copy:
21 dest: /etc/doas.d/user.conf
22 owner: root
23 group: root
24 mode: '0600'
25 content: |
26 permit nopass :user
27
28 - name: create user ssh directory
29 file:
30 path: /home/user/.ssh
31 owner: user
32 group: user
33 state: directory
34
35 - name: authorize user ssh keys
36 copy:
37 dest: /home/user/.ssh/authorized_keys
38 owner: user
39 group: user
40 mode: '0600'
41 content: |
42 {{ ssh_authorized_key }}
43