make admin list extensible

This commit is contained in:
Jörg Thalheim 2015-04-10 15:31:07 +00:00
parent 177c83be3d
commit 070d2bd56d
3 changed files with 9 additions and 3 deletions

View File

@ -5,4 +5,8 @@ masked_services:
- systemd-logind.service - systemd-logind.service
- getty.target - getty.target
- systemd-journal-flush.service - systemd-journal-flush.service
base_admins:
- {dest: "/home/admin", owner: "admin", group: "admin"}
- {dest: "/root", owner: "root", group: "root"}
additional_admins: []
ssh_ldap: false ssh_ldap: false

View File

@ -75,6 +75,7 @@ root ALL=(ALL) ALL
## Uncomment to allow members of group wheel to execute any command ## Uncomment to allow members of group wheel to execute any command
%wheel ALL=(ALL) ALL %wheel ALL=(ALL) ALL
admin ALL=(ALL) NOPASSWD: ALL admin ALL=(ALL) NOPASSWD: ALL
%admin ALL=(ALL) NOPASSWD: ALL
## Same thing without a password ## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL # %wheel ALL=(ALL) NOPASSWD: ALL

View File

@ -26,13 +26,14 @@
- name: SSH Keys - name: SSH Keys
copy: src=authorized_keys dest=/home/admin/.ssh/authorized_keys copy: src=authorized_keys dest=/home/admin/.ssh/authorized_keys
- set_fact:
admins: "{{ base_admins + additional_admins }}"
- name: deploy dotfiles - name: deploy dotfiles
copy: src="{{ item[0] }}" dest="{{ item[1].dest }}/.{{ item[0] }}" owner="{{ item[1].owner }}" group="{{ item[1].group }}" copy: src="{{ item[0] }}" dest="{{ item[1].dest }}/.{{ item[0] }}" owner="{{ item[1].owner }}" group="{{ item[1].group }}"
with_nested: with_nested:
- ['bashrc', 'dircolors', 'vimrc'] - ['bashrc', 'dircolors', 'vimrc']
- - admins
- {dest: "/home/admin", owner: "admin", group: "admin"}
- {dest: "/root", owner: "root", group: "root"}
- mount: name=/run/systemd/journal/ src=/mnt/journal fstype=none opts=bind,ro state=present - mount: name=/run/systemd/journal/ src=/mnt/journal fstype=none opts=bind,ro state=present