freifunk/Ansible-Configuration Changeset - ad50e8774d77 · Chaos Computer Club Lëtzebuerg Projects

Changeset - ad50e8774d77

Parent rev.

Child rev.

[Not reviewed]

0 1 0

x - 21 months ago 2023-08-04 16:37:00
xbr@c3l.lu

fix: users should not have primary group `sudo`

1 file changed with 7 insertions and 3 deletions:

initial_server_setup/initial_setup.yml

0 comments (0 inline, 0 general)

initial_server_setup/initial_setup.yml

➞

Show inline comments

@@ @@ -12,84 +12,88 @@ @@
   tasks:
     - name: Update + Upgrade packages
       become: true
       ansible.builtin.apt:
         upgrade: true
         update_cache: true
       tags: basic
     - name: Install some basic packages
       ansible.builtin.apt:
         pkg:
           - sudo
           - git
           - vim
           - python3
           - python3-pip
       tags: basic
     # Change Hostname
     - name: "Update Hostnames"
       ansible.builtin.hostname:
         name: "{{ new_hostname }}"
       tags: hostname
     # Update /etc/hosts
     - name: Make sure an IPV4 entry in /etc/hosts exists
       ansible.builtin.lineinfile:
         path: /etc/hosts
         regexp: "^{{ ansible_default_ipv4.address }}"
         line: "{{ ansible_default_ipv4.address }} {{ new_hostname }} {{ new_hostname }}.freifunk.lu"
         state: present
       tags: network,hostname,dns
     - name: Make sure an IPV6 entry in /etc/hosts exists
       ansible.builtin.lineinfile:
         path: /etc/hosts
         regexp: "^{{ ansible_default_ipv6.address }}"
         line: "{{ ansible_default_ipv6.address }} {{ new_hostname }} {{ new_hostname }}.freifunk.lu"
         state: present
       tags: network,hostname,dns
     # Create Freifunk Users
     - name: Create a login user fantawams
       ansible.builtin.user:
         name: fantawams
         password: "{{ password | password_hash('sha512') }}"
         groups:
           - sudo
         append: true
         state: present
       tags: users
     - name: Create a login user orimpe
       ansible.builtin.user:
         name: orimpe
         password: "{{ password | password_hash('sha512') }}"
-        groups: # Empty by default, here we give it some groups
         groups:
           - sudo
         append: true
         state: present
       tags: users
     - name: Create a login user metalgamer
       ansible.builtin.user:
         name: metalgamer
         password: "{{ password | password_hash('sha512') }}"
-        groups: # Empty by default, here we give it some groups
         groups:
           - sudo
         append: true
         state: present
       tags: users
     - name: Create a login user xbr
       ansible.builtin.user:
         name: xbr
         password: "{{ password | password_hash('sha512') }}"
-        groups: # Empty by default, here we give it some groups
         groups:
           - sudo
         append: true
         state: present
       tags: users
     - name: Create a login user fflux
       ansible.builtin.user:
         name: fflux
         password: "{{ password | password_hash('sha512') }}"
         state: present
       tags: users

0 comments (0 inline, 0 general)