【ansible/aws】ansibleで deploy用のuser作成
リポジトリはこちら github.com
目次
構成
. ├── README.md ├── config │ ├── authorized_keys │ └── id_rsa ├── ec2-server.yml ├── hosts │ └── ec2-servers └── roles └── aws ├── user └── tasks └── main.yml
やること
ec2-server.yml
変数を管理
--- - hosts: servers remote_user: ec2-user become: yes vars: users: - { name: 'webmaster', uid: 601, group: 'webmaster', gid: 601, password: "password", update_password: 'on_create', comment: 'webmaster' } roles: - aws/user
roles/aws/user/tasks/main.yml
--- - name: create group group: name={{ item.group }} gid={{ item.gid }} with_items: - "{{ users }}" - name: Create user user: #state: absent #ユーザを削除するときはコメントアウトを外す name: "{{ item.name }}" password: "{{ item.password }}" group: "{{ item.group }}" shell: /bin/bash with_items: - "{{ users }}" when: users #usersが1件以上の場合のみ実行 # ssh用のファイルをアップロード - name: Add .ssh directories file: path: '/home/{{ item.name }}/.ssh' state: directory mode: 0700 owner: "{{ item.name }}" group: "{{ item.group }}" with_items: - "{{ users }}" # github用のファイルをアップロード - name: Add keys copy: src: config/authorized_keys dest: "/home/{{ item.name }}/.ssh/authorized_keys" owner: "{{ item.name }}" group: "{{ item.group }}" mode: 0644 with_items: - "{{ users }}"