syncing grant_sudo
This commit is contained in:
ipvsean
28
playbooks/05_grant_sudo.yml
Normal file
28
playbooks/05_grant_sudo.yml
Normal file
@@ -0,0 +1,28 @@
|
|||||||
|
---
|
||||||
|
- name: grant sudo
|
||||||
|
hosts: "{{ HOSTS | default('all') }}"
|
||||||
|
become: yes
|
||||||
|
gather_facts: no
|
||||||
|
vars:
|
||||||
|
sudo_cleanup: true
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- name: Check if sudo user exists on system
|
||||||
|
getent:
|
||||||
|
database: passwd
|
||||||
|
key: "{{ sudo_user }}"
|
||||||
|
|
||||||
|
- name: create sudo rule
|
||||||
|
copy:
|
||||||
|
dest: "/etc/sudoers.d/{{ sudo_user }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0640
|
||||||
|
content: "{{ sudo_user }} ALL=(ALL) NOPASSWD:ALL"
|
||||||
|
|
||||||
|
- name: time based cleanup
|
||||||
|
at:
|
||||||
|
command: "rm /etc/sudoers.d/{{ sudo_user }}"
|
||||||
|
count: "{{ sudo_count | default('10') }}"
|
||||||
|
units: "{{ sudo_units | default('minutes') }}"
|
||||||
|
when: sudo_cleanup|bool
|
||||||
45
playbooks/group_vars/all/05_grant_sudo.yml
Normal file
45
playbooks/group_vars/all/05_grant_sudo.yml
Normal file
@@ -0,0 +1,45 @@
|
|||||||
|
---
|
||||||
|
fact_scan:
|
||||||
|
author: "Will Tome"
|
||||||
|
name: "SERVER / Grant Sudo"
|
||||||
|
description: "grant sudo privledges for specified time via survey"
|
||||||
|
job_type: "run"
|
||||||
|
inventory: "Workshop Inventory"
|
||||||
|
playbook: playbooks/05_grant_sudo.yml
|
||||||
|
credential: "Workshop Credential"
|
||||||
|
survey_enabled: yes
|
||||||
|
survey_spec:
|
||||||
|
name: ''
|
||||||
|
description: ''
|
||||||
|
spec:
|
||||||
|
- question_name: 'Enter host to configure'
|
||||||
|
type: text
|
||||||
|
variable: HOSTS
|
||||||
|
required: false
|
||||||
|
- question_name: Username
|
||||||
|
type: text
|
||||||
|
variable: sudo_user
|
||||||
|
required: true
|
||||||
|
- question_name: Time
|
||||||
|
type: integer
|
||||||
|
variable: sudo_count
|
||||||
|
required: true
|
||||||
|
default: 10
|
||||||
|
- question_name: Units
|
||||||
|
type: multiplechoice
|
||||||
|
variable: harden_ssh
|
||||||
|
required: true
|
||||||
|
choices:
|
||||||
|
- 'minutes'
|
||||||
|
- 'hours'
|
||||||
|
- 'days'
|
||||||
|
default: minutes
|
||||||
|
project:
|
||||||
|
name: "Ansible official demo project"
|
||||||
|
description: "prescriptive demos from Red Hat Management Buisness Unit"
|
||||||
|
organization: "Default"
|
||||||
|
scm_type: git
|
||||||
|
scm_url: "https://github.com/ansible/product-demos"
|
||||||
|
workshop_type:
|
||||||
|
- f5
|
||||||
|
- rhel
|
||||||
@@ -5,7 +5,7 @@ windows_iis:
|
|||||||
description: "install webserver on Windows Server with a survey"
|
description: "install webserver on Windows Server with a survey"
|
||||||
job_type: "run"
|
job_type: "run"
|
||||||
inventory: "Workshop Inventory"
|
inventory: "Workshop Inventory"
|
||||||
playbook: "playbooks/05_windows_iis.yml"
|
playbook: "playbooks/30_windows_iis.yml"
|
||||||
credential: "Demo Credential"
|
credential: "Demo Credential"
|
||||||
survey_enabled: no
|
survey_enabled: no
|
||||||
project:
|
project:
|
||||||
Reference in New Issue
Block a user