Nutzerpasswörter (#92)

gruppe docker nur für docker-hosts

Nutzer root für pve angelegt

Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: mg/ansible#92
Co-Authored-By: mg <mg@noreply.git.mgrote.net>
Co-Committed-By: mg <mg@noreply.git.mgrote.net>
This commit is contained in:
Michael Grote 2021-05-14 14:57:04 +02:00
parent dd6a15a1ec
commit 1bbc4e5b60
3 changed files with 35 additions and 1 deletions

View file

@ -71,10 +71,20 @@
use_sudo: yes use_sudo: yes
use_sudo_nopass: yes use_sudo_nopass: yes
user_state: present user_state: present
groups: ssh, sudo, docker groups: ssh, sudo
servers: servers:
- production - production
- test - test
- username: root
password: "{{ lookup('keepass', 'root_linux_password_hash_proxmox', 'password') }}"
update_password: on_create
ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAp7z2WWUS626wY4laQJNGVYs5uOowrSOjd9RLsoPV5GWU46lsD+Q7CblqcBflvkzFiU16bzI0QZcQ9YP5M5LcYreCqCIq2HdeA4/hgIhlBGAzgp4mK8gZsEoCd2rs5888RA8T/oGnAoP0FXBegm2XmXTmt3826ZZUektCanSipMzrT3XUDZDnf1sTY60Fu8GK4hcRIFI7spM0u9upCYXVOrygBmoBQ5GlOyGEPyXs1Am/PERcVZFUPS0mGJ0COVCgEOaVvM8kEn5dK/QpmKqE8OMBsRdQ51pj9BMLNz/0IRnF6OxHDfEyLuqNPZuuBZc+/pULaZefCgjKGL1zXIFFlw== #generieren: ssh-keygen -o; für putty ändern https://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/ggcs/Change_private_key_format_for_Putty/Change_private_key_format_for_Putty.html#section2
use_sudo: yes
use_sudo_nopass: yes
user_state: present
groups: ssh, sudo
servers:
- proxmox
- username: ansible-user - username: ansible-user
password: "{{ lookup('keepass', 'ansible_user_linux_password_hash', 'password') }}" password: "{{ lookup('keepass', 'ansible_user_linux_password_hash', 'password') }}"
update_password: on_create update_password: on_create

View file

@ -26,3 +26,27 @@
/var/lib/docker/volumes/docker-photoprism_pp_smb_bilder***/** /var/lib/docker/volumes/docker-photoprism_pp_smb_bilder***/**
# https://github.com/restic/restic/issues/1005 # https://github.com/restic/restic/issues/1005
# https://forum.restic.net/t/exclude-syntax-confusion/1531/12 # https://forum.restic.net/t/exclude-syntax-confusion/1531/12
### ryandaniels.create_users
users:
- username: mg
password: "{{ lookup('keepass', 'mg_linux_password_hash', 'password') }}"
update_password: on_create
ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAp7z2WWUS626wY4laQJNGVYs5uOowrSOjd9RLsoPV5GWU46lsD+Q7CblqcBflvkzFiU16bzI0QZcQ9YP5M5LcYreCqCIq2HdeA4/hgIhlBGAzgp4mK8gZsEoCd2rs5888RA8T/oGnAoP0FXBegm2XmXTmt3826ZZUektCanSipMzrT3XUDZDnf1sTY60Fu8GK4hcRIFI7spM0u9upCYXVOrygBmoBQ5GlOyGEPyXs1Am/PERcVZFUPS0mGJ0COVCgEOaVvM8kEn5dK/QpmKqE8OMBsRdQ51pj9BMLNz/0IRnF6OxHDfEyLuqNPZuuBZc+/pULaZefCgjKGL1zXIFFlw== #generieren: ssh-keygen -o; für putty ändern https://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/ggcs/Change_private_key_format_for_Putty/Change_private_key_format_for_Putty.html#section2
use_sudo: yes
use_sudo_nopass: yes
user_state: present
groups: ssh, sudo, docker
servers:
- production
- test
- username: ansible-user
password: "{{ lookup('keepass', 'ansible_user_linux_password_hash', 'password') }}"
update_password: on_create
ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyqs0OE5RVqs6tIzyuGQWvq/OVDa/tfdSEqMIwcthFt+pwCCjpqtNc8L8FSXgphSwuNosFakqhMLDFD3pmII+t61NRExsoR3nGTDuCAQnTvTKXTEfhnunN3pwgXWVTI68j9pRzmSy+hMkSFbgN9EGMSXxGcNunY7ewS3ZkVe08SWFpiX9giYq6uiOiMHsZKdcP6s2QRXUhZlTx2cOc/9gJ5lD82EUXQRZzT6ww2xVrceIW9c3CZFmSmYWxvrR7dPcHrke90FPPd5WhU+Anz++6GsT6+OhZTk+uQnBHllFXn9NoFQIEUDO4zV+gFXITaAbTkLAcCwuKB2QcDZ6C2mhf ansible-generated on ansible-v2
use_sudo: yes
use_sudo_nopass: yes
user_state: present
groups: ssh, sudo
servers:
- production
- test

Binary file not shown.