From 4dee59fad17bb232b8699acb62b9e1c91ee776af Mon Sep 17 00:00:00 2001 From: Alexander Dietrich Date: Sat, 8 Apr 2017 12:56:53 +0200 Subject: [PATCH] Add ffhh-basics role --- basics.yml | 2 + group_vars/all | 5 --- roles/ffhh-basics/files/new-user | 68 ++++++++++++++++++++++++++++++++ roles/ffhh-basics/tasks/main.yml | 18 +++++++++ 4 files changed, 88 insertions(+), 5 deletions(-) create mode 100755 roles/ffhh-basics/files/new-user create mode 100644 roles/ffhh-basics/tasks/main.yml diff --git a/basics.yml b/basics.yml index 56e8c76..4a03000 100644 --- a/basics.yml +++ b/basics.yml @@ -3,3 +3,5 @@ roles: - role: basics tags: basics + - role: ffhh-basics + tags: basics diff --git a/group_vars/all b/group_vars/all index 191e5b2..48930fd 100644 --- a/group_vars/all +++ b/group_vars/all @@ -1,7 +1,2 @@ --- basics_autoupdate_reboot: "false" -basics_install_packages: - - mosh - - nano - - virtualenv - - zsh diff --git a/roles/ffhh-basics/files/new-user b/roles/ffhh-basics/files/new-user new file mode 100755 index 0000000..d83a20c --- /dev/null +++ b/roles/ffhh-basics/files/new-user @@ -0,0 +1,68 @@ +#!/bin/bash +# +# This script assumes that you want to add a user with name +# equal to a keyfile in the freiunkhamburg/ssh-keys repo +# on github. +# +# This script assumes you know what you are doing. ;) +# +# .. ohrensessel, 2017 +# + +echoerr() { echo "$@" 1>&2; } + +if [ $# -eq 0 ]; then + echoerr Missing username + exit 1 +fi + +if [[ $EUID -ne 0 ]]; then + echoerr This script must be run as root + exit 1 +fi + +if id "$1" >/dev/null 2>&1; then + echoerr This user exists + exit 1 +fi + +wget -P /tmp https://raw.githubusercontent.com/freifunkhamburg/ssh-keys/master/"$1".pub &>/dev/null + +if [ $? -ne 0 ] +then + echoerr Could not download key file, username not equal to name of key file? + exit 1 +fi + +echo +echo Adding user with name "$1" and ssh keys: +echo +cat /tmp/"$1".pub +echo + +read -p "Are you sure? " -n 1 -r +echo +if [[ ! $REPLY =~ ^[Yy]$ ]] +then + echoerr Aborting... + rm /tmp/"$1".pub + exit 1 +fi + +useradd -m -G sudo "$1" + +if [ $? -ne 0 ] +then + echoerr Could not add user + rm /tmp/"$1".pub + exit 1 +fi + +echo "$1":test123 | chpasswd &>/dev/null +chage -d0 "$1" &>/dev/null + +mkdir /home/"$1"/.ssh +mv /tmp/"$1".pub /home/"$1"/.ssh/authorized_keys +chown "$1":"$1" /home/"$1"/.ssh -R +chmod 700 /home/"$1"/.ssh +chmod 600 /home/"$1"/.ssh/authorized_keys diff --git a/roles/ffhh-basics/tasks/main.yml b/roles/ffhh-basics/tasks/main.yml new file mode 100644 index 0000000..a377d97 --- /dev/null +++ b/roles/ffhh-basics/tasks/main.yml @@ -0,0 +1,18 @@ +--- +- name: install popular user packages + apt: + name: "{{ item }}" + state: present + with_items: + - mosh + - nano + - wget + - zsh + +- name: copy new-user script + copy: + src: new-user + dest: /usr/local/sbin + owner: root + group: root + mode: 0550