This is an old revision of the document!
Hands-on session 2/2 - part 2/3
THE FOLLOWING SCRIPTS WILL DEPLOY AUTOMATED ANSIBLE ENVIRONMENTS FOR YOUR ACCOUNTS
AS USER
1.automated_ansible_install.sh
#!/usr/bin/env bash
# AUTHOR | Mircea VRABIE
# TARGET | Automated deployment for Ansible environment with pip
# DATE | Jul 2022
# HOW TO (as user) | ~
PATH:\
bash create_server_list.sh
read -p “ENTER NODE1 IP: ” n1 read -p “ENTER NODE2 IP: ” n2 read -p “ENTER NODE3 IP: ” n3
echo 
n2 » server_list
echo 
ansible_user ALL=(ALL) NOPASSWD :ALL” > /etc/sudoers.d/
ansible_user
visudo -c
for i in `cat /home/$user/server_list`; do scp /etc/sudoers.d/$ansible_user ansible' -s /bin/bash '$ansible' && echo "'$ansible:user/server_list`; do ssh root@
bash deploy_ssh_key.sh
read -p “ENTER YOUR ansible USER NAME: ” ansible
ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N ”” for i in `cat server_list`; do ssh-copy-id -i ~/.ssh/id_rsa.pub $ansible@$i; done
8.create_ansible_config.sh
#!/usr/bin/env bash
# AUTHOR | Mircea VRABIE
# TARGET | Create environment for ansible deployments
# DATE | Jul 2022
# HOW TO (as user) | ~ansible
host_key_checking=False
deprecation_warnings=False
forks=1
[privilege_escalation] become=True become_method=sudo become_user=root become_ask_pass=False EOF
++++++LAB++++++
# Add user
openssl passwd -6 -salt xyz <your_password> - (Generate password hash for /etc/shadow)
mkdir playbooks vim playbooks/add_user.yml
— - name: add_user
hosts: all (IP_node1) tasks: - name: add user "<your_user1>" on all hosts user: name: <your_user1> shell: /bin/bash home: /home/<your_user1> password: $6$xyz$73Q3Z.l5kN5BNAGMmP5IKozhqw3Zhj8bqQuJy3.Wf44.I3/nkSnzPMeX6rozvFiDHgi2DIt/BOc/lt14/2PH91 generate_ssh_key: yes ssh_key_bits: 2048 ssh_key_file: .ssh/id_rsa - name: create /etc/sudoers.d/<your_user1> file: path: /etc/sudoers.d/<your_user1> state: touch - name: add sudoers rights for <your_user1> copy: content: "<your_user1> ALL=(ALL) NOPASSWD: ALL" dest: /etc/sudoers.d/<your_user1> - name: set rights for /etc/sudoers.d/<your_user1> file: path: /etc/sudoers.d/<your_user1> mode: '0440'
…
ansible-playbook –syntax-check playbooks/add_user.yml ansible-playbook -v -C playbooks/add_user.yml (” '-C' - dry run”) ansible-playbook -v playbooks/add_user.yml (“execute playbook”) (” '-v' TO '-vvvv' =⇒ verbosity for debuging, usualy '-v' is enought”)
# Delete user with one liner ansible all (node1) -m shell -a 'userdel -r <your_user1>'
