1- hosts: surveytool 2 become: yes 3 vars_files: 4 - vars/main.yml 5 - local-vars/local.yml 6 tasks: 7 - name: Install server packages 8 apt: 9 pkg: 10 - unzip # needed for deploy 11 # for monitoring 12 - prometheus-mysqld-exporter 13 # - prometheus-nginx-exporter # (not there yet) 14 - name: Setup surveytool user for deploy 15 user: 16 name: "{{ cldr_surveytool_user }}" 17 shell: /bin/bash 18 group: "{{ cldr_surveytool_group }}" 19 - name: Give access to surveytool user 20 file: 21 path: "{{ cldr_trunk_path }}" 22 owner: surveytool 23 recurse: yes 24 - name: Setup surveytool auth 25 authorized_key: 26 user: surveytool 27 key: '{{ surveytooldeploy.key }}' 28 - name: ensure cldradmin group is there 29 group: 30 name: cldradmin 31 state: present 32 - name: ensure cldradmin user is there 33 user: 34 name: cldradmin 35 comment: CLDR Admin 36 groups: 37 - cldradmin 38 append: yes # add to the groups, do not remove 39 state: present 40 create_home: true 41 - name: make sure /home/cldradmin/.ssh/ exists 42 file: 43 path: /home/cldradmin/.ssh/ 44 owner: cldradmin 45 group: cldradmin 46 mode: '0700' 47 state: directory 48 - name: make sure /home/cldradmin/.ssh/authorized_keys exists 49 file: 50 dest: /home/cldradmin/.ssh/authorized_keys 51 owner: cldradmin 52 group: cldradmin 53 mode: '0600' 54 state: touch #https://github.com/ansible/ansible/issues/7490#issuecomment-497373505 55 modification_time: preserve 56 access_time: preserve 57 - name: add cldradmin to sudoers 58 template: 59 dest: /etc/sudoers.d/55-cldradmin-users 60 owner: root 61 group: root 62 mode: '440' 63 src: templates/55-cldradmin.conf 64