In this article, I will writing to configure an ansible-playbook for creating a new users in the remote users using the user module provided by the Ansible
Ansible is a feasible configuration management tool which works on the configuration push protocol so it pushes its configurations setup in the playbook through the ssh-key setup during the initial configuration.
Here is the working ansible-playbook for user creation which you can include in your ansible playbook collections for managing your servers.
---- name: Create User with sudo priviledge on your serverhosts: allbecome: yesvars_prompt:- name: usernameprivate: falseprompt: "Please provide a username. This user will be provided with sudoers access"vars:password: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"tasks:- set_fact:password_fact: "{{password}}"- name: Create a login useruser:name: "{{ username }}"password: "{{ password_fact | password_hash('sha512') }}"create_home : yeshome: /home/{{ username }}groups:- ''- sudoshell: /bin/bashstate: present- debug:msg: " The credentials are Username: {{username}} Password: {{password_fact}} "
The ansible playbooks are written in .yml format so the indentation is compulsory so make sure to look after that.
- name: Create User with sudo priviledge on your serverhosts: allbecome: yesvars_prompt:- name: usernameprivate: falseprompt: "Please provide a username. This user will be provided with sudoers access"vars:password: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
name: Name of the ansible-playbook
hosts: Hosts to be target. All hosts are targeted from this playbook
vars_prompt: Asks for input using and store inwhose value will be used in the tasks to be done in the playbook
vars: The variables to be used. Password is randomly generated of 15 lengths
The tasks are where the magic happens in the ansible-playbook. You can configure tasks to be run in the server through ansible-built-in module or using community modules
tasks:- set_fact:password_fact: "{{password}}"- name: Create a login useruser:name: "{{ username }}"password: "{{ password_fact | password_hash('sha512') }}"create_home : yeshome: /home/{{ username }}groups:- ''- sudoshell: /bin/bashstate: present- debug:msg: " The credentials are Username: {{username}} Password: {{password_fact}} "
This uses the ansible built-in user module which is used to manage user settings in the remote servers. Here, it creates a user in the remote user with the name specified in the vars_prompt above. Password is provided through vars provided.
NOTE: Always hash your password, the ansible causes conflict and might not take the password provided without any hashing provided.
This playbook creates:
- new user with username provided through vars_prompt
- password provided through vars: password
- creates home directory with create_home: and specify home directory with home:
- adds to group: primary group and sudoers group for sudo access
- The credentials are displayed through the msg