ansible-collection-base/playbooks/access.yml

---
- name: 'Configure access permissions'
  hosts: 'all'

  vars:
    ssh_public_keys_exclusive: true

  tasks:
    - name: 'Install ssh keys in target system'
      ansible.posix.authorized_key:
        user: '{{ ansible_user }}'
        key: '{{ ssh_public_keys }}'
        exclusive: '{{ ssh_public_keys_exclusive }}'

    - name: 'Allow ansible user to use sudo'
      become: true
      ansible.builtin.template:
        src: 'sudoers.d/ansible.j2'
        dest: '/etc/sudoers.d/ansible'
        owner: 'root'
        group: 'root'
        mode: 'u=rw,g=r,o='
Initial base playbooks Signed-off-by: Nis Wechselberg <enbewe@enbewe.de> 2024-06-17 16:45:02 +02:00			`---`
			`- name: 'Configure access permissions'`
			`hosts: 'all'`

			`vars:`
			`ssh_public_keys_exclusive: true`

			`tasks:`
			`- name: 'Install ssh keys in target system'`
			`ansible.posix.authorized_key:`
			`user: '{{ ansible_user }}'`
			`key: '{{ ssh_public_keys }}'`
			`exclusive: '{{ ssh_public_keys_exclusive }}'`

			`- name: 'Allow ansible user to use sudo'`
			`become: true`
			`ansible.builtin.template:`
			`src: 'sudoers.d/ansible.j2'`
			`dest: '/etc/sudoers.d/ansible'`
			`owner: 'root'`
			`group: 'root'`
			`mode: 'u=rw,g=r,o='`