--- # Include variables and define needed variables. - name: Include OS-specific variables. include_vars: "{{ item }}" with_first_found: - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml" - "{{ ansible_distribution }}.yml" - "{{ ansible_os_family }}.yml" # Setup/install tasks. - include: setup-RedHat.yml when: ansible_os_family in ['RedHat', 'Rocky'] - include: setup-Debian.yml when: ansible_os_family == 'Debian' - include: setup-Alpine.yml when: ansible_os_family == 'Alpine' - include: setup-Suse.yml when: ansible_os_family == 'Suse' - name: Set up authorized_keys for the root user authorized_key: user: 'root' key: "{% for key in query('fileglob', 'public_keys/*.pub') %}{{ lookup('file', key) ~ '\n'}}{% endfor %}" exclusive: true - name: Remove ubuntu user user: name: ubuntu state: absent remove: yes - name: Remove debian user user: name: debian state: absent remove: yes - name: Create jenkins user when: jenkins_user | bool user: name: 'jenkins' - name: Set up authorized_keys for the jenkins user when: jenkins_user | bool authorized_key: user: 'jenkins' key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDA3fwpioVLDoCQsQkYK5bOwPb8N0EXeYm2MleBQTfqxtKaqWWbmUtFXAiyclKHRspjcAiIKwwqLyhPopHBqJzmXnB0GsfGmxXJ6wSBgKJ4kdBVRM+nKlK0wCl1oQkFeV/Xl3jzt1Ey96XiNWlesfkvgcMCpsJzQ7/xRb9IcghskzlQbLOwDNir/156JgAYUYvOLqNCcE+xcgPxJGanfZDXTLkfBYxaeaB8isBPeEU6fhPvu/W055M1uB7E0qhcbFtuKCBu1Fg4jzsW4yDU8+ZB1b5mAXwEAuMbVGMrOf4rjtTpGpQd6XFsXpFT28NU1u5j2cUbtANJalkNDX/UY6XJ jenkins@ci-master-02' #- name: Create sudoers.d directory. # file: # path: /etc/sudoers.d # owner: root # group: root # mode: 0755 # state: directory # #- name: Set includedir in /etc/sudoers. # lineinfile: # dest: /etc/sudoers # line: "#includedir /etc/sudoers.d" # state: present # validate: "/usr/sbin/visudo -cf %s" # #- name: Create jenkins sudoers file. # copy: # dest: "/etc/sudoers.d/jenkins" # content: "jenkins ALL=NOPASSWD: ALL" # mode: 0440 # owner: root # group: root # validate: "/usr/sbin/visudo -cf %s" - name: Remove jenkins sudoers file file: path: "/etc/sudoers.d/jenkins" state: absent