首页 > 其他分享 >ansible 添加用户

ansible 添加用户

时间:2024-04-12 14:59:15浏览次数:25  
标签:yunwei 用户 192.168 etc ansible user password 添加

hosts

[centos-root]
192.168.174.129 ansible_ssh_port=22 
192.168.174.130 ansible_ssh_port=22  
192.168.174.131 ansible_ssh_port=22  

Ansible Vault 文件

创建 Ansible Vault 文件

# ansible-vault create passwords.yml
New Vault password:                    # 12345678
Confirm New Vault password:

编辑 Ansible Vault 文件

# ansible-vault edit passwords.yml
Vault password:

passwords.yml

root_accounts:
  192.168.174.129:
    old_password: host1
    new_password: 12345678
  192.168.174.130:
    old_password: host2
    new_password: 12345678
  192.168.174.131:
    old_password: host3
    new_password: 12345678

yunwei_accounts:
  192.168.174.129:
    init_password: yunwei_129
  192.168.174.130:
    init_password: yunwei_130
  192.168.174.131:
    init_password: yunwei_131

playbook

create_user-playbook.yaml 

- hosts: centos
  remote_user: root
  vars_files:
    - passwords.yaml
  vars:
    ansible_ssh_pass: "{{ root_accounts[inventory_hostname].old_password }}"
    new_username: yunwei

  tasks:
    - name: chattr -i /etc/gshadow /etc/shadow /etc/group /etc/passwd /etc/ssh/sshd_config /etc/profile
      ansible.builtin.shell:
        cmd: |
          chattr -i /etc/gshadow /etc/shadow /etc/group /etc/passwd /etc/ssh/sshd_config /etc/profile

    - name: Create yunwei user
      ansible.builtin.user:
        name: "{{ new_username }}"
        password: "{{ yunwei_accounts[inventory_hostname].init_password | password_hash('sha512')}}"
        shell: /bin/bash
        groups: wheel

    - name: Print temporary password
      debug:
        msg: "The password for {{ new_username }} is {{ yunwei_accounts[inventory_hostname].init_password }}"
  
    - name: chattr +i /etc/gshadow /etc/shadow /etc/group /etc/passwd /etc/ssh/sshd_config /etc/profile
      ansible.builtin.shell:
        cmd: |
          chattr +i /etc/gshadow /etc/shadow /etc/group /etc/passwd /etc/ssh/sshd_config /etc/profile

check_user-playbook.yaml

- hosts: centos
  remote_user: yunwei
  vars_files:
    - passwords.yaml
  vars:
    ansible_ssh_pass: "{{ yunwei_accounts[inventory_hostname].init_password }}"
    #ansible_become_method: sudo     # 指定了要使用的特权升级方法
    #ansible_become_user: root       # 可以指定要切换到的用户
    ansible_become_pass: "{{ yunwei_accounts[inventory_hostname].init_password }}"  # sudo 密码

  tasks:
    - name: check password using yunwei
      ansible.builtin.shell:
        cmd: id
      register: command_result

    - name: Print yunwei info
      debug:
        msg: " user info is {{ command_result.stdout }}"

    - name: Run commands with password input
      vars:
        ansible_become: yes      # 启用了特权升级(become)功能
      ansible.builtin.shell:
        cmd: sudo -u root sh -c "id"
      register: command_result_1

    - name: Print root info
      debug:
        msg: " user info is {{ command_result_1.stdout }}"

user-playbook.yaml

- import_playbook: create_user-playbook.yaml
- import_playbook: check_user-playbook.yaml

测试 playbook

# ansible-playbook -i hosts user-playbook.yaml --ask-vault-pass
Vault password: 

PLAY [centos] *****************************************************************************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************************************************************************
ok: [192.168.174.130]
ok: [192.168.174.131]
ok: [192.168.174.129]

TASK [chattr -i /etc/gshadow /etc/shadow /etc/group /etc/passwd /etc/ssh/sshd_config /etc/profile] ****************************************************************************
changed: [192.168.174.129]
changed: [192.168.174.131]
changed: [192.168.174.130]

TASK [Create yunwei user] *****************************************************************************************************************************************************
changed: [192.168.174.129]
changed: [192.168.174.131]
changed: [192.168.174.130]

TASK [Print temporary password] ***********************************************************************************************************************************************
ok: [192.168.174.129] => {
    "msg": "The password for yunwei is yunwei_129"
}
ok: [192.168.174.131] => {
    "msg": "The password for yunwei is yunwei_131"
}
ok: [192.168.174.130] => {
    "msg": "The password for yunwei is yunwei_130"
}

TASK [chattr +i /etc/gshadow /etc/shadow /etc/group /etc/passwd /etc/ssh/sshd_config /etc/profile] ****************************************************************************
changed: [192.168.174.129]
changed: [192.168.174.130]
changed: [192.168.174.131]

PLAY [centos] *****************************************************************************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************************************************************************
ok: [192.168.174.129]
ok: [192.168.174.131]
ok: [192.168.174.130]

TASK [check password using yunwei] ********************************************************************************************************************************************
changed: [192.168.174.129]
changed: [192.168.174.131]
changed: [192.168.174.130]

TASK [Print yunwei info] ******************************************************************************************************************************************************
ok: [192.168.174.129] => {
    "msg": " user info is uid=1000(yunwei) gid=1000(yunwei) groups=1000(yunwei),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023"
}
ok: [192.168.174.130] => {
    "msg": " user info is uid=1002(yunwei) gid=1002(yunwei) groups=1002(yunwei),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023"
}
ok: [192.168.174.131] => {
    "msg": " user info is uid=1000(yunwei) gid=1000(yunwei) groups=1000(yunwei),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023"
}

TASK [Run commands with password input] ***************************************************************************************************************************************
[WARNING]: Consider using 'become', 'become_method', and 'become_user' rather than running sudo
changed: [192.168.174.129]
changed: [192.168.174.131]
changed: [192.168.174.130]

TASK [Print root info] ********************************************************************************************************************************************************
ok: [192.168.174.129] => {
    "msg": " user info is uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023"
}
ok: [192.168.174.130] => {
    "msg": " user info is uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023"
}
ok: [192.168.174.131] => {
    "msg": " user info is uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023"
}

PLAY RECAP ********************************************************************************************************************************************************************
192.168.174.129            : ok=10   changed=5    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
192.168.174.130            : ok=10   changed=5    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
192.168.174.131            : ok=10   changed=5    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

标签:yunwei,用户,192.168,etc,ansible,user,password,添加
From: https://www.cnblogs.com/wangguishe/p/18129816

相关文章

  • StringHelper--字符串左右添加指定字符
    StringHelper--字符串左右添加指定字符1usingSystem;2usingSystem.Collections.Generic;3usingSystem.Configuration;4usingSystem.Linq;5usingSystem.Text;6usingSystem.Threading.Tasks;78namespaceHRMessageApp.Helper9{10publiccla......
  • 实况窗助力美团打造鸿蒙原生外卖新体验,用户可实时掌握外卖进展
    自2023年华为宣布全新HarmonyOS NEXT蓄势待发,鸿蒙原生应用全面启动以来,已有金融、旅行、社交等多个领域的企业和开发者陆续宣布加入鸿蒙生态。其中,美团作为国内头部的科技零售企业,是首批加入鸿蒙生态的伙伴,其下的美团外卖App基于HarmonyOS SDK高效展开了鸿蒙原生应用的开发,仅用6......
  • Jmeter模拟用户并发token参数化
    场景:项目需求,模拟用户并发签到,要求签到数据能记录到数据库。分析:签到接口需要tocken,单个tocken只能签到一次,需要多个tocken一起并发。脚本如下:        解决返回的乱码问题。  ......
  • Oracle 实现多语言(即根据用户登录的环境自适应本地语言)
    CREATEORREPLACEPACKAGEBODYOADBA.db_globalIS--設定參數值PROCEDUREset_value(parameterVARCHAR2,valVARCHAR2)ISBEGINDBMS_SESSION.set_context('db_context',parameter,val);ENDset_value;--取得參數值FUNCTION......
  • ansible 通过密码登录主机
    hosts[centos-root]192.168.174.129ansible_ssh_port=22ansible_ssh_user=rootansible_ssh_pass=host1192.168.174.130ansible_ssh_port=22ansible_ssh_user=root192.168.174.131ansible_ssh_port=22ansible_ssh_user=rootAnsibleVault文件创建AnsibleVault......
  • vim 用户相关
     vim#yuminstallvim-y#普通模式、编辑模式、命令模式#普通模式:-上下翻-yy复制一行-p粘贴-dd剪切-p把上面剪切的粘贴上#编辑模式-i:insert插入-a:append追加-o:换行-正常写就可以了-esc回到普通模式#......
  • 如何在 Pytest 中添加日志记录
    前言在编写和运行测试时,对于调试和排查问题,添加日志记录是一种非常有用的技术。Pytest是一个流行的Python测试框架,开发者通过pytest可以轻松地编写和运行各种测试。本文将介绍如何在Pytest中添加日志记录,以便更好地理解测试执行过程中的细节和问题。pytest.ini我们之前有......
  • CH592 CH582 CH573从机例子添加RSSI信息获取
    以CH582HID_Mouse为例,新增RSSI获取和打印步骤如下 LIB库已经提供了回调接口,只需要在程序中定义函数体实现   连接成功后启动任务   代码编译 烧录到CH582种运行代码 连接成功后打印RSSI和handle值 ......
  • 172号卡分销系统代理如何向用户推广号卡流程?以及如何提高首充率?
    代理在推广流量号卡时,需要明确的策略和方法。作为172号卡分销系统的代理,了解如何有效地向用户推广是关键。下面将为您提供一个详细的推广流程以及如何提高首充率的建议。1. 推广号卡流程:a. 代理在开始推广号卡前,代理需要深入研究每一个套餐的详情页内容。这有助于你熟知每......
  • [Android Studio] 如何添加依赖 (转)
    原文:https://blog.csdn.net/zhou_ge1/article/details/127130430 1.左上角菜单栏:File->ProjectStructure...2.Dependencies->app->点击+号->1LibraryDependency 3.输入想要添加的依赖名称->点击Search->点击ok 4.回到ProjectStructure界面,点击Apply,最后点击ok,即可......