使用playbook添加用户,并添加到组,可以使用sudo
首先先生成密码
pip install passlib
python -c "from passlib.hash import sha512_crypt; import getpass; print sha512_crypt.encrypt(getpass.getpass())"
输入密码后,把生成的字符串替换即可
cat useradd.yml
---
- hosts: all
vars:
user: id10086
group: sa
password: "$6$rounds=656000$8co.J2OcJlhs3dtX$3UgoddDYZ.z4V.UB6tAbcsIYSquWUKCjt7nM6dc8iPBPLvOeqQezhd0aJj8S3dG4jFUmgbhx/coFfzE70No0."
remote_user: root
tasks:
- name: Add group {{ group }}
group: name={{ group }}
- name: Add user {{ user }}
user: name={{user}} password={{ password }} groups={{ group }}
- name: you can use sudo
lineinfile: dest=/etc/sudoers state=present line='{{item}}' validate='visudo -cf %s'
with_items:
- "%{{ group }} ALL=(ALL) NOPASSWD:ALL"
检查
ansible-playbook useradd.yml -C
执行
ansible-playbook useradd.yml