diff --git a/DockerEngineInstall.yml b/DockerEngineInstall.yml index 415e2af..b2617c8 100644 --- a/DockerEngineInstall.yml +++ b/DockerEngineInstall.yml @@ -1,6 +1,6 @@ --- - name: DockerAPI Install - hosts: + hosts: become: yes tasks: diff --git a/README.md b/README.md index 5eef54f..7a9af0a 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,20 @@ # Ansible-Deploy-Docker -Simple ansible playbook to deploy latest docker/docker-compose via ansible. +Simple ansible playbook to deploy latest docker and docker-compose via ansible. -Remember to change in playbook and in bash script. +## Edit configs -Also a bash script that creates a "ansible" user. You'll need to write your public key in script. +### add_ansible_user.sh -It is a good option to create a paswordless ssh key and copy it onto every machine you want to work with. -Bash script is configured to work only with public keys. +____ -- Set a username for ansible. Example "ansible" + +____ -- Paste your public key. + +__UID_INT__ -- This is optional. By default it is set to 1600. It makes it easier to distinguish ansible user from the rest + +### DockerEngineInstall.yml + +The only thing to change here is ____ at line 3. There you need to input IP of computers that ansible will run this playbook on. + +## PS + +In Proxmox if you have a VM template it is possible to paste multiple pubkeys. Go to template -> Cloud-Init -> SSH public key -> edit -> paste your pubkeys. diff --git a/add_ansible_user.sh b/add_ansible_user.sh index 2519023..00d4698 100644 --- a/add_ansible_user.sh +++ b/add_ansible_user.sh @@ -1,36 +1,47 @@ #!/bin/bash -# Define the username -USERNAME="ansible" +# Define variables +USERNAME="" +PUBLIC_KEY="" +UID_INT="1600" # 1600 to easilly distinguish ansible_user +not_found=0 -# Define the public key (replace with your actual public key) -PUBLIC_KEY="" +# Check if user exists +IFS=$'\n' +for users in $(cat /etc/passwd) +do + if [[ $(echo "$users" | awk 'BEGIN { FS = ":" } ; { print $1 }') = "$USERNAME" ]] + then + ((not_found++)) + fi +done +unset IFS -# Create the user if it doesn't already exist -if id "$USERNAME" &>/dev/null; then - echo "User '$USERNAME' already exists." +# Create user with custom UID and GID +if [[ $not_found = 0 ]]; then + echo "Creating user '$USERNAME'..." + sudo useradd -m "$USERNAME" -s "/bin/bash" -u $UID_INT else - echo "Creating user '$USERNAME'..." - sudo useradd -m "$USERNAME" + echo "User '$USERNAME' already exists." fi -# Create the .ssh directory in the user's home directory if it doesn't exist +# Create the .ssh directory if it doesn't exists HOME_DIR="/home/$USERNAME" SSH_DIR="/home/$USERNAME/.ssh" -if [ ! -d "$SSH_DIR" ]; then - echo "Creating $SSH_DIR directory..." - sudo -u "$USERNAME" mkdir -p "$SSH_DIR" +if [[ ! -d "$SSH_DIR" ]]; then + echo "Creating $SSH_DIR directory..." + sudo -u "$USERNAME" mkdir -p "$SSH_DIR" fi # Paste the public key directly into authorized_keys -echo "$PUBLIC_KEY" | sudo -u "$USERNAME" tee "$SSH_DIR/authorized_keys" > /dev/null +echo "$PUBLIC_KEY" | sudo -u "$USERNAME" tee -a "$SSH_DIR/authorized_keys" > /dev/null # Set correct permissions echo "Setting permissions..." sudo -u "$USERNAME" chmod 755 "$HOME_DIR" sudo -u "$USERNAME" chmod 700 "$SSH_DIR" sudo -u "$USERNAME" chmod 644 "$SSH_DIR/authorized_keys" -sudo -u "$USERNAME" chown -R "$USERNAME:$USERNAME" "$SSH_DIR" +sudo -u "$USERNAME" chown -R "$USERNAME:" "$SSH_DIR" # Add the user to the sudoers file with NOPASSWD privileges echo "$USERNAME ALL=(ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers > /dev/null