[jenkins-ci PATCH 8/3] guests: Centralize user creation and configuration

Andrea Bolognani <abologna@xxxxxxxxxx> · Wed, 21 Mar 2018 13:20:01 +0100

We already have a separate task for creating the non-root user,
so it makes sense to move everything related to the root user to
that taks as well.

Signed-off-by: Andrea Bolognani <abologna@xxxxxxxxxx>
---
 guests/site.yml                      |  2 +-
 guests/tasks/base.yml                | 20 --------------------
 guests/tasks/{user.yml => users.yml} | 20 ++++++++++++++++++++
 3 files changed, 21 insertions(+), 21 deletions(-)
 rename guests/tasks/{user.yml => users.yml} (67%)

diff --git a/guests/site.yml b/guests/site.yml
index a00be86..351e575 100644
--- a/guests/site.yml
+++ b/guests/site.yml
@@ -31,7 +31,7 @@
         state: absent
 
     # Create users. This needs to happen after installing base packages
-    - include: tasks/user.yml
+    - include: tasks/users.yml
 
     # Install build dependencies for each project
     - include: tasks/packages.yml
diff --git a/guests/tasks/base.yml b/guests/tasks/base.yml
index debf6e4..33681b4 100644
--- a/guests/tasks/base.yml
+++ b/guests/tasks/base.yml
@@ -121,26 +121,6 @@
   hostname:
     name: '{{ inventory_hostname }}'
 
-- name: Configure ssh access for the root user
-  authorized_key:
-    user: root
-    key: '{{ lookup("file", lookup("env", "HOME") + "/.ssh/id_rsa.pub") }}'
-    state: present
-
-- name: Configure root password and shell
-  user:
-    name: root
-    password: '{{ lookup("file", root_password_file) }}'
-    shell: '{{ bash }}'
-
-- name: Disable password authentication for the root user
-  lineinfile:
-    path: /etc/ssh/sshd_config
-    regexp: '^#*\s*PermitRootLogin\s*.*$'
-    line: 'PermitRootLogin without-password'
-    state: present
-    backup: yes
-
 - name: Look for GRUB2 configuration
   stat:
     path: /etc/default/grub
diff --git a/guests/tasks/user.yml b/guests/tasks/users.yml
similarity index 67%
rename from guests/tasks/user.yml
rename to guests/tasks/users.yml
index 3db5258..6134228 100644
--- a/guests/tasks/user.yml
+++ b/guests/tasks/users.yml
@@ -1,4 +1,24 @@
 ---
+- name: 'root: Set password'
+  user:
+    name: root
+    password: '{{ lookup("file", root_password_file) }}'
+    shell: '{{ bash }}'
+
+- name: 'root: Configure ssh access'
+  authorized_key:
+    user: root
+    key: '{{ lookup("file", lookup("env", "HOME") + "/.ssh/id_rsa.pub") }}'
+    state: present
+
+- name: 'root: Disable ssh password authentication'
+  lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: '^#*\s*PermitRootLogin\s*.*$'
+    line: 'PermitRootLogin without-password'
+    state: present
+    backup: yes
+
 - name: '{{ flavor }}: Create user account'
   user:
     name: '{{ flavor }}'
-- 
2.14.3

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list






