-
-
Save ri0day/f9668c7d0753dcbfba4e to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PBLOC=~/projects/somewhere/addserver.yml | |
| addserver() { | |
| if [[ -z "$1" ]]; then | |
| echo "[e] You need to give an IP for this to work. Dont use ssh-agent, since it will have precedence" | |
| else | |
| echo "[i] Running setup for new server, be ready to type in your root password" | |
| echo "[i] Removing and re-adding the known_hosts file" | |
| ssh-keygen -f "${HOME}/.ssh/known_hosts" -R $1 | |
| ssh-keyscan -t rsa -H $1 >> ~/.ssh/known_hosts | |
| ansible-playbook ${PBLOC} -u root -i "newserver," --extra-vars="hosts=newserver ansible_ssh_host=$1" -k | |
| echo "[i] Ssh keys are added, sudoers file change. You can now run your normal playbooks against this server" | |
| fi | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - hosts: '{{ hosts }}' | |
| tasks: | |
| - name: Create awx user | |
| user: name=awx comment="Ansible user" shell=/bin/bash | |
| - name: Make sure we can sudo as awx user | |
| lineinfile: dest=/etc/sudoers state=present regexp='^awx' line='awx ALL=(ALL) NOPASSWD:ALL' | |
| - name: Disable requiretty for awx user to support pipelining | |
| lineinfile: dest=/etc/sudoers state=present regexp='^Defaults:awx' line='Defaults:awx !requiretty' | |
| - name: Add authorized_keys | |
| authorized_key: user=awx | |
| key="{{ lookup('file','~/.ssh/id_rsa.pub') }}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment