Added more diverse playbooks

Author: Lucas

add_users.yml

@@ -0,0 +1,13 @@
+---
+- name: Add users
+  vars_files: ./vars.yml
+  hosts: servers
+  tasks:
+  - name: adding several users
+    user:
+      name: "{{ item.name }}"
+      state: present
+      password: "{{ p_users | password_hash('sha512') }}"
+      update_password: on_create
+      createhome: yes
+    with_items: "{{ users }}"

ansible_defense.yml

@@ -2,7 +2,7 @@
 ansible_user=notroot
 ansible_ssh_pass=bingbong1
 ansible_sudo_pass=bingbong1
-key_file="./ansible"
+key_file="./keys/ansible"
 
 [servers]
 10.16.0.5 ansible_become=true

handlers/restart.yml

@@ -0,0 +1,15 @@
+---
+- name: Secure servers
+  vars_files: ./vars.yml
+  hosts: servers
+  tasks:
+  - name: Update password
+    ansible.builtin.user:
+      name: root
+      password: '{{ hash_p }}'
+      state: present
+  - name: Place ssh key
+    authorized_key:
+      user: "root"
+      key: '{{ ssh_key }}'
+      state: present

inventory.ini

@@ -0,0 +1,22 @@
+---
+- name: Secure SSH
+  vars: 
+    p_users: ["test1", "test2", "laozi"]
+  hosts: servers
+  tasks:
+  - name: Copy sshd_config
+    ansible.builtin.copy:
+      src: ./sshd_config
+      dest: /etc/ssh/sshd_config
+      remote_src: no
+  - name: Allow Password login for users
+    ansible.builtin.lineinfile:
+      path: /etc/ssh/sshd_config
+      regexp: '^Match User'
+      line: "Match User {{ p_users | join(',') }}"
+      backrefs: yes
+      state: present
+  - name: Restart sshd
+    service:
+      name: sshd
+      state: restarted

root_pw.yml

@@ -0,0 +1,7 @@
+users: 
+  - name: "test1"
+  - name: "test2"
+p_users: "{{ lookup('ansible.builtin.file', './keys/user_pass.txt') }}"
+p: "{{ lookup('ansible.builtin.file', './keys/pass.txt') }}"
+hash_p: "{{ p | password_hash('sha512') }}"
+ssh_key: "{{ lookup('file', './keys/ansible.pub') }}"