创建用户
[devops@server4 ansible]$ cat inventory
[test]
172.25.25.4
[root@server1 ansible]# vim createuser.yml
---
- hosts: localhost
tasks:
- name: create user
user:
name: "{{ item }}"
state: present
loop:
- user1
- user2
- user3
[devops@server1 ansible]$ ansible-playbook createuser.yml
创建失败,没有权限,授权
vim /etc/sudoers
devops ALL=(ALL) NOPASSWD:ALL
[devops@server1 ansible]$ ansible-playbook createuser.yml
cat /etc/passwd
2.创建用户及密码
[root@server1 ansible]# cat createuser.yml
---
- hosts: test
tasks:
- name: create user
user:
name: "{{ item.user }}"
password: "{{ 'item.pass'|password_hash('sha512') }}"
state: present
loop:
- { user: user1,pass: 123 }
- { user: user2,pass: 143abc }
- { user: user3,pass: sds123 }
ansible-playbook createuser.yml
sudo cat /etc/shadow
sudo cat /etc/passwd
3.引入用户列表文件创建用户,密码加密
[root@server1 ansible]# cat createuser.yml
---
- hosts: localhost
vars_files:
- userlist.yml
tasks:
- name: create user
user:
name: "{{ item.user }}"
password: "{{ 'item.pass'|password_hash('sha512') }}"
state: present
loop: "{{ userlist }}"
用户列表文件
[root@server1 ansible]# cat userlist.yml
---
userlist:
- user: user1
pass: 123
- user: user2
pass: 456
给用户列表文件加密
ansible-vault encrypt userlist.yml
ansible-playbook createuser.yml #执行
查看
ansible-vault view userlist.yml
编辑,需要输密码
ansible-vault edit userlist.yml
给文件解密
ansible-vault decrypt userlist.yml