Ansible User Account Provisioning

Whenever I stand up a new Linux machine, I always find myself doing the same four things:

  1.  Creating my main user account
  2.  Creating an ansible user account
  3.  Configuring sudoers
  4.  Copying over SSH Public Keys.

Definitely, not something that evokes fun. I have tried various automation tools, but ansible has found a very special place in my toolkit.

For readers not familiar with ansible, it is a very powerful agent-less automation tool for all the things. There is a great primer here. This blog post is not a deep dive or an intro to ansible tutorial, I am only demonstrating how I initially provision the systems in my HomeLab (On-Prem) and in the Cloud.

Step 1:

Create a Virtual Machine (VM) or Provision a Virtual Private Server (VPS) with remote SSH access.

Step 2:

Add our host(s) to the inventory file on my control node.

Step 3:

Now we just run our playbook and it will provision the new host(s) with our ansible user account and any associated configuration requirements.

There are some caveats to the above. If you have remote ssh access enabled for root then just pass the following parameters:

If however you are using an admin user with sudo privileges, in the case where you have existing systems then add the following parameters:

The -k option tells ansible to prompt for a password. If you are using public keys then omit that option.
The -K option is for privilege escalation (sudo) which you will only need for a non root user.

The contents of the playbook are below:

That is all there is to it. Thanks for reading.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: