Update users structure and add network settings definition
This commit is contained in:
parent
dbf7572814
commit
ea8615aeda
@ -3,6 +3,6 @@ domain: net.enp.one
|
|||||||
|
|
||||||
router:
|
router:
|
||||||
address: router.tre2.local
|
address: router.tre2.local
|
||||||
static:
|
static_dhcp:
|
||||||
server: DOMAIN
|
server: DOMAIN
|
||||||
subnet: 10.42.101.0/24
|
subnet: 10.42.101.0/24
|
||||||
|
@ -1,64 +1,104 @@
|
|||||||
---
|
---
|
||||||
users:
|
users:
|
||||||
# - name: username (required)
|
# name: (required) username
|
||||||
# fullname: user's full name (optional)
|
# password: (required) password encrypted using "python -c 'import crypt; print(crypt.crypt(raw_input(), crypt.mksalt(crypt.METHOD_SHA512)))'"
|
||||||
# password: quoted hash of password (required)
|
# targets: (required) list of targets to grant the user permission on
|
||||||
# autorized: array of keys allowed to ssh into account (optional)
|
# admin: (required) boolean indicates whether to give sudo access
|
||||||
# keys: array of keys given to the account to use on workstations (optional)
|
# fullname: (optional) full name of the user
|
||||||
# admin: boolean whether to give sudo privleges (optional)
|
# svc: (optional) whether the account is a service account
|
||||||
|
|
||||||
- name: root
|
- name: root
|
||||||
authorized: ['all']
|
password: "$6$UuXJahi90Mh9aQ.6$dsqQGH4of9EDRR11UbsXL077hQW.AV3WdflbjZResKr85osoCC7Ff/l7hDHv5uL6zJjbNhXaRrVfj/EaGycZ0/"
|
||||||
password: ""
|
targets:
|
||||||
|
- servers
|
||||||
|
- vms
|
||||||
|
- workstations
|
||||||
admin: True
|
admin: True
|
||||||
|
|
||||||
# Automation users
|
# Automation users
|
||||||
|
|
||||||
- name: ansible
|
- name: ansible
|
||||||
authorized: ['all']
|
password: "$6$SbdfIFNKL3jkMOdu$IOctsiJUQbOkj9dtGWV4lUqwwAA5nA8dLKFTLUrm5Fzk1Efl7QAxS36Vs94ra2JlqlYg1XKR7SNQM2q.fUa7t/"
|
||||||
password: ""
|
targets:
|
||||||
|
- servers
|
||||||
|
- vms
|
||||||
|
- workstations
|
||||||
|
- datastore
|
||||||
|
- gitea
|
||||||
|
- plex
|
||||||
|
- admin
|
||||||
admin: True
|
admin: True
|
||||||
|
svc: True
|
||||||
|
|
||||||
# Service accounts
|
# Service accounts
|
||||||
|
|
||||||
- name: svc_gitea
|
- name: svc_gitea
|
||||||
authorized: ['potentia', 'vm-host-gitea']
|
password: "$6$ThlNrAQeWYqeqHdY$4eoVF0FvZdDND9jCG9WpSPtf7akeEg5NqpcPqDBjrikV6e3wwS77umXqbkx0hrN/2ByahiW5dx/laQZa6xZrR."
|
||||||
password: ""
|
targets:
|
||||||
|
- datastore
|
||||||
|
- gitea
|
||||||
admin: False
|
admin: False
|
||||||
|
svc: True
|
||||||
|
|
||||||
- name: svc_plex
|
- name: svc_plex
|
||||||
authorized: ['potentia', 'vm-host-plex']
|
password: "$6$dDEwXYf6DYbVZCw4$KZWDDZV1bO7KwGdWkbsck/A.fAqxOyExy4MI8QHtnOyjumgImidTck71V3cs8rZ6nASsspqmIqy4YlWH9o1la."
|
||||||
password: ""
|
targets:
|
||||||
|
- datastore
|
||||||
|
- plex
|
||||||
admin: False
|
admin: False
|
||||||
|
svc: True
|
||||||
|
|
||||||
# Actual user accounts
|
# Actual user accounts
|
||||||
|
|
||||||
- name: enpaul
|
- name: enpaul
|
||||||
fullname: Ethan N. Paul
|
fullname: Ethan N. Paul
|
||||||
authorized: ['workstations', 'servers', 'vms']
|
|
||||||
password: "$6$mTfv47Xr1/bmYU80$W90AQisMUGjYQF5KOo67hHQl8sgxQH4HPwi.Bh6qUYcwIdG9ICyqAnBYrmtfFohGYvjU7jC/3AXPUWY8vnWLJ/"
|
password: "$6$mTfv47Xr1/bmYU80$W90AQisMUGjYQF5KOo67hHQl8sgxQH4HPwi.Bh6qUYcwIdG9ICyqAnBYrmtfFohGYvjU7jC/3AXPUWY8vnWLJ/"
|
||||||
|
targets:
|
||||||
|
- servers
|
||||||
|
- vms
|
||||||
|
- workstations
|
||||||
|
- datastore
|
||||||
|
- gitea
|
||||||
|
- plex
|
||||||
|
- admin
|
||||||
admin: True
|
admin: True
|
||||||
|
|
||||||
- name: kaisersjr
|
- name: kaisersjr
|
||||||
fullname: Sultan Jilani
|
fullname: Sultan Jilani
|
||||||
authorized: ['workstations']
|
password: "$6$Xxer5gAKkiDdYuI.$Yep2hja0l7bZko8sVpk9AzxDJwAet.lEXzpy/W0ghyL42z7AandboL9/MPXeHan0oQzEOAebTKnAxdpprV8Pg0"
|
||||||
password: ""
|
targets:
|
||||||
|
- datastore
|
||||||
|
- gitea
|
||||||
|
- vpn
|
||||||
|
- workstations
|
||||||
admin: False
|
admin: False
|
||||||
|
|
||||||
- name: notsoninja
|
- name: notsoninja
|
||||||
fullname: Johnathan W. Adams
|
fullname: Johnathan W. Adams
|
||||||
authorized: ['workstations']
|
password: "$6$PNQCj9oRGTmPsV8B$wWIC10U7fAbaZKOxeYjaK9jhTeXG2LS94JFiOCJlGtcgzl8I4kI5212oBn8RJ2P9.fIm.7Zo/Ih6BrUGGZLyh/"
|
||||||
password: ""
|
targets:
|
||||||
|
- datastore
|
||||||
|
- gitea
|
||||||
|
- vpn
|
||||||
|
- workstations
|
||||||
admin: False
|
admin: False
|
||||||
|
|
||||||
- name: avalonburned
|
- name: avalonburned
|
||||||
fullname: Christine K. Deidrich
|
fullname: Christine K. Deidrich
|
||||||
authorized: ['workstations']
|
password: "$6$axpFNAA1/Xn7a9OM$GriXqvM./KMjJpJyCCghsOl256oORUvWhQApg.aj2pGbbuiespT4pmdWATU2de5RwJkJznrA6hIdMxHPQmN9T0"
|
||||||
password: ""
|
targets:
|
||||||
|
- datastore
|
||||||
|
- gitea
|
||||||
|
- vpn
|
||||||
|
- workstations
|
||||||
admin: False
|
admin: False
|
||||||
|
|
||||||
- name: sglagovitch
|
- name: sglagovitch
|
||||||
fullname: Sophia Glagovitch
|
fullname: Sophia Glagovitch
|
||||||
authorized: ['workstations']
|
|
||||||
password: "$6$JC4neE6pXlGAbwSA$13t55k38QHhAHYrt0Ybg51ADknX0lyRpyQOHwREUBeZ8kfxaVcOISt3EcwwSxxWWzwzW5hfRgbC82n3O.zcHr1"
|
password: "$6$JC4neE6pXlGAbwSA$13t55k38QHhAHYrt0Ybg51ADknX0lyRpyQOHwREUBeZ8kfxaVcOISt3EcwwSxxWWzwzW5hfRgbC82n3O.zcHr1"
|
||||||
|
targets:
|
||||||
|
- datastore
|
||||||
|
- gitea
|
||||||
|
- vpn
|
||||||
|
- workstations
|
||||||
admin: False
|
admin: False
|
||||||
|
Reference in New Issue
Block a user