Update users structure and add network settings definition

This commit is contained in:
Ethan N. Paul 2018-12-11 00:47:21 -05:00
parent dbf7572814
commit ea8615aeda
2 changed files with 63 additions and 23 deletions

View File

@ -3,6 +3,6 @@ domain: net.enp.one
router:
address: router.tre2.local
static:
static_dhcp:
server: DOMAIN
subnet: 10.42.101.0/24

View File

@ -1,64 +1,104 @@
---
users:
# - name: username (required)
# fullname: user's full name (optional)
# password: quoted hash of password (required)
# autorized: array of keys allowed to ssh into account (optional)
# keys: array of keys given to the account to use on workstations (optional)
# admin: boolean whether to give sudo privleges (optional)
# name: (required) username
# password: (required) password encrypted using "python -c 'import crypt; print(crypt.crypt(raw_input(), crypt.mksalt(crypt.METHOD_SHA512)))'"
# targets: (required) list of targets to grant the user permission on
# admin: (required) boolean indicates whether to give sudo access
# fullname: (optional) full name of the user
# svc: (optional) whether the account is a service account
- name: root
authorized: ['all']
password: ""
password: "$6$UuXJahi90Mh9aQ.6$dsqQGH4of9EDRR11UbsXL077hQW.AV3WdflbjZResKr85osoCC7Ff/l7hDHv5uL6zJjbNhXaRrVfj/EaGycZ0/"
targets:
- servers
- vms
- workstations
admin: True
# Automation users
- name: ansible
authorized: ['all']
password: ""
password: "$6$SbdfIFNKL3jkMOdu$IOctsiJUQbOkj9dtGWV4lUqwwAA5nA8dLKFTLUrm5Fzk1Efl7QAxS36Vs94ra2JlqlYg1XKR7SNQM2q.fUa7t/"
targets:
- servers
- vms
- workstations
- datastore
- gitea
- plex
- admin
admin: True
svc: True
# Service accounts
- name: svc_gitea
authorized: ['potentia', 'vm-host-gitea']
password: ""
password: "$6$ThlNrAQeWYqeqHdY$4eoVF0FvZdDND9jCG9WpSPtf7akeEg5NqpcPqDBjrikV6e3wwS77umXqbkx0hrN/2ByahiW5dx/laQZa6xZrR."
targets:
- datastore
- gitea
admin: False
svc: True
- name: svc_plex
authorized: ['potentia', 'vm-host-plex']
password: ""
password: "$6$dDEwXYf6DYbVZCw4$KZWDDZV1bO7KwGdWkbsck/A.fAqxOyExy4MI8QHtnOyjumgImidTck71V3cs8rZ6nASsspqmIqy4YlWH9o1la."
targets:
- datastore
- plex
admin: False
svc: True
# Actual user accounts
- name: enpaul
fullname: Ethan N. Paul
authorized: ['workstations', 'servers', 'vms']
password: "$6$mTfv47Xr1/bmYU80$W90AQisMUGjYQF5KOo67hHQl8sgxQH4HPwi.Bh6qUYcwIdG9ICyqAnBYrmtfFohGYvjU7jC/3AXPUWY8vnWLJ/"
targets:
- servers
- vms
- workstations
- datastore
- gitea
- plex
- admin
admin: True
- name: kaisersjr
fullname: Sultan Jilani
authorized: ['workstations']
password: ""
password: "$6$Xxer5gAKkiDdYuI.$Yep2hja0l7bZko8sVpk9AzxDJwAet.lEXzpy/W0ghyL42z7AandboL9/MPXeHan0oQzEOAebTKnAxdpprV8Pg0"
targets:
- datastore
- gitea
- vpn
- workstations
admin: False
- name: notsoninja
fullname: Johnathan W. Adams
authorized: ['workstations']
password: ""
password: "$6$PNQCj9oRGTmPsV8B$wWIC10U7fAbaZKOxeYjaK9jhTeXG2LS94JFiOCJlGtcgzl8I4kI5212oBn8RJ2P9.fIm.7Zo/Ih6BrUGGZLyh/"
targets:
- datastore
- gitea
- vpn
- workstations
admin: False
- name: avalonburned
fullname: Christine K. Deidrich
authorized: ['workstations']
password: ""
password: "$6$axpFNAA1/Xn7a9OM$GriXqvM./KMjJpJyCCghsOl256oORUvWhQApg.aj2pGbbuiespT4pmdWATU2de5RwJkJznrA6hIdMxHPQmN9T0"
targets:
- datastore
- gitea
- vpn
- workstations
admin: False
- name: sglagovitch
fullname: Sophia Glagovitch
authorized: ['workstations']
password: "$6$JC4neE6pXlGAbwSA$13t55k38QHhAHYrt0Ybg51ADknX0lyRpyQOHwREUBeZ8kfxaVcOISt3EcwwSxxWWzwzW5hfRgbC82n3O.zcHr1"
targets:
- datastore
- gitea
- vpn
- workstations
admin: False