credential rollover playbooks - admin access to experiment

We need a method of rolling over the user account credentials on the experiments. 

We presently use the default username for os, and a variety of passwords. So we have different user names.

The preferred outcome is to use passwordless ssh,  with a consistent user name, that has passwordless sudo access so that it can run ansible scripts

[possible playbook](https://stackoverflow.com/questions/37333305/ansible-create-a-user-with-sudo-privileges)
```
- name: Add {{ sudo_user }} user
  user:
    name: "practable"
    groups: sudo
    append: true
    state: present
    createhome: true

- name: Make sudo without password for practable user
  copy:
    dest: /etc/sudoers.d/80-ansible-sudo-user
    content: "practable ALL=(ALL) NOPASSWD:ALL"
    mode: 0440

- name: Set up authorized keys for the practable user
  authorized_key: user=practable key="{{item}}"
  with_file:
    - {{EXPT_SECRETS}}/expt_rsa.pub
```

Note we'll want to use a modified version of the jump-playbook command to test this on a single host first, but `jump-playbook` does not yet pass the `--limit` option as referenced [here](https://docs.ansible.com/ansible/latest/inventory_guide/intro_patterns.html):

```
ansible-playbook site.yml --limit datacenter2
```


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

credential rollover playbooks - admin access to experiment #8

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

credential rollover playbooks - admin access to experiment #8

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions