Adding FreeBSD Users With Ansible
It’s Not Rocket Science
Anyone who tells you Ansible is easy is a liar, they are telling you a big, fat, salacious lie; however, I’m here to spread the truth. Ansible. Is. Hard.
Okay, it’s not that bad, but it can certainly be a little daunting especially out of the gate, but most importantly it does get easier with time and even more importantly it can make menial, tedious tasks a veritable walk-in-the-park.
Teach A Man To Teach Himself… To Fish
This is not going to be a long, detailed lesson on Ansible and FreeBSD, but rather a short story about a problem and a solution. The problem was simple, add a single new user to several BSD hosts. The solution I chose to pursue was an Ansible play. Two reasons, to see if it could be done and to spend more, albeit occasionally frustrating, time with Ansible. Here is that play:
# Add User to BSD Hosts
- hosts: updates
become: yes
tasks:
- name: Create user group
ansible.builtin.shell:
cmd: pw groupadd jrandom
- name: Add User to BSD assets
ansible.builtin.user:
name: jrandom
comment: Joe Random
group: jrandom
groups: wheel
shell: /bin/sh
generate_ssh_key: yes
append: yes
create_home: yes
- name: assign temp password
ansible.builtin.shell:
cmd: echo UNoHackM3! | pw mod user jrandom -h 0 && chown jrandom:jrandom /home/jrandom
First off, I want to say I was pleasantly surprised to find Ansible has some great built-in user creation functionality, and that did the bulk of the work. However, I had to do a little extra song-and-dance to get the home dir permissions and user group to work well and to set the password. Again, Ansible makes it pretty simple to exec shell commands so in the end it all worked out.
Great Ansible documentation is readily available to help guide you on your quest.
Pro-Tip: when crafting new plays I would advise making frequent use of the built-in syntax checker:
ansible-playbook --syntax-check myNewPlay.yaml