From 57fef3ca81dc282c93d6b70a174ab48d948f6897 Mon Sep 17 00:00:00 2001
From: Vincent Stuyck <vst@si-int.eu>
Date: Sun, 20 Jul 2025 00:22:39 +0200
Subject: [PATCH] add create ansible user script for new servers

---
 create-ansibleuser.sh | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 create-ansibleuser.sh

diff --git a/create-ansibleuser.sh b/create-ansibleuser.sh
new file mode 100644
index 0000000..a4360cd
--- /dev/null
+++ b/create-ansibleuser.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+groupadd -g 3003 ansible
+useradd -g 3003 -u 994 -m -r ansible
+usermod -aG ansible vst
+
+mkdir /home/ansible/.ssh
+cat << EOL > /home/ansible/.ssh/authorized_keys
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMuxBznuFNFztZt1MbuDRdww7LdmWq0dpK7F3Is/gMPO ansible@semaphore
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMqPCol1eSm4vrAYK0XEaq05n6BAQqQVJOAWhRItfZRS vst@yuuki
+EOL
+
+chown -R ansible: /home/ansible/.ssh
+chmod 400 /home/ansible/.ssh/authorized_keys
+
+cat << EOL > /etc/sudoers.d/ansible
+%ansible         ALL = (ALL) NOPASSWD: ALL
+EOL
\ No newline at end of file