ownport · July 3, 2015 05:26
diff --git a/gistfile1.txt b/gistfile1.txt
 !! Creation

 With the name module, the can easily handle users.

 - name: Create jenkins user
  user: name=jenkins comment="Jenkins slave user" home=${jenkins_home} shell=/bin/bash

 The variable jenkins_home can be defined in one of the vars files.

 !! Password less from Jenkins master

 We first create the .ssh in the jenkins home directory with the correct rights. And then with the authorized_key module, we can add the public of the jenkins user on the jenkins master to the authorized keys of the jenkins user (on the new slave). And then we verify that the new authorized_keys file has the correct rights.

 - name: Create .ssh folder
  file: path=${jenkins_home}/.ssh state=directory mode=0700 owner=jenkins

 - name: Add passwordless connection for jenkins
  authorized_key: user=jenkins key="xxxxxxxxxxxxxx jenkins@master"

 - name: Update authorized_keys rights
  file: path=${jenkins_home}/.ssh/authorized_keys state=file mode=0600 owner=jenkins

 If you want jenkins to execute any command as sudo without the need of providing a password (basically updating /etc/sudoers), the module lineinfile can do that for you. That module checks ‘regexp’ against ‘dest’, if it matches it doesn’t do anything if not, it adds ‘line’ to ‘dest’.

 - name: Tomcat can run any command with no password
  lineinfile: "line='tomcat ALL=NOPASSWD: ALL' dest=/etc/sudoers regexp='^tomcat'"
	!! Creation

	With the name module, the can easily handle users.

	- name: Create jenkins user
	user: name=jenkins comment="Jenkins slave user" home=${jenkins_home} shell=/bin/bash

	The variable jenkins_home can be defined in one of the vars files.

	!! Password less from Jenkins master

	We first create the .ssh in the jenkins home directory with the correct rights. And then with the authorized_key module, we can add the public of the jenkins user on the jenkins master to the authorized keys of the jenkins user (on the new slave). And then we verify that the new authorized_keys file has the correct rights.

	- name: Create .ssh folder
	file: path=${jenkins_home}/.ssh state=directory mode=0700 owner=jenkins

	- name: Add passwordless connection for jenkins
	authorized_key: user=jenkins key="xxxxxxxxxxxxxx jenkins@master"

	- name: Update authorized_keys rights
	file: path=${jenkins_home}/.ssh/authorized_keys state=file mode=0600 owner=jenkins

	If you want jenkins to execute any command as sudo without the need of providing a password (basically updating /etc/sudoers), the module lineinfile can do that for you. That module checks ‘regexp’ against ‘dest’, if it matches it doesn’t do anything if not, it adds ‘line’ to ‘dest’.

	- name: Tomcat can run any command with no password
	lineinfile: "line='tomcat ALL=NOPASSWD: ALL' dest=/etc/sudoers regexp='^tomcat'"