diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index b13a3d6cb..7759890ef 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -1,7 +1,7 @@ - include_tasks: admin-user.yml tags: - base - when: not no_admin is defined + when: auto_admin - include_tasks: access.yml tags: diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 1cba88745..e2e9837eb 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -29,20 +29,17 @@ disregard_network: False # use cache or error out if cache does not exist # Users and Passwords -# Uncomment the following if you don't want iiab_admin_user (by default -# iiab-admin) to be auto-created in roles/iiab-admin/tasks/main.yml -# Also disables sudo-based verification of published passwords. - -# no_admin: "" - -# If no_admin variable is established above (its actual value is IGNORED) also -# set iiab_admin_user (below) to an existing Linux user that has sudo access. -# That is the username you'll use to login to Admin Console @ http://box/admin - iiab_admin_user: iiab-admin - # Obtain a password hash with: python -c 'import crypt; print crypt.crypt("", "$6$<salt>")' iiab_admin_passw_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop. +auto_admin: True + +# Set auto_admin: False if you don't want iiab_admin_user & wheel group to be +# auto-created in roles/iiab-admin/tasks/main.yml, thereby disabling sudo-based +# warnings on use of published passwords like pi/raspberry & iiab-admin/g0adm1n + +# If auto_admin: False, set iiab_admin_user (above) to an existing Linux user +# that has sudo access, so you can login to Admin Console @ http://box/admin # Languages default_language: en diff --git a/vars/medium.localvars b/vars/medium.localvars index 98af50e15..d3eb0f7a7 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -4,27 +4,24 @@ # SEE EXAMPLE http://download.iiab.io/6.5/rpi/local_vars_big.yml # SEE EXAMPLE http://download.iiab.io/6.5/rpi/local_vars_min.yml -# Original Idea: branch github.com/xsce/xsce-local for your deployment +# Orig Idea: branch github.com/xsce/xsce-local for your deployment/community # Ansible's default timeout for "get_url:" downloads (10 seconds) often fails download_timeout: 100 # Users and Passwords -# Uncomment the following if you don't want iiab_admin_user (by default -# iiab-admin) to be auto-created in roles/iiab-admin/tasks/main.yml -# Also disables sudo-based verification of published passwords. - -# no_admin: "" - -# If no_admin variable is established above (its actual value is IGNORED) also -# set iiab_admin_user (below) to an existing Linux user that has sudo access. -# That is the username you'll use to login to Admin Console @ http://box/admin - iiab_admin_user: iiab-admin - # Obtain a password hash with: python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' # iiab_admin_passw_hash: +auto_admin: True + +# Set auto_admin: False if you don't want iiab_admin_user & wheel group to be +# auto-created in roles/iiab-admin/tasks/main.yml, thereby disabling sudo-based +# warnings on use of published passwords like pi/raspberry & iiab-admin/g0adm1n + +# If auto_admin: False, set iiab_admin_user (above) to an existing Linux user +# that has sudo access, so you can login to Admin Console @ http://box/admin iiab_hostname: box iiab_domain: lan