From 1ab3137444ee978f9183daa0408527dbcb038445 Mon Sep 17 00:00:00 2001
From: shockrah <dev@shockrah.xyz>
Date: Mon, 13 Jun 2022 23:13:55 -0700
Subject: [PATCH] + Docker user

---
 playbooks/alpha/docker-user.yml | 39 +++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 playbooks/alpha/docker-user.yml

diff --git a/playbooks/alpha/docker-user.yml b/playbooks/alpha/docker-user.yml
new file mode 100644
index 0000000..b03cdde
--- /dev/null
+++ b/playbooks/alpha/docker-user.yml
@@ -0,0 +1,39 @@
+# This playbook creates an ssh accessed user that is part of the docker group
+# The reason for this is to create a user that can access docker services but
+# not have root permissions to the host machine itself.
+
+---
+- hosts: alpha
+  remote_user: ubuntu
+  become:  yes
+  vars:
+    NAME: dockerlass
+  tasks:
+    - name: Ensure Docker Group exists
+      group:
+        name: docker 
+        state: present
+
+    - name: Ensure Docker-Only User exists and is part of the Docker group
+      user:
+        state: present
+        name: "{{ NAME }}"
+        create_home: true
+        groups: docker
+
+    - name: Ensure safe ~/.ssh directory
+      file:
+        path: "/home/{{NAME}}/.ssh"
+        state: directory
+        mode: 0700
+        owner: "{{ NAME }}"
+
+    - name: Ensure safe Authorized keys file
+      copy:
+        src: "{{ DOCKERLASS_PUB_KEY_PATH }}"
+        dest: "/home/{{NAME}}/.ssh/authorized_keys"
+        mode: 0600
+        owner: "{{ NAME }}"
+      
+   
+