JumpCloud Role for Ansible

This role installs the JumpCloud agent and restarts the JumpCloud agent service as required. It also:

• make use of JumpCloud API to set JumpCloud System attributes.
• delete any system registered in JumpCloud with the same displayName

Requirements

cURL and NTP should be installed as prerequisites.

Role Variables

[jumpcloud_api_key][jumpcloud-api-key]

Default: none Used to modify the attribute of a System on JC portal.

The API key as shown in the JumpCloud's API Settings. To be retrieved from JumpCloud portal by a JC Admin account

To be stored in an Ansible Vault. It's very high-sensitivity Information.

Testing

See README file in the tests directory

jumpcloud_x_connect_key

Default: none

The X_Connect key as displayed on the Servers > Add screen. Mandatory.

jumpcloud_directory

Default: /opt/jc

Path to check if JumpCloud has been previously installed.

jumpcloud_x_connect_url

Default: 'https://kickstart.jumpcloud.com/Kickstart'

URL for the install script.

jumpcloud_force_install

Default: no

Used to determine whether or not to force installation of the client if it has been previously installed.

jumpcloud_agent_service

Default: jcagent

Name of the service to restart.

jumpcloud_use_sudo

Default: no

Whether or not to use sudo during installation.

[jumpcloud_tags][jumpcloud-tags]

The list of JC tags you want a host or a group of hosts to be part of

• 'tag_one'
• 'tag_two'

jumpcloud_displayName

Default: ` {{ inventory_hostname }}``

jumpcloud_allowPublicKeyAuthentication

Default: 'true' This value must be contained in single quotes "\'"

jumpcloud_allowSshPasswordAuthentication

Default: 'true' This value must be contained in single quotes "\'"

jumpcloud_allowSshRootLogin

Default: 'true' This value must be contained in single quotes "\'"

jumpcloud_allowMultiFactorAuthentication

Default: 'false' This value must be contained in single quotes "\'"

Example Playbook

---
- hosts: production
  roles:
     - { role: inviqa.jumpcloud, jumpcloud_x_connect_key: 'abcdef012234343' }
  vars:
    jumpcloud_tags:
      - 'tag_one'
      - 'tag_two'
    jumpcloud_displayName: "a new displayName"
    jumpcloud_allowPublicKeyAuthentication: 'true'
    jumpcloud_allowSshPasswordAuthentication: 'false'
    jumpcloud_allowSshRootLogin: 'true'
    jumpcloud_allowMultiFactorAuthentication: 'false'
...

License

MIT

Author Information

Author Marco Massari Calderone at Inviqa UK Ltd

Inspired by Barney Hanlon "shrikeh"'s Galaxy role ansible-jumpcloud