3 files changed, 26 insertions, 0 deletions

diff --git a/inventory/host_vars/ele-lt.yml b/inventory/host_vars/ele-lt.yml
index 6f019a76..f642f09c 100644
--- a/inventory/host_vars/ele-lt.yml
+++ b/inventory/host_vars/ele-lt.yml
@@ -1,4 +1,10 @@
 ---
+liquidtruth_app_user: lt
+
+ssh_allowusers_host:
+  - "{{ liquidtruth_app_user }}"
+
+
 #acmetool_directory_server: "{{ acmetool_directory_server_le_live }}"
 
 liquidtruth_hostnames:
diff --git a/roles/elevate/liquidtruth/tasks/main.yml b/roles/elevate/liquidtruth/tasks/main.yml
index 7b1949c1..cc5dd20e 100644
--- a/roles/elevate/liquidtruth/tasks/main.yml
+++ b/roles/elevate/liquidtruth/tasks/main.yml
@@ -25,3 +25,10 @@
 
 - name: install and configure nginx
   import_tasks: nginx.yml
+
+- name: create app user
+  user:
+    name: "{{ liquidtruth_app_user }}"
+    state: present
+    append: yes
+    shell: /bin/zsh
diff --git a/roles/elevate/liquidtruth/tasks/mongodb.yml b/roles/elevate/liquidtruth/tasks/mongodb.yml
index 244d9849..8d5180ae 100644
--- a/roles/elevate/liquidtruth/tasks/mongodb.yml
+++ b/roles/elevate/liquidtruth/tasks/mongodb.yml
@@ -19,3 +19,16 @@
       - mongo-tools
       - python-pymongo
     state: present
+
+# - name: check if admin user already exists
+#   command: >
+#     mongo --quiet -u root -p {{ liquidtruth_root_password }} --eval 'db.version()' admin
+#   register: mongodb_root_user_check
+#   changed_when: false
+#   check_mode: no
+#   ignore_errors: true
+#   no_log: true
+
+# - name: initialize authorization
+#   include_tasks: mongodb_authorization.yml
+#   when: mongodb_root_user_check