documents new variables

RocketChat · Apr 27, 2021 · af481f7 · af481f7
1 parent 4c2c97f
commit af481f7
Showing 1 changed file with 21 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -1,7 +1,5 @@
 ansible-ovhbastion
 =========
-[![Build Status](https://travis-ci.com/adamsbytes/ansible-ovhbastion.svg?branch=main)](https://travis-ci.com/adamsbytes/ansible-ovhbastion)
-
 This role installs and configures [OVH Cloud](https://www.ovh.com/world/)'s [the Bastion](https://github.com/ovh/the-bastion) secured jump host server. The ovhbastion role is based on the [official  Bastion installation instructions](https://ovh.github.io/the-bastion/installation/basic.html). Please visit [the official Bastion documentation](https://ovh.github.io/the-bastion/index.html) for more information.
 
 Once you run this role, [click here](https://ovh.github.io/the-bastion/using/basics.html) to view the next steps in configuring the Bastion.
@@ -11,6 +9,7 @@ Tested On
 
 - Debian 8+
 - Ubuntu 18+
+- CentOS 8
 
 Role Variables
 --------------
@@ -21,10 +20,29 @@ Role Variables
 #### Recommended
 `bastion_name`: string with name of bastion host. the system's actual hostname is _not_ recommended\
 `bastion_create_admin`: toggle creation of the superadmin account\
-`bastion_superadmin_uname`: string with username for the bastion superadmin (if enabled)
+`bastion_superadmin_uname`: string with username for the bastion superadmin (if enabled)\
+`bastion_initial_users`: list of users to create after bastion setup\
+`bastion_initial_groups`: list of groups to create after bastion setup
 
 See `defaults/main.yml` for optional variables that can be set.
 
+#### User detail
+
+|attribute|type|description|required|
+|---|---|---|---|
+|name|string|name of the user to create|true|
+|public_key|string|SSH ingress key for the bastion user. The key must be generated as either: <br/><ul><li>ed25519</li><li>ecdsa</li><li>rsa 4096 bits</li></ul>|true|
+|hosts|list(string)|List of DNS records/IP addresses to grant initial access to|false|
+|groups|list(string)|List of groups the new user should belong to (currently disabled)|false|
+
+#### Group detail
+
+|attribute|type|description|required|
+|---|---|---|---|
+|name|string|Group name|true|
+|owner|string|Username of the group owner|true|
+|hosts|list(string)|List of DNS records/IP addresses to grant initial access to|false|
+
 Role Installation
 ------------