Redo user task

2021-08-16 23:50:14 +02:00 · 2021-08-16 23:50:14 +02:00 · 45dd331dba
commit 45dd331dba
parent edcec5dd41
4 changed files with 29 additions and 25 deletions
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -8,6 +8,8 @@ users:
    home: yes
    uid: "1000"
    gid: "1000"
+    docker: True
+    passwordless: True
    github: Roxedus
    password: "{{ secret_rox_pass }}"

@ -37,4 +39,4 @@ security_ssh_usedns: "no"
 security_autoupdate_enabled: true
 security_fail2ban_enabled: true
 security_sudoers_passwordless:
-  - "{{ users.0.username }}"
+  - "{{ users|selectattr('passwordless', 'defined')|map(attribute='username') }}"
--- a/ansible/group_vars/docker.yml
+++ b/ansible/group_vars/docker.yml
@ -1,3 +1,3 @@
 docker_install_compose: false
-docker_users:
-    - "{{ users.0.username }}"
+docker_users_obj: "{{ users|selectattr('docker', 'defined') }}"
+docker_users: "{{ docker_users_obj|map(attribute='username') }}"
--- a/ansible/run.yml
+++ b/ansible/run.yml
@ -21,28 +21,10 @@
    - ansible.builtin.dpkg_selections

  pre_tasks:
-    - name: Ensure groups exists
-      register: group_exist
-      ansible.builtin.group:
-        name: "{{ item.groupname }}"
-        gid: "{{ item.gid | default(None) }}"
-        state: present
-      loop: "{{ users }}"
-
-    - name: Add users
-      ansible.builtin.user:
-        name: "{{ item.username }}"
-        uid: "{{ item.uid | default(None) }}"
-        group: "{{ item.groupname | default(item.username) }}"
-        shell: /bin/bash
-        move_home: "{{ item.home | default(None) }}"
-        password: "{{ item.password | default(None) }}"
-      loop: "{{ users }}"
-
-    - name: Add a ssh key
-      ansible.posix.authorized_key:
-        user: "{{ users.0.username }}"
-        key: "https://github.com/{{ users.0.github }}.keys"
+    - include_tasks: tasks/users.yml
+      with_items: "{{ users }}"
+      loop_control:
+        loop_var: user

    - name: Change hostname
      when: "set_hostname is defined"
--- a/ansible/tasks/users.yml
+++ b/ansible/tasks/users.yml
@ -0,0 +1,20 @@
+- name: Ensure groups exists
+  ansible.builtin.group:
+    name: "{{ user.groupname }}"
+    gid: "{{ user.gid | default(None) }}"
+    state: present
+
+- name: Add users
+  ansible.builtin.user:
+    name: "{{ user.username }}"
+    uid: "{{ user.uid | default(None) }}"
+    group: "{{ user.groupname | default(user.username) }}"
+    shell: "{{ user.shell | default('/bin/bash') }}"
+    move_home: "{{ user.home | default(None) }}"
+    password: "{{ user.password | default(None) }}"
+
+- name: Add a Github key ssh key
+  when: "user.github is defined"
+  ansible.posix.authorized_key:
+    user: "{{ user.username }}"
+    key: "https://github.com/{{ user.github }}.keys"