Redo user task

This commit is contained in:
Roxedus 2021-08-16 23:50:14 +02:00
parent edcec5dd41
commit 45dd331dba
Signed by: Roxedus
GPG Key ID: 9B4E311961C63639
4 changed files with 29 additions and 25 deletions

View File

@ -8,6 +8,8 @@ users:
home: yes home: yes
uid: "1000" uid: "1000"
gid: "1000" gid: "1000"
docker: True
passwordless: True
github: Roxedus github: Roxedus
password: "{{ secret_rox_pass }}" password: "{{ secret_rox_pass }}"
@ -37,4 +39,4 @@ security_ssh_usedns: "no"
security_autoupdate_enabled: true security_autoupdate_enabled: true
security_fail2ban_enabled: true security_fail2ban_enabled: true
security_sudoers_passwordless: security_sudoers_passwordless:
- "{{ users.0.username }}" - "{{ users|selectattr('passwordless', 'defined')|map(attribute='username') }}"

View File

@ -1,3 +1,3 @@
docker_install_compose: false docker_install_compose: false
docker_users: docker_users_obj: "{{ users|selectattr('docker', 'defined') }}"
- "{{ users.0.username }}" docker_users: "{{ docker_users_obj|map(attribute='username') }}"

View File

@ -21,28 +21,10 @@
- ansible.builtin.dpkg_selections - ansible.builtin.dpkg_selections
pre_tasks: pre_tasks:
- name: Ensure groups exists - include_tasks: tasks/users.yml
register: group_exist with_items: "{{ users }}"
ansible.builtin.group: loop_control:
name: "{{ item.groupname }}" loop_var: user
gid: "{{ item.gid | default(None) }}"
state: present
loop: "{{ users }}"
- name: Add users
ansible.builtin.user:
name: "{{ item.username }}"
uid: "{{ item.uid | default(None) }}"
group: "{{ item.groupname | default(item.username) }}"
shell: /bin/bash
move_home: "{{ item.home | default(None) }}"
password: "{{ item.password | default(None) }}"
loop: "{{ users }}"
- name: Add a ssh key
ansible.posix.authorized_key:
user: "{{ users.0.username }}"
key: "https://github.com/{{ users.0.github }}.keys"
- name: Change hostname - name: Change hostname
when: "set_hostname is defined" when: "set_hostname is defined"

20
ansible/tasks/users.yml Normal file
View File

@ -0,0 +1,20 @@
- name: Ensure groups exists
ansible.builtin.group:
name: "{{ user.groupname }}"
gid: "{{ user.gid | default(None) }}"
state: present
- name: Add users
ansible.builtin.user:
name: "{{ user.username }}"
uid: "{{ user.uid | default(None) }}"
group: "{{ user.groupname | default(user.username) }}"
shell: "{{ user.shell | default('/bin/bash') }}"
move_home: "{{ user.home | default(None) }}"
password: "{{ user.password | default(None) }}"
- name: Add a Github key ssh key
when: "user.github is defined"
ansible.posix.authorized_key:
user: "{{ user.username }}"
key: "https://github.com/{{ user.github }}.keys"