Redo user task
This commit is contained in:
parent
edcec5dd41
commit
45dd331dba
@ -8,6 +8,8 @@ users:
|
|||||||
home: yes
|
home: yes
|
||||||
uid: "1000"
|
uid: "1000"
|
||||||
gid: "1000"
|
gid: "1000"
|
||||||
|
docker: True
|
||||||
|
passwordless: True
|
||||||
github: Roxedus
|
github: Roxedus
|
||||||
password: "{{ secret_rox_pass }}"
|
password: "{{ secret_rox_pass }}"
|
||||||
|
|
||||||
@ -37,4 +39,4 @@ security_ssh_usedns: "no"
|
|||||||
security_autoupdate_enabled: true
|
security_autoupdate_enabled: true
|
||||||
security_fail2ban_enabled: true
|
security_fail2ban_enabled: true
|
||||||
security_sudoers_passwordless:
|
security_sudoers_passwordless:
|
||||||
- "{{ users.0.username }}"
|
- "{{ users|selectattr('passwordless', 'defined')|map(attribute='username') }}"
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
docker_install_compose: false
|
docker_install_compose: false
|
||||||
docker_users:
|
docker_users_obj: "{{ users|selectattr('docker', 'defined') }}"
|
||||||
- "{{ users.0.username }}"
|
docker_users: "{{ docker_users_obj|map(attribute='username') }}"
|
||||||
|
@ -21,28 +21,10 @@
|
|||||||
- ansible.builtin.dpkg_selections
|
- ansible.builtin.dpkg_selections
|
||||||
|
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Ensure groups exists
|
- include_tasks: tasks/users.yml
|
||||||
register: group_exist
|
with_items: "{{ users }}"
|
||||||
ansible.builtin.group:
|
loop_control:
|
||||||
name: "{{ item.groupname }}"
|
loop_var: user
|
||||||
gid: "{{ item.gid | default(None) }}"
|
|
||||||
state: present
|
|
||||||
loop: "{{ users }}"
|
|
||||||
|
|
||||||
- name: Add users
|
|
||||||
ansible.builtin.user:
|
|
||||||
name: "{{ item.username }}"
|
|
||||||
uid: "{{ item.uid | default(None) }}"
|
|
||||||
group: "{{ item.groupname | default(item.username) }}"
|
|
||||||
shell: /bin/bash
|
|
||||||
move_home: "{{ item.home | default(None) }}"
|
|
||||||
password: "{{ item.password | default(None) }}"
|
|
||||||
loop: "{{ users }}"
|
|
||||||
|
|
||||||
- name: Add a ssh key
|
|
||||||
ansible.posix.authorized_key:
|
|
||||||
user: "{{ users.0.username }}"
|
|
||||||
key: "https://github.com/{{ users.0.github }}.keys"
|
|
||||||
|
|
||||||
- name: Change hostname
|
- name: Change hostname
|
||||||
when: "set_hostname is defined"
|
when: "set_hostname is defined"
|
||||||
|
20
ansible/tasks/users.yml
Normal file
20
ansible/tasks/users.yml
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
- name: Ensure groups exists
|
||||||
|
ansible.builtin.group:
|
||||||
|
name: "{{ user.groupname }}"
|
||||||
|
gid: "{{ user.gid | default(None) }}"
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Add users
|
||||||
|
ansible.builtin.user:
|
||||||
|
name: "{{ user.username }}"
|
||||||
|
uid: "{{ user.uid | default(None) }}"
|
||||||
|
group: "{{ user.groupname | default(user.username) }}"
|
||||||
|
shell: "{{ user.shell | default('/bin/bash') }}"
|
||||||
|
move_home: "{{ user.home | default(None) }}"
|
||||||
|
password: "{{ user.password | default(None) }}"
|
||||||
|
|
||||||
|
- name: Add a Github key ssh key
|
||||||
|
when: "user.github is defined"
|
||||||
|
ansible.posix.authorized_key:
|
||||||
|
user: "{{ user.username }}"
|
||||||
|
key: "https://github.com/{{ user.github }}.keys"
|
Loading…
Reference in New Issue
Block a user