fh-trier
/
linux_ws2122_ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
linux_ws2122_ansible/roles/unix_users/tasks/main.yml

77 lines
2.3 KiB
YAML
Raw Blame History

---
- name: create unix groups
group:
name: "{{ item }}"
state: present
system: no
with_items: "{{ unix_groups }}"
when: unix_groups is defined
- name: filter unix_users for users with non-matching hosts
set_fact:
unix_users_filtered: "{{ (unix_users_filtered | default([])) + [ item ] }}"
when: item.value.hosts is not defined or inventory_hostname in item.value.hosts
with_dict: "{{ unix_users }}"
- name: create unix users
block:
- name: create unix users
user:
name: "{{ item.key }}"
group: "{{ item.value.main_group | default('users') }}"
comment: "{{ item.value.name }}"
shell: "{{ item.value.shell | default('/bin/bash') }}"
password: "{{ item.value.password | password_hash('sha512') }}"
state: present
loop: "{{ unix_users_filtered }}"
when: "item.value.groups is not defined"
- name: create unix users with additional groups
user:
name: "{{ item.key }}"
group: "{{ item.value.main_group }}"
groups: "{{ item.value.groups | join(',') }}"
comment: "{{ item.value.name }}"
shell: "{{ item.value.shell | default('/bin/bash') }}"
password: "{{ item.value.password | password_hash('sha512') }}"
state: present
loop: "{{ unix_users_filtered }}"
when: "item.value.groups is defined"
- name: create .ssh directory
file:
path: "/home/{{ item.key }}/.ssh"
state: directory
owner: "{{ item.key }}"
group: "{{ item.value.main_group | default('users') }}"
mode: 0700
loop: "{{ unix_users_filtered }}"
- name: configure ssh keys
template:
src: authorized_keys.j2
dest: "/home/{{ item.key }}/.ssh/authorized_keys"
owner: "{{ item.key }}"
group: "{{ item.value.main_group | default('users') }}"
mode: 0600
when: item.value.ssh_key is defined
loop: "{{ unix_users_filtered }}"
- name: remove ssh keys if undefined
file:
path: "/home/{{ item.key }}/.ssh/authorized_keys"
state: absent
when: item.value.ssh_key is not defined
loop: "{{ unix_users_filtered }}"
- name: create email forward file if defined
template:
src: forward.j2
dest: "/home/{{ item.key }}/.forward"
owner: "{{ item.key }}"
group: "{{ item.value.main_group | default('users') }}"
mode: 0644
when: item.value.email is defined
loop: "{{ unix_users_filtered }}"
Reference in New Issue View Git Blame Copy Permalink