volker.raschek/ansible-role-unix-users
1
0
Fork 0
Code Issues 2 Pull Requests Actions Projects Releases Wiki Activity

Initial Commit

Browse Source
This commit is contained in:
Markus Pesch
2022-05-09 10:17:07 +02:00
commit 35890645a6
16 changed files with 468 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
tasks/create_unix_group.yml Normal file
View File

@ -0,0 +1,14 @@
---
- name: Create unix group {{ unix_group.key }} with random gid
group:
name: "{{ unix_group.key }}"
state: "{{ unix_group.value.state | default('present') }}"
when: unix_group.value.gid is not defined or unix_group.value.gid is defined and unix_group.value.gid == ""
- name: Create unix group {{ unix_group.key }} with pre-defined gid
group:
name: "{{ unix_group.key }}"
gid: "{{ unix_group.value.gid }}"
state: "{{ unix_group.value.state | default('present') }}"
when: unix_group.value.gid is defined and unix_group.value.gid != ""

95
tasks/create_unix_user.yml Normal file
View File

@ -0,0 +1,95 @@
---
- name: Define home directory for user {{ unix_user.key }}
set_fact:
user_user_home: "{{ unix_user.value.home | default('/home/' + unix_user.key) }}"
- name: Create unix user {{ unix_user.key }} without additional groups and uid
user:
name: "{{ unix_user.key }}"
group: "{{ unix_user.value.group | default('users') }}"
comment: "{{ unix_user.value.name }}"
create_home: "{{ unix_user.value.create_home | default(true) }}"
home: "{{ user_user_home }}"
shell: "{{ unix_user.value.shell | default('/bin/bash') }}"
password: "{{ unix_user.value.password | default('') | password_hash('sha512') }}"
state: present
when: "unix_user.value.groups is not defined and unix_user.value.uid is not defined"
- name: Create unix user {{ unix_user.key }} without additional groups and with uid
user:
name: "{{ unix_user.key }}"
uid: "{{ unix_user.value.uid }}"
group: "{{ unix_user.value.group | default('users') }}"
comment: "{{ unix_user.value.name }}"
create_home: "{{ unix_user.value.create_home | default(true) }}"
home: "{{ user_user_home }}"
shell: "{{ unix_user.value.shell | default('/bin/bash') }}"
password: "{{ unix_user.value.password | default('') | password_hash('sha512') }}"
state: present
when: "unix_user.value.groups is not defined and unix_user.value.uid is defined"
- name: Create unix user {{ unix_user.key }} with additional groups and uid
user:
name: "{{ unix_user.key }}"
uid: "{{ unix_user.value.uid }}"
group: "{{ unix_user.value.group | default('users') }}"
groups: "{{ unix_user.value.groups | join(',') }}"
comment: "{{ unix_user.value.name }}"
create_home: "{{ unix_user.value.create_home | default(true) }}"
home: "{{ user_user_home }}"
shell: "{{ unix_user.value.shell | default('/bin/bash') }}"
password: "{{ unix_user.value.password | default('') | password_hash('sha512') }}"
state: present
when: "unix_user.value.groups is defined and unix_user.value.uid is defined"
- name: Create unix user {{ unix_user.key }} with additional groups and without uid
user:
name: "{{ unix_user.key }}"
group: "{{ unix_user.value.group | default('users') }}"
groups: "{{ unix_user.value.groups | join(',') }}"
comment: "{{ unix_user.value.name }}"
create_home: "{{ unix_user.value.create_home | default(true) }}"
home: "{{ user_user_home }}"
shell: "{{ unix_user.value.shell | default('/bin/bash') }}"
password: "{{ unix_user.value.password | default('') | password_hash('sha512') }}"
state: present
when: "unix_user.value.groups is defined and unix_user.value.uid is not defined"
- name: Create .ssh directory for user {{ unix_user.key }}
file:
path: "{{ user_user_home }}/.ssh"
owner: "{{ unix_user.key }}"
group: "{{ unix_user.value.group | default('users') }}"
mode: 0700
state: directory
- name: Create authorized_keys file for user {{ unix_user.key }}
template:
src: authorized_keys.j2
dest: "{{ user_user_home }}/.ssh/authorized_keys"
owner: "{{ unix_user.key }}"
group: "{{ unix_user.value.group | default('users') }}"
mode: 0600
when: unix_user.value.ssh_keys is defined and unix_user.value.ssh_keys.public | length > 0
- name: Remove authorized_keys file for user {{ unix_user.key }}
file:
path: "{{ user_user_home }}/.ssh/authorized_keys"
state: absent
when: unix_user.value.ssh_keys.public is not defined or unix_user.value.ssh_keys.public | length <= 0
- name: Create .forward file to forward emails for user {{ unix_user.key }}
template:
src: forward.j2
dest: "{{ user_user_home }}/.forward"
owner: "{{ unix_user.key }}"
group: "{{ unix_user.value.group | default('users') }}"
mode: 0644
when: unix_user.value.email is defined
- name: Remove .forward file to forward emails for user {{ unix_user.key }}
file:
path: "{{ user_user_home }}/.forward"
state: absent
when: unix_user.value.email is not defined

29
tasks/main.yml Normal file
View File

@ -0,0 +1,29 @@
---
- name: Remove unix groups
include_tasks: remove_unix_group.yml
with_dict: "{{ unix_groups }}"
loop_control:
loop_var: unix_group
when: unix_group.value.state is defined and unix_group.value.state == 'absent'
- name: Remove unix user
include_tasks: remove_unix_user.yml
with_dict: "{{ unix_users }}"
loop_control:
loop_var: unix_user
when: unix_user.value.state is defined and unix_user.value.state == 'absent'
- name: Create unix groups
include_tasks: create_unix_group.yml
with_dict: "{{ unix_groups }}"
loop_control:
loop_var: unix_group
when: unix_group.value.state is defined and unix_group.value.state == 'present' or unix_group.value.state is not defined
- name: Create unix users
include_tasks: create_unix_user.yml
with_dict: "{{ unix_users }}"
loop_control:
loop_var: unix_user
when: unix_user.value.state is defined and unix_user.value.state == 'present' or unix_user.value.state is not defined

6
tasks/remove_unix_group.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: Remove unix group {{ unix_group.key }}
group:
name: "{{ unix_group.value.name }}"
state: absent

7
tasks/remove_unix_user.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: Remove unix user {{ unix_user.key }}
group:
name: "{{ unix_user.value.name }}"
state: absent
remove: yes