fix: lock unix users
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Markus Pesch 2023-02-15 21:41:11 +01:00
parent 0a03f2e74e
commit 4fb52a7127
Signed by: volker.raschek
GPG Key ID: 852BCC170D81A982

View File

@ -12,10 +12,9 @@
create_home: "{{ unix_user.value.create_home | default(true) }}" create_home: "{{ unix_user.value.create_home | default(true) }}"
home: "{{ user_user_home }}" home: "{{ user_user_home }}"
shell: "{{ unix_user.value.shell | default('/bin/bash') }}" shell: "{{ unix_user.value.shell | default('/bin/bash') }}"
password: "{{ (unix_user.value.password | password_hash('sha512')) | default('!') }}" password: "{{ unix_user.value.password | password_hash('sha512') if unix_user.value.password is defined and unix_user.value.password | length > 0 else '!' }}"
state: present state: present
when: unix_user.value.groups is not defined and unix_user.value.uid is not defined when: unix_user.value.groups is not defined and unix_user.value.uid is not defined
no_log: true
- name: "Create unix user without additional groups and with uid: {{ unix_user.key }}" - name: "Create unix user without additional groups and with uid: {{ unix_user.key }}"
ansible.builtin.user: ansible.builtin.user:
@ -26,10 +25,9 @@
create_home: "{{ unix_user.value.create_home | default(true) }}" create_home: "{{ unix_user.value.create_home | default(true) }}"
home: "{{ user_user_home }}" home: "{{ user_user_home }}"
shell: "{{ unix_user.value.shell | default('/bin/bash') }}" shell: "{{ unix_user.value.shell | default('/bin/bash') }}"
password: "{{ (unix_user.value.password | password_hash('sha512')) | default('!') }}" password: "{{ unix_user.value.password | password_hash('sha512') if unix_user.value.password is defined and unix_user.value.password | length > 0 else '!' }}"
state: present state: present
when: unix_user.value.groups is not defined and unix_user.value.uid is defined when: unix_user.value.groups is not defined and unix_user.value.uid is defined
no_log: true
- name: "Create unix user with additional groups and uid: {{ unix_user.key }}" - name: "Create unix user with additional groups and uid: {{ unix_user.key }}"
ansible.builtin.user: ansible.builtin.user:
@ -41,10 +39,9 @@
create_home: "{{ unix_user.value.create_home | default(true) }}" create_home: "{{ unix_user.value.create_home | default(true) }}"
home: "{{ user_user_home }}" home: "{{ user_user_home }}"
shell: "{{ unix_user.value.shell | default('/bin/bash') }}" shell: "{{ unix_user.value.shell | default('/bin/bash') }}"
password: "{{ (unix_user.value.password | password_hash('sha512')) | default('!') }}" password: "{{ unix_user.value.password | password_hash('sha512') if unix_user.value.password is defined and unix_user.value.password | length > 0 else '!' }}"
state: present state: present
when: unix_user.value.groups is defined and unix_user.value.uid is defined when: unix_user.value.groups is defined and unix_user.value.uid is defined
no_log: true
- name: "Create unix user with additional groups and without uid: {{ unix_user.key }}" - name: "Create unix user with additional groups and without uid: {{ unix_user.key }}"
ansible.builtin.user: ansible.builtin.user:
@ -55,10 +52,9 @@
create_home: "{{ unix_user.value.create_home | default(true) }}" create_home: "{{ unix_user.value.create_home | default(true) }}"
home: "{{ user_user_home }}" home: "{{ user_user_home }}"
shell: "{{ unix_user.value.shell | default('/bin/bash') }}" shell: "{{ unix_user.value.shell | default('/bin/bash') }}"
password: "{{ (unix_user.value.password | password_hash('sha512')) | default('!') }}" password: "{{ unix_user.value.password | password_hash('sha512') if unix_user.value.password is defined and unix_user.value.password | length > 0 else '!' }}"
state: present state: present
when: unix_user.value.groups is defined and unix_user.value.uid is not defined when: unix_user.value.groups is defined and unix_user.value.uid is not defined
no_log: true
- name: "Create .ssh directory for unix user: {{ unix_user.key }}" - name: "Create .ssh directory for unix user: {{ unix_user.key }}"
ansible.builtin.file: ansible.builtin.file: