volker.raschek/ansible-role-unix-users
1
0
Fork 0
Code Issues 3 Pull Requests Projects Releases Wiki Activity

style(unix_users): name of tasks, use built in module
Some checks reported errors
continuous-integration/drone/push Build was killed
Details

Browse Source
This commit is contained in:
Markus Pesch 2023-02-12 15:08:40 +01:00
parent 9f43029353
commit 9f36a69078
Signed by: volker.raschek
GPG Key ID: 852BCC170D81A982
5 changed files with 30 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
tasks/create_unix_group.yml
View File

@ -1,13 +1,13 @@
--- ---
- name: Create unix group {{ unix_group.key }} with random gid - name: "Create unix group with random gid: {{ unix_group.key }}"
group: ansible.builtin.group:
name: "{{ unix_group.key }}" name: "{{ unix_group.key }}"
state: "{{ unix_group.value.state | default('present') }}" state: "{{ unix_group.value.state | default('present') }}"
when: unix_group.value.gid is not defined or unix_group.value.gid is defined and unix_group.value.gid | length <= 0 when: unix_group.value.gid is not defined or unix_group.value.gid is defined and unix_group.value.gid | length <= 0
- name: Create unix group {{ unix_group.key }} with pre-defined gid - name: "Create unix group with pre-defined gid: {{ unix_group.key }}"
group: ansible.builtin.group:
name: "{{ unix_group.key }}" name: "{{ unix_group.key }}"
gid: "{{ unix_group.value.gid }}" gid: "{{ unix_group.value.gid }}"
state: "{{ unix_group.value.state | default('present') }}" state: "{{ unix_group.value.state | default('present') }}"

40
tasks/create_unix_user.yml
View File

@ -1,11 +1,11 @@
--- ---
- name: Define home directory for user {{ unix_user.key }} - name: "Define home directory for unix user: {{ unix_user.key }}"
ansible.builtin.set_fact: ansible.builtin.set_fact:
user_user_home: "{{ unix_user.value.home | default('/home/' + unix_user.key) }}" user_user_home: "{{ unix_user.value.home | default('/home/' + unix_user.key) }}"
- name: Create unix user {{ unix_user.key }} without additional groups and uid - name: "Create unix user without additional groups and uid: {{ unix_user.key }}"
user: ansible.builtin.user:
name: "{{ unix_user.key }}" name: "{{ unix_user.key }}"
group: "{{ unix_user.value.group | default('users') }}" group: "{{ unix_user.value.group | default('users') }}"
comment: "{{ unix_user.value.name }}" comment: "{{ unix_user.value.name }}"
@ -16,8 +16,8 @@
state: present state: present
when: "unix_user.value.groups is not defined and unix_user.value.uid is not defined" when: "unix_user.value.groups is not defined and unix_user.value.uid is not defined"
- name: Create unix user {{ unix_user.key }} without additional groups and with uid - name: "Create unix user without additional groups and with uid: {{ unix_user.key }}"
user: ansible.builtin.user:
name: "{{ unix_user.key }}" name: "{{ unix_user.key }}"
uid: "{{ unix_user.value.uid }}" uid: "{{ unix_user.value.uid }}"
group: "{{ unix_user.value.group | default('users') }}" group: "{{ unix_user.value.group | default('users') }}"
@ -29,8 +29,8 @@
state: present state: present
when: "unix_user.value.groups is not defined and unix_user.value.uid is defined" when: "unix_user.value.groups is not defined and unix_user.value.uid is defined"
- name: Create unix user {{ unix_user.key }} with additional groups and uid - name: "Create unix user with additional groups and uid: {{ unix_user.key }}"
user: ansible.builtin.user:
name: "{{ unix_user.key }}" name: "{{ unix_user.key }}"
uid: "{{ unix_user.value.uid }}" uid: "{{ unix_user.value.uid }}"
group: "{{ unix_user.value.group | default('users') }}" group: "{{ unix_user.value.group | default('users') }}"
@ -43,8 +43,8 @@
state: present state: present
when: "unix_user.value.groups is defined and unix_user.value.uid is defined" when: "unix_user.value.groups is defined and unix_user.value.uid is defined"
- name: Create unix user {{ unix_user.key }} with additional groups and without uid - name: "Create unix user with additional groups and without uid: {{ unix_user.key }}"
user: ansible.builtin.user:
name: "{{ unix_user.key }}" name: "{{ unix_user.key }}"
group: "{{ unix_user.value.group | default('users') }}" group: "{{ unix_user.value.group | default('users') }}"
groups: "{{ unix_user.value.groups | join(',') }}" groups: "{{ unix_user.value.groups | join(',') }}"
@ -56,7 +56,7 @@
state: present state: present
when: "unix_user.value.groups is defined and unix_user.value.uid is not defined" when: "unix_user.value.groups is defined and unix_user.value.uid is not defined"
- name: Create .ssh directory for user {{ unix_user.key }} - name: "Create .ssh directory for unix user: {{ unix_user.key }}"
ansible.builtin.file: ansible.builtin.file:
path: "{{ user_user_home }}/.ssh" path: "{{ user_user_home }}/.ssh"
owner: "{{ unix_user.key }}" owner: "{{ unix_user.key }}"
@ -64,7 +64,7 @@
mode: 0700 mode: 0700
state: directory state: directory
- name: Create authorized_keys file for user {{ unix_user.key }} - name: "Create authorized_keys file for unix user: {{ unix_user.key }}"
ansible.builtin.template: ansible.builtin.template:
src: authorized_keys.j2 src: authorized_keys.j2
dest: "{{ user_user_home }}/.ssh/authorized_keys" dest: "{{ user_user_home }}/.ssh/authorized_keys"
@ -73,13 +73,13 @@
mode: 0600 mode: 0600
when: unix_user.value.ssh.authorized_keys is defined and unix_user.value.ssh.authorized_keys | length > 0 when: unix_user.value.ssh.authorized_keys is defined and unix_user.value.ssh.authorized_keys | length > 0
- name: Remove authorized_keys file for user {{ unix_user.key }} - name: "Remove authorized_keys file for unix user: {{ unix_user.key }}"
ansible.builtin.file: ansible.builtin.file:
path: "{{ user_user_home }}/.ssh/authorized_keys" path: "{{ user_user_home }}/.ssh/authorized_keys"
state: absent state: absent
when: unix_user.value.ssh.authorized_keys is not defined or unix_user.value.ssh.authorized_keys | length <= 0 when: unix_user.value.ssh.authorized_keys is not defined or unix_user.value.ssh.authorized_keys | length <= 0
- name: Create private SSH keys for user {{ unix_user.key }} - name: "Create private SSH keys for unix user: {{ unix_user.key }}"
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ playbook_dir }}/ssh/private_keys/{{ item }}" src: "{{ playbook_dir }}/ssh/private_keys/{{ item }}"
dest: "{{ user_user_home }}/.ssh/{{ item }}" dest: "{{ user_user_home }}/.ssh/{{ item }}"
@ -90,8 +90,8 @@
- "{{ unix_user.value.ssh.private_keys }}" - "{{ unix_user.value.ssh.private_keys }}"
when: unix_user.value.ssh.private_keys is defined and unix_user.value.ssh.private_keys | length >= 0 when: unix_user.value.ssh.private_keys is defined and unix_user.value.ssh.private_keys | length >= 0
- name: Extract public SSH keys from private keys for user {{ unix_user.key }} - name: "Extract public SSH keys from private keys for unix user: {{ unix_user.key }}"
shell: ansible.builtin.shell:
args: args:
executable: /bin/bash executable: /bin/bash
cmd: "ssh-keygen -y -f {{ user_user_home }}/.ssh/{{ item }} > {{ user_user_home }}/.ssh/{{ item }}.pub" cmd: "ssh-keygen -y -f {{ user_user_home }}/.ssh/{{ item }} > {{ user_user_home }}/.ssh/{{ item }}.pub"
@ -100,7 +100,7 @@
- "{{ unix_user.value.ssh.private_keys }}" - "{{ unix_user.value.ssh.private_keys }}"
when: unix_user.value.ssh.private_keys is defined and unix_user.value.ssh.private_keys | length >= 0 when: unix_user.value.ssh.private_keys is defined and unix_user.value.ssh.private_keys | length >= 0
- name: Correct permissions of public SSH keys for user {{ unix_user.key }} - name: "Correct permissions of public SSH keys for unix user: {{ unix_user.key }}"
ansible.builtin.file: ansible.builtin.file:
path: "{{ user_user_home }}/.ssh/{{ item }}.pub" path: "{{ user_user_home }}/.ssh/{{ item }}.pub"
owner: "{{ unix_user.key }}" owner: "{{ unix_user.key }}"
@ -110,7 +110,7 @@
- "{{ unix_user.value.ssh.private_keys }}" - "{{ unix_user.value.ssh.private_keys }}"
when: unix_user.value.ssh.private_keys is defined and unix_user.value.ssh.private_keys | length >= 0 when: unix_user.value.ssh.private_keys is defined and unix_user.value.ssh.private_keys | length >= 0
- name: Create custom SSH client config for user {{ unix_user.key }} - name: "Create custom SSH client config for unix user: {{ unix_user.key }}"
ansible.builtin.template: ansible.builtin.template:
src: config.j2 src: config.j2
dest: "{{ user_user_home }}/.ssh/config" dest: "{{ user_user_home }}/.ssh/config"
@ -119,13 +119,13 @@
mode: 0644 mode: 0644
when: unix_user.value.ssh.config is defined and unix_user.value.ssh.config | length >= 0 when: unix_user.value.ssh.config is defined and unix_user.value.ssh.config | length >= 0
- name: Remove custom SSH client config for user {{ unix_user.key }} - name: "Remove custom SSH client config for unix user: {{ unix_user.key }}"
ansible.builtin.file: ansible.builtin.file:
path: "{{ user_user_home }}/.ssh/config" path: "{{ user_user_home }}/.ssh/config"
state: absent state: absent
when: unix_user.value.ssh.config is not defined when: unix_user.value.ssh.config is not defined
- name: Create .forward file to forward emails for user {{ unix_user.key }} - name: "Create .forward file to forward emails for unix user: {{ unix_user.key }}"
ansible.builtin.template: ansible.builtin.template:
src: forward.j2 src: forward.j2
dest: "{{ user_user_home }}/.forward" dest: "{{ user_user_home }}/.forward"
@ -134,7 +134,7 @@
mode: 0644 mode: 0644
when: unix_user.value.email is defined when: unix_user.value.email is defined
- name: Remove .forward file to forward emails for user {{ unix_user.key }} - name: "Remove .forward file to forward emails for unix user: {{ unix_user.key }}"
ansible.builtin.file: ansible.builtin.file:
path: "{{ user_user_home }}/.forward" path: "{{ user_user_home }}/.forward"
state: absent state: absent

8
tasks/main.yml
View File

@ -1,7 +1,7 @@
--- ---
- name: Remove unix user - name: Remove unix user
include_tasks: remove_unix_user.yml ansible.builtin.include_tasks: remove_unix_user.yml
with_dict: "{{ unix_users }}" with_dict: "{{ unix_users }}"
loop_control: loop_control:
loop_var: unix_user loop_var: unix_user
@ -11,7 +11,7 @@
unix_user.value.state == 'absent' unix_user.value.state == 'absent'
- name: Remove unix groups - name: Remove unix groups
include_tasks: remove_unix_group.yml ansible.builtin.include_tasks: remove_unix_group.yml
with_dict: "{{ unix_groups }}" with_dict: "{{ unix_groups }}"
loop_control: loop_control:
loop_var: unix_group loop_var: unix_group
@ -21,7 +21,7 @@
unix_group.value.state == 'absent' unix_group.value.state == 'absent'
- name: Create unix groups - name: Create unix groups
include_tasks: create_unix_group.yml ansible.builtin.include_tasks: create_unix_group.yml
with_dict: "{{ unix_groups }}" with_dict: "{{ unix_groups }}"
loop_control: loop_control:
loop_var: unix_group loop_var: unix_group
@ -33,7 +33,7 @@
) )
- name: Create unix users - name: Create unix users
include_tasks: create_unix_user.yml ansible.builtin.include_tasks: create_unix_user.yml
with_dict: "{{ unix_users }}" with_dict: "{{ unix_users }}"
loop_control: loop_control:
loop_var: unix_user loop_var: unix_user

2
tasks/remove_unix_group.yml
View File

@ -1,6 +1,6 @@
--- ---
- name: Remove unix group {{ unix_group.key }} - name: Remove unix group {{ unix_group.key }}
group: ansible.builtin.group:
name: "{{ unix_group.key }}" name: "{{ unix_group.key }}"
state: absent state: absent

2
tasks/remove_unix_user.yml
View File

@ -1,7 +1,7 @@
--- ---
- name: Remove unix user {{ unix_user.key }} - name: Remove unix user {{ unix_user.key }}
user: ansible.builtin.user:
name: "{{ unix_user.key }}" name: "{{ unix_user.key }}"
state: absent state: absent
remove: true remove: true