Permalink
Fetching contributors…
Cannot retrieve contributors at this time
68 lines (61 sloc) 2.39 KB
---
- name: Creating groups
group: name="{{item.name}}" gid="{{item.gid | default(omit)}}"
with_items: "{{groups_to_create}}"
tags: ['users','groups','configuration']
- name: Per-user group creation
group: name="{{item.username}}"
gid="{{item.gid | default(item.uid) | default(omit)}}"
with_items: "{{users}}"
when: "'group' not in item and users_create_per_user_group"
tags: ['users','configuration']
- name: User creation
user:
name: "{{item.username}}"
group: "{{item.group | default(item.username if users_create_per_user_group else users_group)}}"
# empty string removes user from all secondary groups
groups: "{{item.groups | join(',') if 'groups' in item else ''}}"
append: "{{item.append | default(omit)}}"
shell: "{{item.shell if item.shell is defined else users_default_shell}}"
password: "{{item.password if item.password is defined else '!'}}"
comment: "{{item.name if item.name is defined else ''}}"
uid: "{{item.uid | default(omit)}}"
home: "{{ item.home | default('/home/' + item.username) }}"
createhome: "{{'yes' if users_create_homedirs else 'no'}}"
generate_ssh_key: "{{ item.generate_ssh_key | default(omit) }}"
update_password: "{{item.update_password | default(omit)}}"
with_items: "{{users}}"
tags: ['users','configuration']
- name: SSH keys
authorized_key:
user: "{{item.0.username}}"
key: "{{item.1}}"
path: "{{ item.0.home | default('/home/' + item.0.username) }}/.ssh/authorized_keys"
with_subelements:
- "{{users}}"
- ssh_key
- skip_missing: yes
tags: ['users','configuration']
- name: Setup user profiles
blockinfile:
block: "{{item.profile}}"
dest: "{{ item.home | default('/home/' + item.username) }}/.profile"
owner: "{{item.username}}"
group: "{{item.group | default(item.username if users_create_per_user_group else users_group)}}"
mode: 0644
create: true
when: users_create_homedirs and item.profile is defined
with_items: "{{users}}"
- name: Deleted user removal
user:
name: "{{item.username}}"
state: absent
remove: "{{item.remove | default(omit)}}"
force: "{{item.force | default(omit)}}"
with_items: "{{users_deleted}}"
tags: ['users','configuration']
- name: Deleted per-user group removal
group: name="{{item.username}}" state=absent
with_items: "{{users_deleted}}"
when: users_create_per_user_group
tags: ['users','configuration']