ctucx.git: ansible-configs

My personal ansible roles and playbooks [deprecated in favor of nixos]

path: /roles/common/tasks/users.yml 1.47 KB | plain
1 
2 
3 
4 
5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
17 
18 
19 
20 
21 
22 
23 
24 
25 
26 
27 
28 
29 
30 
31 
32 
33 
34 
35 
36 
37 
38 
39 
40 
41 
42 
43 
44 
45 
46 
47 
48 
49 
50 
51 
52 
53 
54 
55 
56 
57 
58 
---

- name: "Add groups" 
  group:
    name: "{{ item.name }}"
    state: present
  loop: "{{ system.users }}"

- name: "Add users" 
  user:
    append: yes
    name: "{{ item.name }}"
    group: "{{ item.name }}"
    groups: "{{ item.groups | default() }}"
    shell: "{{ item.shell | default('/bin/sh') }}"
    password: "{{item.password | password_hash('sha512', 65534 | random(seed=inventory_hostname) | string) }}"
  when: item.name != 'root'
  loop: "{{ system.users }}"

- name: "Create ~/.ssh directory for users"
  file:
    state: directory
    dest: "/home/{{ item.name }}/.ssh/"
    mode: 0755
    owner: "{{ item.name }}"
    group: "{{ item.name }}"
  when: item.name != 'root'
  loop: "{{ system.users }}"

- name: "Place ssh-key for users"
  copy:
    content: "{{ item.allowedSshKeys | join('\n') }}"
    dest: "/home/{{ item.name }}/.ssh/authorized_keys"
    mode: 0644    
    owner: "{{ item.name }}"
    group: "{{ item.name }}"
  when: item.name != 'root'
  loop: "{{ system.users }}"

- name: "Create ~/.ssh directory for root"
  file:
    state: directory
    dest: "/root/.ssh/"
    mode: 0755
    owner: "{{ item.name }}"
    group: "{{ item.name }}"
  when: item.name == 'root'
  loop: "{{ system.users }}"

- name: "Place ssh-key for root"
  copy:
    content: "{{ item.allowedSshKeys | join('\n') }}"
    dest: "/root/.ssh/authorized_keys"
    mode: 0644    
    owner: "{{ item.name }}"
    group: "{{ item.name }}"
  when: item.name == 'root'
  loop: "{{ system.users }}"