2024-11-09 10:16:52 +01:00
|
|
|
---
|
|
|
|
- name: setup minio users
|
2024-11-09 10:54:39 +01:00
|
|
|
ansible.builtin.command: "{{ minio_client_bin }} --dp admin user add {{ minio_root_alias }} {{ item.name }} {{ item.secret }}"
|
2024-11-09 10:16:52 +01:00
|
|
|
loop: "{{ minio_users }}"
|
2024-11-09 10:45:17 +01:00
|
|
|
register: users
|
|
|
|
|
|
|
|
# mg@irantu ~
|
|
|
|
# > ./mc --dp admin accesskey list minio_root --all
|
|
|
|
# User: m-admin
|
|
|
|
# Access Keys:
|
2024-11-09 10:55:16 +01:00
|
|
|
# xxx, expires: 1 hour ago, sts: true
|
|
|
|
# xxx, expires: never, sts: false
|
2024-11-09 10:45:17 +01:00
|
|
|
# User: testuser1
|
|
|
|
# Access Keys:
|
|
|
|
# ekWgpsClIB5SDT2bJSqS, expires: never, sts: false
|
|
|
|
# 6ZP41ECPMGQM5IFXNN9E, expires: never, sts: false
|
|
|
|
# KFOB01AASUOQQ6PUZ0K2, expires: never, sts: false
|
|
|
|
# FYTEFK8ODQZOYFHCJUW7, expires: never, sts: false
|
|
|
|
# WIKS93B4323YI2WN0P5U, expires: never, sts: false
|
|
|
|
# User: testuser7
|
|
|
|
#
|
|
|
|
# mg@irantu ~
|
|
|
|
# > ./mc --dp admin accesskey list minio_root testuser7
|
|
|
|
# User: testuser7
|
|
|
|
|
2024-11-09 11:03:39 +01:00
|
|
|
# 1. check if user has access keys{wenn access}
|
2024-11-09 10:47:22 +01:00
|
|
|
# 2. when not create one, else skip
|
2024-11-09 11:03:39 +01:00
|
|
|
# whe exist, then display if param is set
|
2024-11-09 10:45:17 +01:00
|
|
|
|
2024-11-09 11:10:18 +01:00
|
|
|
- name: Get access keys for each user
|
2024-11-09 11:00:18 +01:00
|
|
|
ansible.builtin.command: "{{ minio_client_bin }} --dp admin accesskey list {{ minio_root_alias }} {{ item.name }}"
|
2024-11-09 10:45:17 +01:00
|
|
|
loop: "{{ minio_users }}"
|
|
|
|
register: keys
|
|
|
|
|
2024-11-09 11:14:20 +01:00
|
|
|
- name: Debug Print users with access keys
|
2024-11-09 10:47:22 +01:00
|
|
|
ansible.builtin.debug:
|
2024-11-09 11:07:25 +01:00
|
|
|
msg: "User {{ item.item.name }} has access keys: {{ item.stdout }}"
|
2024-11-09 11:05:58 +01:00
|
|
|
loop: "{{ keys.results }}"
|
2024-11-09 11:07:25 +01:00
|
|
|
when: "'Access Keys:' in item.stdout"
|
2024-11-09 10:45:17 +01:00
|
|
|
|
2024-11-09 11:10:18 +01:00
|
|
|
- name: Create access keys for users without them
|
|
|
|
ansible.builtin.command: "{{ minio_client_bin }} --dp admin accesskey create {{ minio_root_alias }} {{ item.item.name }}"
|
|
|
|
loop: "{{ keys.results }}"
|
|
|
|
when: "'Access Keys:' not in item.stdout"
|
2024-11-09 11:12:08 +01:00
|
|
|
register: new_keys
|
2024-11-09 11:10:18 +01:00
|
|
|
|
2024-11-09 11:11:31 +01:00
|
|
|
|
2024-11-09 11:10:18 +01:00
|
|
|
|
2024-11-09 11:14:20 +01:00
|
|
|
|
2024-11-09 10:45:17 +01:00
|
|
|
# mehrere keys pro user?
|
|
|
|
# wie ausgeben?
|
2024-11-09 11:00:18 +01:00
|
|
|
|
|
|
|
|
|
|
|
# no_log überall bei keys und users
|
|
|
|
# linter
|
|
|
|
# succssfu/changed_when
|
2024-11-09 11:14:58 +01:00
|
|
|
# state absent einbauen
|