homeserver/roles/mgrote.ecc-rasdaemon/tasks/user.yml

---
  - name: ensure group exists
    become: true
    ansible.builtin.group:
      name: "{{ rasdaemon_user_group }}"
      state: present
    when:
      - rasdaemon_user_group is defined

  - name: ensure user exists
    become: true
    ansible.builtin.user:
      name: "{{ rasdaemon_user }}"
      group: "{{ rasdaemon_user_group }}"
      shell: /usr/sbin/nologin
      create_home: no
    when:
      - rasdaemon_user_group is defined
      - rasdaemon_user is defined

  - name: add user to sudoers
    become: true
    ansible.builtin.blockinfile:
      path: /etc/sudoers
      state: present
      block:  |
        {{ rasdaemon_user }} ALL=(ALL) NOPASSWD:ALL
      validate: '/usr/sbin/visudo -cf %s'
      backup: yes
      marker_begin: rasdaemon-sudoers BEGIN
      marker_end: rasdaemon-sudoers END
    when:
      - rasdaemon_user_group is defined
      - rasdaemon_user is defined
ansible: user für rasdaemon erstellt (#270) Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/270 Co-authored-by: mg <michael.grote@posteo.de> Co-committed-by: mg <michael.grote@posteo.de> 2021-12-12 16:07:35 +01:00			`---`
			`- name: ensure group exists`
			`become: true`
			`ansible.builtin.group:`
			`name: "{{ rasdaemon_user_group }}"`
			`state: present`
			`when:`
			`- rasdaemon_user_group is defined`

			`- name: ensure user exists`
			`become: true`
			`ansible.builtin.user:`
			`name: "{{ rasdaemon_user }}"`
			`group: "{{ rasdaemon_user_group }}"`
			`shell: /usr/sbin/nologin`
user: erstelle kein Home-Verzeichnisse für Script-User (#281) Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/281 Co-authored-by: mg <michael.grote@posteo.de> Co-committed-by: mg <michael.grote@posteo.de> 2021-12-15 21:41:53 +01:00			`create_home: no`
ansible: user für rasdaemon erstellt (#270) Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/270 Co-authored-by: mg <michael.grote@posteo.de> Co-committed-by: mg <michael.grote@posteo.de> 2021-12-12 16:07:35 +01:00			`when:`
			`- rasdaemon_user_group is defined`
			`- rasdaemon_user is defined`

			`- name: add user to sudoers`
			`become: true`
			`ansible.builtin.blockinfile:`
			`path: /etc/sudoers`
			`state: present`
			`block: \|`
			`{{ rasdaemon_user }} ALL=(ALL) NOPASSWD:ALL`
			`validate: '/usr/sbin/visudo -cf %s'`
			`backup: yes`
Bugfix: sanoid/rasdaemon: sudoers Marker angepasst (#274) Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/274 Co-authored-by: mg <michael.grote@posteo.de> Co-committed-by: mg <michael.grote@posteo.de> 2021-12-13 10:28:18 +01:00			`marker_begin: rasdaemon-sudoers BEGIN`
			`marker_end: rasdaemon-sudoers END`
ansible: user für rasdaemon erstellt (#270) Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/270 Co-authored-by: mg <michael.grote@posteo.de> Co-committed-by: mg <michael.grote@posteo.de> 2021-12-12 16:07:35 +01:00			`when:`
			`- rasdaemon_user_group is defined`
			`- rasdaemon_user is defined`