Michael Grote
812e75a196
Some checks failed
ci/woodpecker/pr/gitleaks Pipeline failed
ci/woodpecker/pull_request_closed/gitleaks Pipeline failed
ci/woodpecker/push/gitleaks Pipeline was successful
ci/woodpecker/pr/ansible-lint unknown status
ci/woodpecker/pull_request_closed/ansible-lint unknown status
ci/woodpecker/push/ansible-lint Pipeline failed
Reviewed-on: #161 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de>
44 lines
1.4 KiB
YAML
44 lines
1.4 KiB
YAML
---
|
|
- name: set groups as list
|
|
ansible.builtin.set_fact:
|
|
groups_as_list: "{{ (((((groups_as_list | default([]) + item.groups.split(','))) | map('trim')) | list) | sort) | unique }}"
|
|
loop: '{{ users }}'
|
|
when: item.groups is defined
|
|
|
|
- name: create groups
|
|
ansible.builtin.group:
|
|
name: "{{ item }}"
|
|
state: present
|
|
loop: "{{ groups_as_list }}"
|
|
when: groups_as_list is defined
|
|
|
|
- name: create users
|
|
ansible.builtin.user:
|
|
name: "{{ item.username }}"
|
|
uid: "{{ item.uid | default(omit) }}"
|
|
shell: "{{ item.shell | default('/bin/bash') }}"
|
|
password: "{{ item.password }}"
|
|
update_password: "{{ item.update_password | default(omit) }}"
|
|
groups: "{{ item.groups | default(omit) }}"
|
|
createhome: "{{ item.createhome | default('yes') }}"
|
|
state: "{{ item.state | default('present') }}"
|
|
loop: '{{ users }}'
|
|
|
|
- name: add ssh key
|
|
ansible.posix.authorized_key:
|
|
user: "{{ item.username }}"
|
|
key: "{{ item.public_ssh_key }}"
|
|
state: present
|
|
when: item.public_ssh_key is defined
|
|
loop: '{{ users }}'
|
|
|
|
- name: add to sudoers
|
|
ansible.builtin.lineinfile:
|
|
dest: /etc/sudoers
|
|
state: present
|
|
regexp: '^{{ item.username }} '
|
|
line: "{{ item.username }} ALL=(ALL) {{ 'NOPASSWD:' if (item.allow_passwordless_sudo | d(false)) else '' }}ALL"
|
|
validate: 'visudo -cf %s'
|
|
when: item.allow_sudo|default(false) and item.allow_sudo is defined
|
|
loop: '{{ users }}'
|