mg
e746c9f62b
Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: mg/ansible#281 Co-authored-by: mg <michael.grote@posteo.de> Co-committed-by: mg <michael.grote@posteo.de>
34 lines
900 B
YAML
34 lines
900 B
YAML
---
|
|
- name: ensure group exists
|
|
become: true
|
|
ansible.builtin.group:
|
|
name: "{{ rasdaemon_user_group }}"
|
|
state: present
|
|
when:
|
|
- rasdaemon_user_group is defined
|
|
|
|
- name: ensure user exists
|
|
become: true
|
|
ansible.builtin.user:
|
|
name: "{{ rasdaemon_user }}"
|
|
group: "{{ rasdaemon_user_group }}"
|
|
shell: /usr/sbin/nologin
|
|
create_home: no
|
|
when:
|
|
- rasdaemon_user_group is defined
|
|
- rasdaemon_user is defined
|
|
|
|
- name: add user to sudoers
|
|
become: true
|
|
ansible.builtin.blockinfile:
|
|
path: /etc/sudoers
|
|
state: present
|
|
block: |
|
|
{{ rasdaemon_user }} ALL=(ALL) NOPASSWD:ALL
|
|
validate: '/usr/sbin/visudo -cf %s'
|
|
backup: yes
|
|
marker_begin: rasdaemon-sudoers BEGIN
|
|
marker_end: rasdaemon-sudoers END
|
|
when:
|
|
- rasdaemon_user_group is defined
|
|
- rasdaemon_user is defined
|