homeserver/roles/mgrote.zfs_sanoid/tasks/user.yml
2022-04-01 17:58:31 +02:00

34 lines
885 B
YAML

---
- name: ensure group exists
become: true
ansible.builtin.group:
name: "{{ sanoid_user_group }}"
state: present
when:
- sanoid_user_group is defined
- name: ensure user exists
become: true
ansible.builtin.user:
name: "{{ sanoid_user }}"
group: "{{ sanoid_user_group }}"
shell: /usr/sbin/nologin
create_home: no
when:
- sanoid_user_group is defined
- sanoid_user is defined
- name: add user to sudoers # ENTRFERNERN!!!!!
become: true
ansible.builtin.blockinfile:
path: /etc/sudoers
state: absent
block: |
{{ sanoid_user }} ALL=(ALL) NOPASSWD:ALL
validate: '/usr/sbin/visudo -cf %s'
backup: yes
marker_begin: sanoid-sudoers BEGIN
marker_end: sanoid-sudoers END
when:
- sanoid_user_group is defined
- sanoid_user is defined