ansible-roles
/
user-mgmnt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Inital

master
Oleg Vasilev 2022-02-28 22:43:30 +03:00
parent 3ed66111cf
commit 22d968e1a6
2 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
tasks/main.yml Normal file
View File

@ -0,0 +1,43 @@
---
- name: Users | Install sudo package
package:
name: sudo
state: present
- name: Users | Deploy /etc/sudoers
template:
src: sudoers.j2
dest: /etc/sudoers
mode: 0440
owner: root
group: root
- name: Users | Create groups
group:
name: "{{ item.name }}"
state: present
with_items: "{{ os_groups | default([]) }}"
- name: Users | Create users
user:
name: "{{ item.name }}"
state: "{{ item.state | default(omit) }}"
home: "{{ item.home | default(omit) }}"
move_home: yes
shell: "{{ item.shell | default(omit) }}"
password: "{{ item.password | default(omit) }}"
groups: "{{ item.groups | default(omit) }}"
append: no
system: "{{ item.system | default(omit) }}"
with_items: "{{ os_users }}"
- name: Users | Deploy ssh public keys
authorized_key:
exclusive: yes
user: "{{ item.name }}"
key: "{{ lookup(item.lookup, item.keys_source) }}"
with_items: "{{ os_users }}"
when:
- item.lookup is defined
- item.keys_source is defined

11
templates/sudoers.j2 Normal file
View File

@ -0,0 +1,11 @@
# {{ ansible_managed }}
root ALL=(ALL) ALL
%sudo ALL=(ALL) NOPASSWD: ALL
{% for user in managed_users %}
{% if user.sudoer %}
{{ user.name }} ALL=(ALL) NOPASSWD: ALL
{% endif %}
{% endfor %}