Merge branch 'feature/rebase'

1 files changed, 39 insertions, 0 deletions

diff --git a/os/config/roles/users/tasks/main.yml b/os/config/roles/users/tasks/main.yml
new file mode 100644
index 0000000..990a041
--- /dev/null
+++ b/os/config/roles/users/tasks/main.yml
@@ -0,0 +1,39 @@
+- name: Add users in the system
+  user:
+    name: "{{ item.username }}"
+    #groups: docker
+    shell: "{{ item.shell | default('/bin/bash') }}"
+    append: no
+  loop: "{{ active_users
+    | selectattr('is_admin', 'defined') 
+    | rejectattr('is_admin')
+    | list
+    | union( active_users
+    | selectattr('is_admin', 'undefined') 
+    | list )}}"
+
+- name: Set admin rights
+  user:
+    name: "{{ item.username }}"
+    groups: docker, sudo
+    shell: "{{ item.shell | default('/bin/bash') }}"
+    append: no
+  loop: "{{ active_users
+    | selectattr('is_admin', 'defined') 
+    | selectattr('is_admin') 
+    | list }}"
+
+# [V How SSH Key works] magic is done by subelements, understand the trick at:
+# https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#subelements-filter
+- name: Add SSH keys
+  authorized_key:
+    user: "{{ item.0.username }}"
+    state: present
+    key: "{{ lookup('file', item.1) }}"
+  loop: "{{ active_users | subelements('ssh_keys', skip_missing=True) }}"
+
+- name: Disable old users
+  user:
+    name: "{{ item }}"
+    state: absent
+  loop: "{{ disabled_users }}"