aboutsummaryrefslogtreecommitdiff
path: root/os/config/roles/users
diff options
context:
space:
mode:
Diffstat (limited to 'os/config/roles/users')
-rw-r--r--os/config/roles/users/files/alex-key1.pub1
-rw-r--r--os/config/roles/users/files/alex-key2.pub1
-rw-r--r--os/config/roles/users/files/florian-key1.pub1
-rw-r--r--os/config/roles/users/files/florian-key2.pub1
-rw-r--r--os/config/roles/users/files/maximilien-key1.pub1
-rw-r--r--os/config/roles/users/files/quentin-key1.pub1
-rw-r--r--os/config/roles/users/files/quentin-key2.pub1
-rw-r--r--os/config/roles/users/tasks/main.yml39
-rw-r--r--os/config/roles/users/vars/main.yml30
9 files changed, 76 insertions, 0 deletions
diff --git a/os/config/roles/users/files/alex-key1.pub b/os/config/roles/users/files/alex-key1.pub
new file mode 100644
index 0000000..93514ab
--- /dev/null
+++ b/os/config/roles/users/files/alex-key1.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIDdVbA9fEdqSr5UJ77NnoIqDTVp8ca5kHExhZYI4ecBExFJfonJllXMBN9KdC4ukxtY8Ug47PcMOfMaTBZQc+e+KpvDWpkBt15Xpem3RCxmMBES79sLL7LgtAdBXc5mNaCX8EOEVixWKdarjvxRyf6py6the51G5muaiMpoj5fae4ZpRGjhGTPefzc7y7zRWBUUZ8pYHW774BIaK6XT9gn3hyHV+Occjl/UODXvodktk55YtnuPi8adXTYEsHrVVz8AkFhx+cr0U/U8vtQnsTrZG+JmgQLqpXVs0RDw5bE1RefEbMuYNKxutYKUe3L+ZJtDe0M0MqOFI8a4F5TxP5 katchup@konata
diff --git a/os/config/roles/users/files/alex-key2.pub b/os/config/roles/users/files/alex-key2.pub
new file mode 100644
index 0000000..1eddcc8
--- /dev/null
+++ b/os/config/roles/users/files/alex-key2.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJk4tAEhDkLeik9eEHIHMliyckM/gWr/k6fX/CSmayCM katchup@charlotte
diff --git a/os/config/roles/users/files/florian-key1.pub b/os/config/roles/users/files/florian-key1.pub
new file mode 100644
index 0000000..47b5593
--- /dev/null
+++ b/os/config/roles/users/files/florian-key1.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC/qOM2BYy3UFycDylioACWrnDwg69AoTNE6Ym9W4WI2R+FXd6A1DDG+NLW2orUfkARcJGYEXkzsd3wjDg0s+FS23QWTP+JTkZbdGzuMAcoNeJBtgsCq6m5Q2kvrQc5RscYBr/OZtx2PUfrGyRE3yiVCj38zOgRLRWY0Iqs97tlH74YP4BG3jQ/MI5zXEptWcXBO86FtISB3QyHPRg5OH0192094X/QcG18GKd2ORxC/ZcwK9GdEbJJHgkxJ0TbsQO3KfNTEFBCiynYpYViBsQZsrdBkw4sHHy5OKEahIexdpUg8EJhpyzLn6pvGSqua/mVxirJazgNgtvLlrUsAuNd4/HoWRSqzh51/4hQJ3BV4Yed/tX0rwlT/ZzIIzpGw+qJF3IVuxdvXIineNAEyjVfLVT6hADyQu52ziHSE0cVmUkWT0R7ZgPku0PRBuSeewJIm8uLM69GU/GeRt+mSNl6xOvtBrY/j6sRHcMROlgSHhJ6YnvmkiYXl0MyrH9YGc8=
diff --git a/os/config/roles/users/files/florian-key2.pub b/os/config/roles/users/files/florian-key2.pub
new file mode 100644
index 0000000..f9935b3
--- /dev/null
+++ b/os/config/roles/users/files/florian-key2.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC0OcDsEZdiizsz8UIgOIqOQilnHWq0sOxuu6idOqqLVYLPZEv8owdeC5oIgQj94BcKnRzpe8UHxN13GQdEWsqCim6Zn8G5x1HdZDBC83466x3i6KBkMP0dk+h47tENxKFXBPUbh/2sR8r/lZXEhzCCo7tpVuRZpCc/r8WPbAQpLgDO2D0dR7etwf3ndgObxQU0w7WbN+7NzmaHE+VQLu/pqH0op8jZyebfb26XhZ1JnNrDhp86KYbusagn6wUwp3vaJmK9UyEMi21E5HI0ri51+FP8kaTCUpgIRmgIkKFFWiup5I56K8cpgZHcJ4NY7G3jHJeI3KBlazVMyhDVJ5glI1mV0zgdr7BRGqhn70hjf5vbkzcHbRVaMaGzGENLpTFWnaONB/EbqRghWsiVpV75BYzvxSSM8Yrx8pwKUBtLWU+FjljwuumXNLigLIc/FTxdcLvZudn51+XdJXtCBrBI1H22Q7kYXz7Pi800CDLQ8rUWkW8upQ+zu5fSRH+Ptwc=
diff --git a/os/config/roles/users/files/maximilien-key1.pub b/os/config/roles/users/files/maximilien-key1.pub
new file mode 100644
index 0000000..963b1f9
--- /dev/null
+++ b/os/config/roles/users/files/maximilien-key1.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHMMR6zNzz8NQU80wFquhUCeiXJuGphjP+zNouKbn228GyESu8sfNBwnuZq86vblR11Lz8l2rtCM73GfAKg29qmUWUHRKWvRIYWv2vaUJcCdy0bAxIzcvCvjZX0SpnIKxe9y3Rp0LGO5WLYfw0ZFaavwFZP0Z8w1Kj9/zBmL2X2avbhkaYHi/C1yXhbvESYQysmqLa48EX/TS616MBrgR9zbI9AoTQ9NOHnR14Tve/AP/khcZoBJdm4hTttMbNkEc0wonzdylTDew263SPRs/uoqnQIpUtErdPHqU10Yup8HjXjEyFJsSwcZcM5sZOw5JKckKJwmcd0yjO/x/4/Mk5
diff --git a/os/config/roles/users/files/quentin-key1.pub b/os/config/roles/users/files/quentin-key1.pub
new file mode 100644
index 0000000..f3667e0
--- /dev/null
+++ b/os/config/roles/users/files/quentin-key1.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDT1+H08FdUSvdPpPKdcafq4+JRHvFVjfvG5Id97LAoROmFRUb/ZOMTLdNuD7FqvW0Da5CPxIMr8ZxfrFLtpGyuG7qdI030iIRZPlKpBh37epZHaV+l9F4ZwJQMIBO9cuyLPXgsyvM/s7tDtrdK1k7JTf2EVvoirrjSzBaMhAnhi7//to8zvujDtgDZzy6aby75bAaDetlYPBq2brWehtrf9yDDG9WAMYJqp//scje/WmhbRR6eSdim1HaUcWk5+4ZPt8sQJcy8iWxQ4jtgjqTvMOe5v8ZPkxJNBine/ZKoJsv7FzKem00xEH7opzktaGukyEqH0VwOwKhmBiqsX2yN quentin@dufour.io
diff --git a/os/config/roles/users/files/quentin-key2.pub b/os/config/roles/users/files/quentin-key2.pub
new file mode 100644
index 0000000..c1b19fd
--- /dev/null
+++ b/os/config/roles/users/files/quentin-key2.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBu+KUebaWwlugMC5fGbNhHc6IaQDAC6+1vMc4Ww7nVU1rs2nwI7L5qcWxOwNdhFaorZQZy/fJuCWdFbF61RCKGayBWPLZHGPsfqDuggYNEi1Qil1kpeCECfDQNjyMTK058ZBBhOWNMHBjlLWXUlRJDkRBBECY0vo4jRv22SvSaPUCAnkdJ9rbAp/kqb497PTIb2r1l1/ew8YdhINAlpYQFQezZVfkZdTKxt22n0QCjhupqjfh3gfNnbBX0z/iO+RvAOWRIZsjPFLC+jXl+n7cnu2cq1nvST5eHiYfXXeIgIwmeENLKqp+2Twr7PIdv22PnJkh6iR5kx7eTRxkNZdN quentin@deuxfleurs.fr
diff --git a/os/config/roles/users/tasks/main.yml b/os/config/roles/users/tasks/main.yml
new file mode 100644
index 0000000..990a041
--- /dev/null
+++ b/os/config/roles/users/tasks/main.yml
@@ -0,0 +1,39 @@
+- name: Add users in the system
+ user:
+ name: "{{ item.username }}"
+ #groups: docker
+ shell: "{{ item.shell | default('/bin/bash') }}"
+ append: no
+ loop: "{{ active_users
+ | selectattr('is_admin', 'defined')
+ | rejectattr('is_admin')
+ | list
+ | union( active_users
+ | selectattr('is_admin', 'undefined')
+ | list )}}"
+
+- name: Set admin rights
+ user:
+ name: "{{ item.username }}"
+ groups: docker, sudo
+ shell: "{{ item.shell | default('/bin/bash') }}"
+ append: no
+ loop: "{{ active_users
+ | selectattr('is_admin', 'defined')
+ | selectattr('is_admin')
+ | list }}"
+
+# [V How SSH Key works] magic is done by subelements, understand the trick at:
+# https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#subelements-filter
+- name: Add SSH keys
+ authorized_key:
+ user: "{{ item.0.username }}"
+ state: present
+ key: "{{ lookup('file', item.1) }}"
+ loop: "{{ active_users | subelements('ssh_keys', skip_missing=True) }}"
+
+- name: Disable old users
+ user:
+ name: "{{ item }}"
+ state: absent
+ loop: "{{ disabled_users }}"
diff --git a/os/config/roles/users/vars/main.yml b/os/config/roles/users/vars/main.yml
new file mode 100644
index 0000000..5f4df4d
--- /dev/null
+++ b/os/config/roles/users/vars/main.yml
@@ -0,0 +1,30 @@
+---
+active_users:
+ - username: 'quentin'
+ is_admin: true
+ ssh_keys:
+ - 'quentin-key1.pub'
+ - 'quentin-key2.pub'
+
+ - username: 'alex'
+ is_admin: true
+ ssh_keys:
+ - 'alex-key1.pub'
+ - 'alex-key2.pub'
+
+ - username: 'maximilien'
+ is_admin: true
+ ssh_keys:
+ - 'maximilien-key1.pub'
+
+ - username: 'florian'
+ is_admin: false
+ ssh_keys:
+ - 'quentin-key1.pub'
+ #- 'florian-key1.pub'
+ #- 'florian-key2.pub'
+
+disabled_users:
+ - 'john.doe'
+ - 'erwan'
+ - 'valentin'