diff options
Diffstat (limited to 'os_config/roles/users/tasks/main.yml')
| -rw-r--r-- | os_config/roles/users/tasks/main.yml | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/os_config/roles/users/tasks/main.yml b/os_config/roles/users/tasks/main.yml new file mode 100644 index 0000000..990a041 --- /dev/null +++ b/os_config/roles/users/tasks/main.yml @@ -0,0 +1,39 @@ +- name: Add users in the system + user: + name: "{{ item.username }}" + #groups: docker + shell: "{{ item.shell | default('/bin/bash') }}" + append: no + loop: "{{ active_users + | selectattr('is_admin', 'defined') + | rejectattr('is_admin') + | list + | union( active_users + | selectattr('is_admin', 'undefined') + | list )}}" + +- name: Set admin rights + user: + name: "{{ item.username }}" + groups: docker, sudo + shell: "{{ item.shell | default('/bin/bash') }}" + append: no + loop: "{{ active_users + | selectattr('is_admin', 'defined') + | selectattr('is_admin') + | list }}" + +# [V How SSH Key works] magic is done by subelements, understand the trick at: +# https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#subelements-filter +- name: Add SSH keys + authorized_key: + user: "{{ item.0.username }}" + state: present + key: "{{ lookup('file', item.1) }}" + loop: "{{ active_users | subelements('ssh_keys', skip_missing=True) }}" + +- name: Disable old users + user: + name: "{{ item }}" + state: absent + loop: "{{ disabled_users }}" |