From a23e08ce20887efb4e158a02ffee1f775a0db89f Mon Sep 17 00:00:00 2001
From: Quentin <quentin@deuxfleurs.fr>
Date: Sat, 12 Sep 2020 20:17:07 +0200
Subject: Refactor 2

---
 os/config/roles/users/tasks/main.yml | 39 ++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 os/config/roles/users/tasks/main.yml

(limited to 'os/config/roles/users/tasks/main.yml')

diff --git a/os/config/roles/users/tasks/main.yml b/os/config/roles/users/tasks/main.yml
new file mode 100644
index 0000000..990a041
--- /dev/null
+++ b/os/config/roles/users/tasks/main.yml
@@ -0,0 +1,39 @@
+- name: Add users in the system
+  user:
+    name: "{{ item.username }}"
+    #groups: docker
+    shell: "{{ item.shell | default('/bin/bash') }}"
+    append: no
+  loop: "{{ active_users
+    | selectattr('is_admin', 'defined') 
+    | rejectattr('is_admin')
+    | list
+    | union( active_users
+    | selectattr('is_admin', 'undefined') 
+    | list )}}"
+
+- name: Set admin rights
+  user:
+    name: "{{ item.username }}"
+    groups: docker, sudo
+    shell: "{{ item.shell | default('/bin/bash') }}"
+    append: no
+  loop: "{{ active_users
+    | selectattr('is_admin', 'defined') 
+    | selectattr('is_admin') 
+    | list }}"
+
+# [V How SSH Key works] magic is done by subelements, understand the trick at:
+# https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#subelements-filter
+- name: Add SSH keys
+  authorized_key:
+    user: "{{ item.0.username }}"
+    state: present
+    key: "{{ lookup('file', item.1) }}"
+  loop: "{{ active_users | subelements('ssh_keys', skip_missing=True) }}"
+
+- name: Disable old users
+  user:
+    name: "{{ item }}"
+    state: absent
+  loop: "{{ disabled_users }}"
-- 
cgit v1.2.3