1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_collection_users.git synced 2024-08-16 10:29:50 +02:00
ansible_collection_users/roles/user/tasks/user_ansible.yml

41 lines
1.3 KiB
YAML
Raw Normal View History

2024-02-13 20:17:35 +01:00
---
- name: Create group ansible
become: true
ansible.builtin.group:
name: 'ansible'
2024-02-14 21:25:00 +01:00
state: "{{ l3d_users__ansible_user_state | ternary('present', 'absent') }}"
2024-02-13 20:17:35 +01:00
- name: Create user ansible
become: true
ansible.builtin.user:
name: 'ansible'
comment: 'User for ansible to login and perform tasks'
shell: '/bin/bash'
group: 'ansible'
2024-02-14 21:25:00 +01:00
state: "{{ l3d_users__ansible_user_state | ternary('present', 'absent') }}"
2024-04-16 14:09:31 +02:00
system: true
password: "{{ l3d_users__ansible_user_password }}"
2024-02-13 20:17:35 +01:00
create_home: true
- name: Set dedicated SSH keys for User ansible and drop all other keys
become: true
ansible.posix.authorized_key:
user: 'ansible'
2024-02-14 21:25:00 +01:00
state: "{{ l3d_users__ansible_user_state | ternary('present', 'absent') }}"
key: "{{ l3d_users__ansible_ssh_keys }}"
2024-02-13 20:17:35 +01:00
exclusive: true
2024-02-14 21:25:00 +01:00
when: l3d_users__set_ansible_ssh_keys | bool
2024-02-13 20:17:35 +01:00
- name: Add admin keys to user ansible
2024-02-13 20:23:39 +01:00
become: true
ansible.posix.authorized_key:
user: 'ansible'
2024-02-14 21:25:00 +01:00
state: "{{ l3d_users__ansible_user_state | ternary('present', 'absent') }}"
2024-02-18 15:44:57 +01:00
key: "{{ user.pubkeys | default() }}"
2024-04-09 18:27:39 +02:00
exclusive: false
2024-02-14 21:25:00 +01:00
loop: "{{ _l3d_users__merged_users }}"
2024-02-18 15:44:57 +01:00
when: user.admin | default(false) | bool and user.admin_ansible_login | default(true) | bool
loop_control:
2024-02-18 15:44:57 +01:00
label: "user={{ user.name }}"
loop_var: user