1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_collection_users.git synced 2024-08-16 10:29:50 +02:00

Create Option to only manage SSHD config

This commit is contained in:
L3D 2024-03-21 19:49:09 +01:00
parent c9da584816
commit 17eea551b5
Signed by: l3d
GPG key ID: CD08445BFF4313D1
9 changed files with 13 additions and 6 deletions

View file

@ -62,6 +62,7 @@ The Option of these directory-variables are the following.
| ``state`` | ``present`` | - | Create or delete user | | ``state`` | ``present`` | - | Create or delete user |
| ``shell`` | ``/bin/bash`` | - | The Shell of the User | | ``shell`` | ``/bin/bash`` | - | The Shell of the User |
| ``create_home`` | ``true`` | - | create a user home *(needed to store ssh keys)* | | ``create_home`` | ``true`` | - | create a user home *(needed to store ssh keys)* |
| ``home`` | *string* | - | Optionally set the user's home directory |
| ``admin`` | ``false`` | - | enable it to give the user superpowers | | ``admin`` | ``false`` | - | enable it to give the user superpowers |
| ``admin_commands`` | *string or list* | - | Commands that are allows to be run as admin, eg. 'ALL' or specific script | | ``admin_commands`` | *string or list* | - | Commands that are allows to be run as admin, eg. 'ALL' or specific script |
| ``admin_nopassword`` | ``false`` | - | Need no Password for sudo | | ``admin_nopassword`` | ``false`` | - | Need no Password for sudo |
@ -71,6 +72,7 @@ The Option of these directory-variables are the following.
| ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) | | ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
| ``groups`` | list | - | Additional groups for your user | | ``groups`` | list | - | Additional groups for your user |
| ``remove`` | ``false`` | - | completly remove user if ``state: absent`` | | ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
| ``only_sshd_config`` | ``false`` | Skip user and permission creation and only add user to SSHD config |
### Other variables ### Other variables
| name | default value | description | | name | default value | description |

View file

@ -31,6 +31,7 @@ The Option of these directory-variables are the following.
| ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) | | ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
| ``groups`` | list | - | Additional groups for your user | | ``groups`` | list | - | Additional groups for your user |
| ``remove`` | ``false`` | - | completly remove user if ``state: absent`` | | ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
| ``only_sshd_config`` | ``false`` | Skip user and permission creation and only add user to SSHD config |
### Other ### Other

View file

@ -11,7 +11,7 @@
loop_control: loop_control:
label: "user={{ user.name }}" label: "user={{ user.name }}"
loop_var: user loop_var: user
when: user.state | default ('present') == 'present' and user.admin | default(false) | bool when: user.state | default ('present') == 'present' and user.admin | default(false) | bool and not user.only_sshd_config | default(false) | bool
- name: Remove superpowers from Users - name: Remove superpowers from Users
become: true become: true

View file

@ -29,6 +29,7 @@ The Option of these directory-variables are the following.
| ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) | | ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
| ``groups`` | list | - | Additional groups for your user | | ``groups`` | list | - | Additional groups for your user |
| ``remove`` | ``false`` | - | completly remove user if ``state: absent`` | | ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
| ``only_sshd_config`` | ``false`` | Skip user and permission creation and only add user to SSHD config |
There is a third directory-variable called ``l3d_users__ssh_login: []`` which only support ``name`` and ``state`` for users, that sould be able to login on that system. There is a third directory-variable called ``l3d_users__ssh_login: []`` which only support ``name`` and ``state`` for users, that sould be able to login on that system.

View file

@ -1,5 +1,5 @@
--- ---
playbook_version_number: 4 playbook_version_number: 5
playbook_version_path: 'l3d.users.sshd.version' playbook_version_path: 'l3d.users.sshd.version'
l3d_users_sshd__service_var_path: l3d_users_sshd__service_var_path:

View file

@ -21,6 +21,7 @@ The Option of these directory-variables are the following.
| ``state`` | ``present`` | - | Create or delete user | | ``state`` | ``present`` | - | Create or delete user |
| ``shell`` | ``/bin/bash`` | - | The Shell of the User | | ``shell`` | ``/bin/bash`` | - | The Shell of the User |
| ``create_home`` | ``true`` | - | create a user home *(needed to store ssh keys)* | | ``create_home`` | ``true`` | - | create a user home *(needed to store ssh keys)* |
| ``home`` | *string* | - | Optionally set the user's home directory |
| ``admin`` | ``false`` | - | enable it to give the user superpowers | | ``admin`` | ``false`` | - | enable it to give the user superpowers |
| ``admin_commands`` | *string or list* | - | Commands that are allows to be run as admin, eg. 'ALL' or specific script | | ``admin_commands`` | *string or list* | - | Commands that are allows to be run as admin, eg. 'ALL' or specific script |
| ``admin_nopassword`` | ``false`` | - | Need no Password for sudo | | ``admin_nopassword`` | ``false`` | - | Need no Password for sudo |
@ -30,6 +31,7 @@ The Option of these directory-variables are the following.
| ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) | | ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
| ``groups`` | list | - | Additional groups for your user | | ``groups`` | list | - | Additional groups for your user |
| ``remove`` | ``false`` | - | completly remove user if ``state: absent`` | | ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
| ``only_sshd_config`` | ``false`` | Skip user and permission creation and only add user to SSHD config |
### Other Variables ### Other Variables

View file

@ -10,4 +10,4 @@
loop_control: loop_control:
label: "user={{ user.name }}" label: "user={{ user.name }}"
loop_var: user loop_var: user
when: user.state | default ('present') == 'present' when: user.state | default ('present') == 'present' and not user.only_sshd_config | default(false) | bool

View file

@ -8,7 +8,7 @@
loop_control: loop_control:
label: "user={{ user.name }}" label: "user={{ user.name }}"
loop_var: user loop_var: user
when: user.state | default ('present') == 'present' when: user.state | default ('present') == 'present' and not user.only_sshd_config | default(false) | bool
- name: Create Accounts for Users - name: Create Accounts for Users
become: true become: true
@ -18,6 +18,7 @@
groups: "{{ user.groups | default() }}" groups: "{{ user.groups | default() }}"
state: 'present' state: 'present'
create_home: "{{ user.create_home | default(true) }}" create_home: "{{ user.create_home | default(true) }}"
home: "{{ user.home | default('/home/' + user.name) }}"
comment: "User created by ansible" comment: "User created by ansible"
shell: "{{ user.shell | default('/bin/bash') }}" shell: "{{ user.shell | default('/bin/bash') }}"
password: "{{ user.password | default() }}" password: "{{ user.password | default() }}"
@ -25,7 +26,7 @@
loop_control: loop_control:
label: "user={{ user.name }}" label: "user={{ user.name }}"
loop_var: user loop_var: user
when: user.state | default ('present') == 'present' when: user.state | default ('present') == 'present' and not user.only_sshd_config | default(false) | bool
- name: Remove Accounts for Users - name: Remove Accounts for Users
become: true become: true

View file

@ -1,3 +1,3 @@
--- ---
playbook_version_number: 9 playbook_version_number: 11
playbook_version_path: 'l3d.users.user.version' playbook_version_path: 'l3d.users.user.version'