mirror of
https://github.com/roles-ansible/ansible_collection_users.git
synced 2024-08-16 10:29:50 +02:00
Create Option to only manage SSHD config
This commit is contained in:
parent
c9da584816
commit
17eea551b5
9 changed files with 13 additions and 6 deletions
|
@ -62,6 +62,7 @@ The Option of these directory-variables are the following.
|
||||||
| ``state`` | ``present`` | - | Create or delete user |
|
| ``state`` | ``present`` | - | Create or delete user |
|
||||||
| ``shell`` | ``/bin/bash`` | - | The Shell of the User |
|
| ``shell`` | ``/bin/bash`` | - | The Shell of the User |
|
||||||
| ``create_home`` | ``true`` | - | create a user home *(needed to store ssh keys)* |
|
| ``create_home`` | ``true`` | - | create a user home *(needed to store ssh keys)* |
|
||||||
|
| ``home`` | *string* | - | Optionally set the user's home directory |
|
||||||
| ``admin`` | ``false`` | - | enable it to give the user superpowers |
|
| ``admin`` | ``false`` | - | enable it to give the user superpowers |
|
||||||
| ``admin_commands`` | *string or list* | - | Commands that are allows to be run as admin, eg. 'ALL' or specific script |
|
| ``admin_commands`` | *string or list* | - | Commands that are allows to be run as admin, eg. 'ALL' or specific script |
|
||||||
| ``admin_nopassword`` | ``false`` | - | Need no Password for sudo |
|
| ``admin_nopassword`` | ``false`` | - | Need no Password for sudo |
|
||||||
|
@ -71,6 +72,7 @@ The Option of these directory-variables are the following.
|
||||||
| ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
|
| ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
|
||||||
| ``groups`` | list | - | Additional groups for your user |
|
| ``groups`` | list | - | Additional groups for your user |
|
||||||
| ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
|
| ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
|
||||||
|
| ``only_sshd_config`` | ``false`` | Skip user and permission creation and only add user to SSHD config |
|
||||||
|
|
||||||
### Other variables
|
### Other variables
|
||||||
| name | default value | description |
|
| name | default value | description |
|
||||||
|
|
|
@ -31,6 +31,7 @@ The Option of these directory-variables are the following.
|
||||||
| ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
|
| ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
|
||||||
| ``groups`` | list | - | Additional groups for your user |
|
| ``groups`` | list | - | Additional groups for your user |
|
||||||
| ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
|
| ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
|
||||||
|
| ``only_sshd_config`` | ``false`` | Skip user and permission creation and only add user to SSHD config |
|
||||||
|
|
||||||
### Other
|
### Other
|
||||||
|
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
label: "user={{ user.name }}"
|
label: "user={{ user.name }}"
|
||||||
loop_var: user
|
loop_var: user
|
||||||
when: user.state | default ('present') == 'present' and user.admin | default(false) | bool
|
when: user.state | default ('present') == 'present' and user.admin | default(false) | bool and not user.only_sshd_config | default(false) | bool
|
||||||
|
|
||||||
- name: Remove superpowers from Users
|
- name: Remove superpowers from Users
|
||||||
become: true
|
become: true
|
||||||
|
|
|
@ -29,6 +29,7 @@ The Option of these directory-variables are the following.
|
||||||
| ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
|
| ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
|
||||||
| ``groups`` | list | - | Additional groups for your user |
|
| ``groups`` | list | - | Additional groups for your user |
|
||||||
| ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
|
| ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
|
||||||
|
| ``only_sshd_config`` | ``false`` | Skip user and permission creation and only add user to SSHD config |
|
||||||
|
|
||||||
There is a third directory-variable called ``l3d_users__ssh_login: []`` which only support ``name`` and ``state`` for users, that sould be able to login on that system.
|
There is a third directory-variable called ``l3d_users__ssh_login: []`` which only support ``name`` and ``state`` for users, that sould be able to login on that system.
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
playbook_version_number: 4
|
playbook_version_number: 5
|
||||||
playbook_version_path: 'l3d.users.sshd.version'
|
playbook_version_path: 'l3d.users.sshd.version'
|
||||||
|
|
||||||
l3d_users_sshd__service_var_path:
|
l3d_users_sshd__service_var_path:
|
||||||
|
|
|
@ -21,6 +21,7 @@ The Option of these directory-variables are the following.
|
||||||
| ``state`` | ``present`` | - | Create or delete user |
|
| ``state`` | ``present`` | - | Create or delete user |
|
||||||
| ``shell`` | ``/bin/bash`` | - | The Shell of the User |
|
| ``shell`` | ``/bin/bash`` | - | The Shell of the User |
|
||||||
| ``create_home`` | ``true`` | - | create a user home *(needed to store ssh keys)* |
|
| ``create_home`` | ``true`` | - | create a user home *(needed to store ssh keys)* |
|
||||||
|
| ``home`` | *string* | - | Optionally set the user's home directory |
|
||||||
| ``admin`` | ``false`` | - | enable it to give the user superpowers |
|
| ``admin`` | ``false`` | - | enable it to give the user superpowers |
|
||||||
| ``admin_commands`` | *string or list* | - | Commands that are allows to be run as admin, eg. 'ALL' or specific script |
|
| ``admin_commands`` | *string or list* | - | Commands that are allows to be run as admin, eg. 'ALL' or specific script |
|
||||||
| ``admin_nopassword`` | ``false`` | - | Need no Password for sudo |
|
| ``admin_nopassword`` | ``false`` | - | Need no Password for sudo |
|
||||||
|
@ -30,6 +31,7 @@ The Option of these directory-variables are the following.
|
||||||
| ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
|
| ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
|
||||||
| ``groups`` | list | - | Additional groups for your user |
|
| ``groups`` | list | - | Additional groups for your user |
|
||||||
| ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
|
| ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
|
||||||
|
| ``only_sshd_config`` | ``false`` | Skip user and permission creation and only add user to SSHD config |
|
||||||
|
|
||||||
### Other Variables
|
### Other Variables
|
||||||
|
|
||||||
|
|
|
@ -10,4 +10,4 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
label: "user={{ user.name }}"
|
label: "user={{ user.name }}"
|
||||||
loop_var: user
|
loop_var: user
|
||||||
when: user.state | default ('present') == 'present'
|
when: user.state | default ('present') == 'present' and not user.only_sshd_config | default(false) | bool
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
label: "user={{ user.name }}"
|
label: "user={{ user.name }}"
|
||||||
loop_var: user
|
loop_var: user
|
||||||
when: user.state | default ('present') == 'present'
|
when: user.state | default ('present') == 'present' and not user.only_sshd_config | default(false) | bool
|
||||||
|
|
||||||
- name: Create Accounts for Users
|
- name: Create Accounts for Users
|
||||||
become: true
|
become: true
|
||||||
|
@ -18,6 +18,7 @@
|
||||||
groups: "{{ user.groups | default() }}"
|
groups: "{{ user.groups | default() }}"
|
||||||
state: 'present'
|
state: 'present'
|
||||||
create_home: "{{ user.create_home | default(true) }}"
|
create_home: "{{ user.create_home | default(true) }}"
|
||||||
|
home: "{{ user.home | default('/home/' + user.name) }}"
|
||||||
comment: "User created by ansible"
|
comment: "User created by ansible"
|
||||||
shell: "{{ user.shell | default('/bin/bash') }}"
|
shell: "{{ user.shell | default('/bin/bash') }}"
|
||||||
password: "{{ user.password | default() }}"
|
password: "{{ user.password | default() }}"
|
||||||
|
@ -25,7 +26,7 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
label: "user={{ user.name }}"
|
label: "user={{ user.name }}"
|
||||||
loop_var: user
|
loop_var: user
|
||||||
when: user.state | default ('present') == 'present'
|
when: user.state | default ('present') == 'present' and not user.only_sshd_config | default(false) | bool
|
||||||
|
|
||||||
- name: Remove Accounts for Users
|
- name: Remove Accounts for Users
|
||||||
become: true
|
become: true
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
---
|
---
|
||||||
playbook_version_number: 9
|
playbook_version_number: 11
|
||||||
playbook_version_path: 'l3d.users.user.version'
|
playbook_version_path: 'l3d.users.user.version'
|
||||||
|
|
Loading…
Reference in a new issue