update metadata to roles

2024-08-16 10:29:50 +02:00 · 2024-02-18 15:44:57 +01:00 · 2024-02-18 15:44:57 +01:00 · 47bc6d9718
commit 47bc6d9718
parent 22551c7eb9
10 changed files with 123 additions and 37 deletions
--- a/roles/admin/README.md
+++ b/roles/admin/README.md
@ -1,7 +1,7 @@
 Ansible Role Admin
 ====================

-Ansible role l3d.users.admin Manage Admin-Permissions of Users.
+Ansible role l3d.users.admin to manage Admin-Permissions of Users.

 # WORK IN PROGRESS

--- a/roles/admin/meta/main.yml
+++ b/roles/admin/meta/main.yml
@ -0,0 +1,25 @@
+---
+galaxy_info:
+  role_name: admin
+  author: l3d
+  description: Ansible role l3d.users.admin to manage Admin-Permissions of Users.
+  license: "MIT"
+  min_ansible_version: "2.16"
+  platforms:
+    - name: Debian
+      versions: ['all']
+    - name: Ubuntu
+      versions:
+      versions: ['all']
+    - name: Fedora
+      versions:
+      versions: ['all']
+    - name: EL
+      versions:
+      versions: ['all']
+  galaxy_tags:
+    - admin
+    - users
+    - setup
+    - linux
+dependencies: []
--- a/roles/admin/tasks/users.yml
+++ b/roles/admin/tasks/users.yml
@ -2,23 +2,25 @@
 - name: Give admins superpower
  become: true
  community.general.sudoers:
-    name: "{{ item.name }}-superpowers"
-    user: "{{ item.name }}"
+    name: "{{ user.name }}-superpowers"
+    user: "{{ user.name }}"
    state: 'present'
-    commands: "{{ item.admin_commands | default('ALL') }}"
-    nopassword: "{{ item.admin_nopassword | default(false) }}"
+    commands: "{{ user.admin_commands | default('ALL') }}"
+    nopassword: "{{ user.admin_nopassword | default(false) }}"
  loop: "{{ _l3d_users__merged_users }}"
  loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'present' and  item.admin | default(false) | bool
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'present' and  user.admin | default(false) | bool

 - name: Remove superpowers from Users
  become: true
  community.general.sudoers:
-    name: "{{ item.name }}-superpowers"
+    name: "{{ user.name }}-superpowers"
    state: 'absent'
-    user: "{{ item.name }}"
+    user: "{{ user.name }}"
  loop: "{{ _l3d_users__merged_users }}"
  loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'present' and not item.admin | default(false) | bool
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'present' and not user.admin | default(false) | bool
--- a/roles/sshd/meta/main.yml
+++ b/roles/sshd/meta/main.yml
@ -0,0 +1,26 @@
+---
+galaxy_info:
+  role_name: sshd
+  author: l3d
+  description: Ansible role l3d.users.sshd to Manage SSHD Configuration of the system and which Accounts are allowed to login
+  license: "MIT"
+  min_ansible_version: "2.16"
+  platforms:
+    - name: Debian
+      versions: ['all']
+    - name: Ubuntu
+      versions:
+      versions: ['all']
+    - name: Fedora
+      versions:
+      versions: ['all']
+    - name: EL
+      versions:
+      versions: ['all']
+  galaxy_tags:
+    - sshd
+    - ssh
+    - users
+    - setup
+    - linux
+dependencies: []
--- a/roles/sshd/vars/main.yml
+++ b/roles/sshd/vars/main.yml
@ -1,5 +1,5 @@
 ---
-playbook_version_number: 3
+playbook_version_number: 4
 playbook_version_path: 'l3d.users.sshd.version'

 l3d_users_sshd__service_var_path:
--- a/roles/user/meta/main.yml
+++ b/roles/user/meta/main.yml
@ -0,0 +1,27 @@
+---
+galaxy_info:
+  role_name: user
+  author: l3d
+  description: Ansible role l3d.users.user to create Users with their group and their SSH Public Keys to their account.
+  license: "MIT"
+  min_ansible_version: "2.16"
+  platforms:
+    - name: Debian
+      versions: ['all']
+    - name: Ubuntu
+      versions:
+      versions: ['all']
+    - name: Fedora
+      versions:
+      versions: ['all']
+    - name: EL
+      versions:
+      versions: ['all']
+  galaxy_tags:
+    - user
+    - ssh
+    - pubkeys
+    - users
+    - setup
+    - linux
+dependencies: []
--- a/roles/user/tasks/pubkeys.yml
+++ b/roles/user/tasks/pubkeys.yml
@ -2,11 +2,12 @@
 - name: Set SSH Public Keys for Users
  become: true
  ansible.posix.authorized_key:
-    user: "{{ item.name }}"
+    user: "{{ user.name }}"
    state: 'present'
-    key: "{{ item.pubkeys | default() }}"
+    key: "{{ user.pubkeys | default() }}"
    exclusive: true
  loop: "{{ _l3d_users__merged_users }}"
  loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'present'
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'present'
--- a/roles/user/tasks/user_ansible.yml
+++ b/roles/user/tasks/user_ansible.yml
@ -30,8 +30,9 @@
  ansible.posix.authorized_key:
    user: 'ansible'
    state: "{{ l3d_users__ansible_user_state | ternary('present', 'absent') }}"
-    key: "{{ item.pubkeys | default() }}"
+    key: "{{ user.pubkeys | default() }}"
  loop: "{{ _l3d_users__merged_users }}"
-  when: item.admin | default(false) | bool and item.admin_ansible_login | default(true) | bool
+  when: user.admin | default(false) | bool and user.admin_ansible_login | default(true) | bool
  loop_control:
-    label: "user: ['{{ item.name }}']"
+    label: "user={{ user.name }}"
+    loop_var: user
--- a/roles/user/tasks/users.yml
+++ b/roles/user/tasks/users.yml
@ -2,45 +2,49 @@
 - name: Create Groups for Users
  become: true
  ansible.builtin.group:
-    name: "{{ item.name }}"
+    name: "{{ user.name }}"
    state: 'present'
  loop: "{{ _l3d_users__merged_users }}"
  loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'present'
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'present'

 - name: Create Accounts for Users
  become: true
  ansible.builtin.user:
-    name: "{{ item.name }}"
-    group: "{{ item.name }}"
+    name: "{{ user.name }}"
+    group: "{{ user.name }}"
    state: 'present'
-    create_home: "{{ item.create_home | default(true) }}"
+    create_home: "{{ user.create_home | default(true) }}"
    comment: "User created by ansible"
-    shell: "{{ item.shell | default('/bin/bash') }}"
-    password: "{{ item.password | default() }}"
+    shell: "{{ user.shell | default('/bin/bash') }}"
+    password: "{{ user.password | default() }}"
  loop: "{{ _l3d_users__merged_users }}"
  loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'present'
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'present'

 - name: Remove Accounts for Users
  become: true
  ansible.builtin.user:
-    name: "{{ item.name }}"
+    name: "{{ user.name }}"
    state: 'absent'
-    remove: "{{ item.remove | default(false) }}"
+    remove: "{{ user.remove | default(false) }}"
  loop: "{{ _l3d_users__merged_users }}"
  loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'absent' and item.remove | default(false) | bool
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'absent' and user.remove | default(false) | bool

 - name: Remove Groups for Users
  become: true
  ansible.builtin.group:
-    name: "{{ item.name }}"
+    name: "{{ user.name }}"
    state: 'absent'
  loop: "{{ _l3d_users__merged_users }}"
  loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'absent' and item.remove | default(false) | bool
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'absent' and user.remove | default(false) | bool
--- a/roles/user/vars/main.yml
+++ b/roles/user/vars/main.yml
@ -1,3 +1,3 @@
 ---
-playbook_version_number: 7
+playbook_version_number: 8
 playbook_version_path: 'l3d.users.user.version'