From 47bc6d971898895b098c758ccc5d2280722e935c Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Sun, 18 Feb 2024 15:44:57 +0100
Subject: [PATCH] update metadata to roles

---
 roles/admin/README.md             |  2 +-
 roles/admin/meta/main.yml         | 25 ++++++++++++++++++++
 roles/admin/tasks/users.yml       | 22 ++++++++++--------
 roles/sshd/meta/main.yml          | 26 +++++++++++++++++++++
 roles/sshd/vars/main.yml          |  2 +-
 roles/user/meta/main.yml          | 27 ++++++++++++++++++++++
 roles/user/tasks/pubkeys.yml      |  9 ++++----
 roles/user/tasks/user_ansible.yml |  7 +++---
 roles/user/tasks/users.yml        | 38 +++++++++++++++++--------------
 roles/user/vars/main.yml          |  2 +-
 10 files changed, 123 insertions(+), 37 deletions(-)
 create mode 100644 roles/admin/meta/main.yml
 create mode 100644 roles/sshd/meta/main.yml
 create mode 100644 roles/user/meta/main.yml

diff --git a/roles/admin/README.md b/roles/admin/README.md
index a9d6370..b294772 100644
--- a/roles/admin/README.md
+++ b/roles/admin/README.md
@@ -1,7 +1,7 @@
  Ansible Role Admin
 ====================
 
-Ansible role l3d.users.admin Manage Admin-Permissions of Users.
+Ansible role l3d.users.admin to manage Admin-Permissions of Users.
 
 # WORK IN PROGRESS
 
diff --git a/roles/admin/meta/main.yml b/roles/admin/meta/main.yml
new file mode 100644
index 0000000..a9d6aba
--- /dev/null
+++ b/roles/admin/meta/main.yml
@@ -0,0 +1,25 @@
+---
+galaxy_info:
+  role_name: admin
+  author: l3d
+  description: Ansible role l3d.users.admin to manage Admin-Permissions of Users.
+  license: "MIT"
+  min_ansible_version: "2.16"
+  platforms:
+    - name: Debian
+      versions: ['all']
+    - name: Ubuntu
+      versions:
+      versions: ['all']
+    - name: Fedora
+      versions:
+      versions: ['all']
+    - name: EL
+      versions:
+      versions: ['all']
+  galaxy_tags:
+    - admin
+    - users
+    - setup
+    - linux
+dependencies: []
diff --git a/roles/admin/tasks/users.yml b/roles/admin/tasks/users.yml
index e1a5010..aee20e8 100644
--- a/roles/admin/tasks/users.yml
+++ b/roles/admin/tasks/users.yml
@@ -2,23 +2,25 @@
 - name: Give admins superpower
   become: true
   community.general.sudoers:
-    name: "{{ item.name }}-superpowers"
-    user: "{{ item.name }}"
+    name: "{{ user.name }}-superpowers"
+    user: "{{ user.name }}"
     state: 'present'
-    commands: "{{ item.admin_commands | default('ALL') }}"
-    nopassword: "{{ item.admin_nopassword | default(false) }}"
+    commands: "{{ user.admin_commands | default('ALL') }}"
+    nopassword: "{{ user.admin_nopassword | default(false) }}"
   loop: "{{ _l3d_users__merged_users }}"
   loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'present' and  item.admin | default(false) | bool
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'present' and  user.admin | default(false) | bool
 
 - name: Remove superpowers from Users
   become: true
   community.general.sudoers:
-    name: "{{ item.name }}-superpowers"
+    name: "{{ user.name }}-superpowers"
     state: 'absent'
-    user: "{{ item.name }}"
+    user: "{{ user.name }}"
   loop: "{{ _l3d_users__merged_users }}"
   loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'present' and not item.admin | default(false) | bool
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'present' and not user.admin | default(false) | bool
diff --git a/roles/sshd/meta/main.yml b/roles/sshd/meta/main.yml
new file mode 100644
index 0000000..0fd116e
--- /dev/null
+++ b/roles/sshd/meta/main.yml
@@ -0,0 +1,26 @@
+---
+galaxy_info:
+  role_name: sshd
+  author: l3d
+  description: Ansible role l3d.users.sshd to Manage SSHD Configuration of the system and which Accounts are allowed to login
+  license: "MIT"
+  min_ansible_version: "2.16"
+  platforms:
+    - name: Debian
+      versions: ['all']
+    - name: Ubuntu
+      versions:
+      versions: ['all']
+    - name: Fedora
+      versions:
+      versions: ['all']
+    - name: EL
+      versions:
+      versions: ['all']
+  galaxy_tags:
+    - sshd
+    - ssh
+    - users
+    - setup
+    - linux
+dependencies: []
diff --git a/roles/sshd/vars/main.yml b/roles/sshd/vars/main.yml
index 1efa857..2b9e309 100644
--- a/roles/sshd/vars/main.yml
+++ b/roles/sshd/vars/main.yml
@@ -1,5 +1,5 @@
 ---
-playbook_version_number: 3
+playbook_version_number: 4
 playbook_version_path: 'l3d.users.sshd.version'
 
 l3d_users_sshd__service_var_path:
diff --git a/roles/user/meta/main.yml b/roles/user/meta/main.yml
new file mode 100644
index 0000000..5d62c0f
--- /dev/null
+++ b/roles/user/meta/main.yml
@@ -0,0 +1,27 @@
+---
+galaxy_info:
+  role_name: user
+  author: l3d
+  description: Ansible role l3d.users.user to create Users with their group and their SSH Public Keys to their account.
+  license: "MIT"
+  min_ansible_version: "2.16"
+  platforms:
+    - name: Debian
+      versions: ['all']
+    - name: Ubuntu
+      versions:
+      versions: ['all']
+    - name: Fedora
+      versions:
+      versions: ['all']
+    - name: EL
+      versions:
+      versions: ['all']
+  galaxy_tags:
+    - user
+    - ssh
+    - pubkeys
+    - users
+    - setup
+    - linux
+dependencies: []
diff --git a/roles/user/tasks/pubkeys.yml b/roles/user/tasks/pubkeys.yml
index 78e174a..58b2684 100644
--- a/roles/user/tasks/pubkeys.yml
+++ b/roles/user/tasks/pubkeys.yml
@@ -2,11 +2,12 @@
 - name: Set SSH Public Keys for Users
   become: true
   ansible.posix.authorized_key:
-    user: "{{ item.name }}"
+    user: "{{ user.name }}"
     state: 'present'
-    key: "{{ item.pubkeys | default() }}"
+    key: "{{ user.pubkeys | default() }}"
     exclusive: true
   loop: "{{ _l3d_users__merged_users }}"
   loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'present'
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'present'
diff --git a/roles/user/tasks/user_ansible.yml b/roles/user/tasks/user_ansible.yml
index 8b7d2a8..0851455 100644
--- a/roles/user/tasks/user_ansible.yml
+++ b/roles/user/tasks/user_ansible.yml
@@ -30,8 +30,9 @@
   ansible.posix.authorized_key:
     user: 'ansible'
     state: "{{ l3d_users__ansible_user_state | ternary('present', 'absent') }}"
-    key: "{{ item.pubkeys | default() }}"
+    key: "{{ user.pubkeys | default() }}"
   loop: "{{ _l3d_users__merged_users }}"
-  when: item.admin | default(false) | bool and item.admin_ansible_login | default(true) | bool
+  when: user.admin | default(false) | bool and user.admin_ansible_login | default(true) | bool
   loop_control:
-    label: "user: ['{{ item.name }}']"
+    label: "user={{ user.name }}"
+    loop_var: user
diff --git a/roles/user/tasks/users.yml b/roles/user/tasks/users.yml
index c39b23c..de16f15 100644
--- a/roles/user/tasks/users.yml
+++ b/roles/user/tasks/users.yml
@@ -2,45 +2,49 @@
 - name: Create Groups for Users
   become: true
   ansible.builtin.group:
-    name: "{{ item.name }}"
+    name: "{{ user.name }}"
     state: 'present'
   loop: "{{ _l3d_users__merged_users }}"
   loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'present'
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'present'
 
 - name: Create Accounts for Users
   become: true
   ansible.builtin.user:
-    name: "{{ item.name }}"
-    group: "{{ item.name }}"
+    name: "{{ user.name }}"
+    group: "{{ user.name }}"
     state: 'present'
-    create_home: "{{ item.create_home | default(true) }}"
+    create_home: "{{ user.create_home | default(true) }}"
     comment: "User created by ansible"
-    shell: "{{ item.shell | default('/bin/bash') }}"
-    password: "{{ item.password | default() }}"
+    shell: "{{ user.shell | default('/bin/bash') }}"
+    password: "{{ user.password | default() }}"
   loop: "{{ _l3d_users__merged_users }}"
   loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'present'
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'present'
 
 - name: Remove Accounts for Users
   become: true
   ansible.builtin.user:
-    name: "{{ item.name }}"
+    name: "{{ user.name }}"
     state: 'absent'
-    remove: "{{ item.remove | default(false) }}"
+    remove: "{{ user.remove | default(false) }}"
   loop: "{{ _l3d_users__merged_users }}"
   loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'absent' and item.remove | default(false) | bool
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'absent' and user.remove | default(false) | bool
 
 - name: Remove Groups for Users
   become: true
   ansible.builtin.group:
-    name: "{{ item.name }}"
+    name: "{{ user.name }}"
     state: 'absent'
   loop: "{{ _l3d_users__merged_users }}"
   loop_control:
-    label: "user: ['{{ item.name }}']"
-  when: item.state | default ('present') == 'absent' and item.remove | default(false) | bool
+    label: "user={{ user.name }}"
+    loop_var: user
+  when: user.state | default ('present') == 'absent' and user.remove | default(false) | bool
diff --git a/roles/user/vars/main.yml b/roles/user/vars/main.yml
index 71d22b4..954fcd2 100644
--- a/roles/user/vars/main.yml
+++ b/roles/user/vars/main.yml
@@ -1,3 +1,3 @@
 ---
-playbook_version_number: 7
+playbook_version_number: 8
 playbook_version_path: 'l3d.users.user.version'