1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_collection_users.git synced 2024-08-16 10:29:50 +02:00
ansible_collection_users/roles/user/README.md
2024-02-14 03:36:16 +01:00

72 lines
3 KiB
Markdown

Ansible Role Users
====================
Ansible role l3d.users.user to create Users with their group and their SSH Public Keys to their account.
Optionally you can also create an ansible user and add specified ssh keys to his home and all keys of admin users.
There are two variables to define users. The ``l3d_users__default_users`` is ment to put to your group_vars to define a default for your system. The ``l3d_users__local_users`` could be put in your host_vars to define host-specific user and admin roles.
Variables:
-------------
+ The dictionary-variable for your group_vars to set your general users and admins is ``l3d_users__default_users``.
+ The dictionary-variable for your host_vars to set your host-specific users and admins is: ``l3d_users__local_users``.
The Option of these directory-variables are the following.
| option | values | description |
| ------ | ------ | --- |
| name | string | The user you want to create |
| state | ``present`` | Create or delete user |
| shell | ``/bin/bash`` | The Shell of the User |
| create_home | ``true`` | create a user home *(needed to store ssh keys)* |
| admin | ``false`` | enable it to give the user superpowers |
| pubkeys | string or lookup | see examples |
| exklusive_pubkeys | ``true`` | delete all undefined ssh keys |
| password | password hash | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
| remove | ``false`` | completly remove user if state is absent |
| name | default value | description |
| --- | --- | --- |
l3d_users_user__create_ansible: true
l3d_users_user__ansible_user_state: 'present'
l3d_users_user__set_ansible_ssh_keys: false
l3d_users_user__ansible_ssh_keys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
# create users
l3d_users__default_users: {}
# - name: 'alice'
# state: 'present'
# shell: '/bin/bash'
# create_home: true
# admin: true
# pubkeys: |
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPvvXN33GwkTF4ZOwPgF21Un4R2z9hWUuQt1qIfzQyhC
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAG65EdcM+JLv0gnzT9LcqVU47Pkw0SqiIg7XipXENi8
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJz7zEvUVgJJJsIgfG3izsqYcM22IaKz4jGVUbNRL2PX
# exklusive_pubkeys: true
# password: "$Password_hash"
# - name: 'bob'
# state: 'present'
# shell: '/bin/zsh'
# admin: false
# pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
# exklusive_pubkeys: false
l3d_users__local_users: {}
# - name: 'charlie'
# state: 'present'
# admin: false
# pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
# Create ansible mamagement user
l3d_users_user__create_ansible: true
l3d_users_user__ansible_user_state: 'present'
l3d_users_user__set_ansible_ssh_keys: false
l3d_users_user__ansible_ssh_keys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
# run simple versionscheck
submodules_versioncheck: false
work in progress...