accounts: add a "users" tag
So that new users are not created and customized password are not reset based on vars files when executing evolixisation.yml again
This commit is contained in:
parent
bf1bb2f80e
commit
70ab0c80de
4 changed files with 10 additions and 1 deletions
|
@ -34,6 +34,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|||
* base: deactivate insults in sudo
|
||||
* base: added handlers for entries in fstab
|
||||
* forwarding: added tags to distinguish IPv4 from IPv6
|
||||
* accounts: add a "users" tag so that new users are not created and customized password are not reset based on vars files when executing evolixisation.yml again
|
||||
|
||||
### Changed
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
# First use :
|
||||
# ansible-playbook evolixisation.yml --ask-vault-pass -CDki hosts -u root -l HOSTNAME
|
||||
# Subsequent use :
|
||||
# ansible-playbook evolixisation.yml --ask-vault-pass -CDKi hosts --skip-tags pf,generateldif-exec -l HOSTNAME
|
||||
# ansible-playbook evolixisation.yml --ask-vault-pass -CDKi hosts --skip-tags pf,users,generateldif-exec -l HOSTNAME
|
||||
|
||||
## EXAMPLE OF PLAYBOOK - PLEASE USE YOUR OWN PLAYBOOK
|
||||
|
||||
|
|
|
@ -23,6 +23,7 @@
|
|||
tags:
|
||||
- accounts
|
||||
- admin
|
||||
- users
|
||||
|
||||
- name: "Verify AllowGroups directive"
|
||||
ansible.builtin.command: "grep -E '^AllowGroups' /etc/ssh/sshd_config"
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
tags:
|
||||
- accounts
|
||||
- admin
|
||||
- users
|
||||
|
||||
- name: "User '{{ user.name }}' is present"
|
||||
ansible.builtin.user:
|
||||
|
@ -22,6 +23,7 @@
|
|||
tags:
|
||||
- accounts
|
||||
- admin
|
||||
- users
|
||||
|
||||
- name: "Gather available local users for usage in check_mode"
|
||||
ansible.builtin.getent:
|
||||
|
@ -29,6 +31,7 @@
|
|||
tags:
|
||||
- accounts
|
||||
- admin
|
||||
- users
|
||||
|
||||
- name: "Home directory for '{{ user.name }}' is only accesible by owner"
|
||||
ansible.builtin.file:
|
||||
|
@ -41,6 +44,7 @@
|
|||
tags:
|
||||
- accounts
|
||||
- admin
|
||||
- users
|
||||
|
||||
- name: "SSH public keys for '{{ user.name }}' are present"
|
||||
ansible.posix.authorized_key:
|
||||
|
@ -56,6 +60,7 @@
|
|||
tags:
|
||||
- accounts
|
||||
- admin
|
||||
- users
|
||||
|
||||
- name: "Gather available local groups for usage in check_mode"
|
||||
ansible.builtin.getent:
|
||||
|
@ -63,6 +68,7 @@
|
|||
tags:
|
||||
- accounts
|
||||
- admin
|
||||
- users
|
||||
|
||||
- name: "Add {{ user.name }} to {{ evobsd_internal_group }}, {{ evobsd_ssh_group }}, {{ evobsd_sudo_group }} group"
|
||||
ansible.builtin.user:
|
||||
|
@ -81,3 +87,4 @@
|
|||
tags:
|
||||
- accounts
|
||||
- admin
|
||||
- users
|
||||
|
|
Loading…
Reference in a new issue