accounts: add a "users" tag

So that new users are not created and customized password are not reset based on vars files when executing evolixisation.yml again
This commit is contained in:
Jérémy Dubois 2024-01-26 14:38:48 +01:00
parent bf1bb2f80e
commit 70ab0c80de
4 changed files with 10 additions and 1 deletions

View file

@ -34,6 +34,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
* base: deactivate insults in sudo
* base: added handlers for entries in fstab
* forwarding: added tags to distinguish IPv4 from IPv6
* accounts: add a "users" tag so that new users are not created and customized password are not reset based on vars files when executing evolixisation.yml again
### Changed

View file

@ -3,7 +3,7 @@
# First use :
# ansible-playbook evolixisation.yml --ask-vault-pass -CDki hosts -u root -l HOSTNAME
# Subsequent use :
# ansible-playbook evolixisation.yml --ask-vault-pass -CDKi hosts --skip-tags pf,generateldif-exec -l HOSTNAME
# ansible-playbook evolixisation.yml --ask-vault-pass -CDKi hosts --skip-tags pf,users,generateldif-exec -l HOSTNAME
## EXAMPLE OF PLAYBOOK - PLEASE USE YOUR OWN PLAYBOOK

View file

@ -23,6 +23,7 @@
tags:
- accounts
- admin
- users
- name: "Verify AllowGroups directive"
ansible.builtin.command: "grep -E '^AllowGroups' /etc/ssh/sshd_config"

View file

@ -8,6 +8,7 @@
tags:
- accounts
- admin
- users
- name: "User '{{ user.name }}' is present"
ansible.builtin.user:
@ -22,6 +23,7 @@
tags:
- accounts
- admin
- users
- name: "Gather available local users for usage in check_mode"
ansible.builtin.getent:
@ -29,6 +31,7 @@
tags:
- accounts
- admin
- users
- name: "Home directory for '{{ user.name }}' is only accesible by owner"
ansible.builtin.file:
@ -41,6 +44,7 @@
tags:
- accounts
- admin
- users
- name: "SSH public keys for '{{ user.name }}' are present"
ansible.posix.authorized_key:
@ -56,6 +60,7 @@
tags:
- accounts
- admin
- users
- name: "Gather available local groups for usage in check_mode"
ansible.builtin.getent:
@ -63,6 +68,7 @@
tags:
- accounts
- admin
- users
- name: "Add {{ user.name }} to {{ evobsd_internal_group }}, {{ evobsd_ssh_group }}, {{ evobsd_sudo_group }} group"
ansible.builtin.user:
@ -81,3 +87,4 @@
tags:
- accounts
- admin
- users