From 2b253e075c7b5fd7ee70a3dc0ba3b6e081fbddb9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Lecour?= <jeremy.lecour@gmail.com>
Date: Fri, 6 Oct 2017 01:04:48 +0200
Subject: [PATCH] Users can be added to secondary groups

---
 evolinux-users/README.md         |  8 +++++++-
 evolinux-users/tasks/account.yml | 17 ++++++++++++++++-
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/evolinux-users/README.md b/evolinux-users/README.md
index 83d69172..439bd898 100644
--- a/evolinux-users/README.md
+++ b/evolinux-users/README.md
@@ -16,12 +16,18 @@ evolinux_users:
     name: foo
     uid: 1001
     fullname: 'Mr Foo'
+    groups: "baz"
     password_hash: 'sdfgsdfgsdfgsdfg'
     ssh_key: 'ssh-rsa AZERTYXYZ'
   bar:
     name: bar
     uid: 1002
     fullname: 'Mr Bar'
+    groups:
+    - "baz"
+    - "qux"
     password_hash: 'gsdfgsdfgsdfgsdf'
-    ssh_key: 'ssh-rsa QWERTYUIOP'
+    ssh_keys:
+      - 'ssh-rsa QWERTYUIOP'
+      - 'ssh-ed25519 QWERTYUIOP'
 ```
diff --git a/evolinux-users/tasks/account.yml b/evolinux-users/tasks/account.yml
index 453eca66..1ed142f9 100644
--- a/evolinux-users/tasks/account.yml
+++ b/evolinux-users/tasks/account.yml
@@ -35,7 +35,22 @@
    update_password: on_create
   when: loginisbusy.rc != 0 and uidisbusy.rc == 0
 
-- name: "Fix perms on homedirectory for '{{ user.name }}'"
+- name: "Create secondary groups"
+  group:
+    name: "{{ group }}"
+  with_items: "{{ user.groups }}"
+  loop_control:
+    loop_var: group
+  when: user.groups is defined
+
+- name: "Add user '{{ user.name }}' to secondary groups"
+  user:
+    name: '{{ user.name }}'
+    groups: "{{ user.groups }}"
+    append: yes
+  when: user.groups is defined
+
+- name: "Fix perms on home directory for '{{ user.name }}'"
   file:
    name: '/home/{{ user.name }}'
    mode: "0700"