Users can be added to secondary groups

2017-10-06 01:04:48 +02:00 · 2017-10-06 01:04:48 +02:00 · 2b253e075c
parent f759b849a5
commit 2b253e075c
2 changed files with 23 additions and 2 deletions
--- a/evolinux-users/README.md
+++ b/evolinux-users/README.md
@ -16,12 +16,18 @@ evolinux_users:
    name: foo
    uid: 1001
    fullname: 'Mr Foo'
+    groups: "baz"
    password_hash: 'sdfgsdfgsdfgsdfg'
    ssh_key: 'ssh-rsa AZERTYXYZ'
  bar:
    name: bar
    uid: 1002
    fullname: 'Mr Bar'
+    groups:
+    - "baz"
+    - "qux"
    password_hash: 'gsdfgsdfgsdfgsdf'
-    ssh_key: 'ssh-rsa QWERTYUIOP'
+    ssh_keys:
+      - 'ssh-rsa QWERTYUIOP'
+      - 'ssh-ed25519 QWERTYUIOP'
 ```
--- a/evolinux-users/tasks/account.yml
+++ b/evolinux-users/tasks/account.yml
@ -35,7 +35,22 @@
   update_password: on_create
  when: loginisbusy.rc != 0 and uidisbusy.rc == 0

- name: "Fix perms on homedirectory for '{{ user.name }}'"
+- name: "Create secondary groups"
+  group:
+    name: "{{ group }}"
+  with_items: "{{ user.groups }}"
+  loop_control:
+    loop_var: group
+  when: user.groups is defined
+
+- name: "Add user '{{ user.name }}' to secondary groups"
+  user:
+    name: '{{ user.name }}'
+    groups: "{{ user.groups }}"
+    append: yes
+  when: user.groups is defined
+
+- name: "Fix perms on home directory for '{{ user.name }}'"
  file:
   name: '/home/{{ user.name }}'
   mode: "0700"