evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 33 Wiki Activity

Merge pull request 'evolinux-users: Only create a subset of users' (#162) from P10077 into unstable
All checks were successful
gitea/ansible-roles/pipeline/head This commit looks good
Details

Browse source 
Reviewed-on: #162
This commit is contained in:
Patrick Marchand 2022-08-24 15:59:35 +02:00
parent 3bd4b92425 8e7c3a47aa
commit a12f68fb87
6 changed files with 14 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -12,6 +12,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
### Added ### Added
* evolinux_users: create only users who have a certain value for the `create` key (default: `always`).
* php: install php-xml with recent PHP versions * php: install php-xml with recent PHP versions
### Changed ### Changed

2
evolinux-users/README.md
View file

@ -19,6 +19,7 @@ evolinux_users:
groups: "baz" groups: "baz"
password_hash: 'sdfgsdfgsdfgsdfg' password_hash: 'sdfgsdfgsdfgsdfg'
ssh_key: 'ssh-rsa AZERTYXYZ' ssh_key: 'ssh-rsa AZERTYXYZ'
create: always
bar: bar:
name: bar name: bar
uid: 1002 uid: 1002
@ -30,6 +31,7 @@ evolinux_users:
ssh_keys: ssh_keys:
- 'ssh-rsa QWERTYUIOP' - 'ssh-rsa QWERTYUIOP'
- 'ssh-ed25519 QWERTYUIOP' - 'ssh-ed25519 QWERTYUIOP'
create: on_demand
``` ```
* `evolinux_sudo_group`: which group to use for sudo (default: `evolinux-sudo`) * `evolinux_sudo_group`: which group to use for sudo (default: `evolinux-sudo`)

3
evolinux-users/defaults/main.yml
View file

@ -6,3 +6,6 @@ evolinux_ssh_group: "evolinux-ssh"
evolinux_internal_group: "" evolinux_internal_group: ""
evolinux_root_disable_ssh: True evolinux_root_disable_ssh: True
# Defines which groups of users are created
evolinux_users_create: always

4
evolinux-users/tasks/main.yml
View file

@ -16,7 +16,9 @@
vars: vars:
user: "{{ item.value }}" user: "{{ item.value }}"
loop: "{{ evolinux_users | dict2items }}" loop: "{{ evolinux_users | dict2items }}"
when: evolinux_users | length > 0 when:
- user.create == evolinux_users_create
- evolinux_users | length > 0
- name: Configure sudo - name: Configure sudo
include: sudo.yml include: sudo.yml

1
evolinux-users/tasks/ssh.yml
View file

@ -50,6 +50,7 @@
user: "{{ item.value }}" user: "{{ item.value }}"
loop: "{{ evolinux_users | dict2items }}" loop: "{{ evolinux_users | dict2items }}"
when: when:
- user.create == evolinux_users_create
- ssh_allowusers - ssh_allowusers
- not ssh_allowgroups - not ssh_allowgroups

4
evolinux-users/tasks/sudo.yml
View file

@ -6,6 +6,7 @@
loop: "{{ evolinux_users | dict2items }}" loop: "{{ evolinux_users | dict2items }}"
when: when:
- evolinux_users | length > 0 - evolinux_users | length > 0
- user.create == evolinux_users_create
- ansible_distribution_release == "jessie" - ansible_distribution_release == "jessie"
@ -16,6 +17,9 @@
vars: vars:
user: "{{ item.value }}" user: "{{ item.value }}"
loop: "{{ evolinux_users | dict2items }}" loop: "{{ evolinux_users | dict2items }}"
when:
- evolinux_users | length > 0
- user.create == evolinux_users_create
when: when:
- ansible_distribution_major_version is defined - ansible_distribution_major_version is defined
- ansible_distribution_major_version is version('9', '>=') - ansible_distribution_major_version is version('9', '>=')