evolinux-users: better names for a fewtasks
This commit is contained in:
parent
dba26fbbaf
commit
a782ef3180
|
@ -16,7 +16,7 @@
|
||||||
changed_when: False
|
changed_when: False
|
||||||
check_mode: no
|
check_mode: no
|
||||||
|
|
||||||
- name: "Add Unix account with classical uid for '{{ user.name }}'"
|
- name: "Unix account for '{{ user.name }}' is present (with uid '{{ user.uid }}')"
|
||||||
user:
|
user:
|
||||||
state: present
|
state: present
|
||||||
uid: '{{ user.uid }}'
|
uid: '{{ user.uid }}'
|
||||||
|
@ -54,7 +54,7 @@
|
||||||
groups: "{{ evolinux_ssh_group }}"
|
groups: "{{ evolinux_ssh_group }}"
|
||||||
append: yes
|
append: yes
|
||||||
|
|
||||||
- name: "Create secondary groups"
|
- name: "Secondary Unix groups are present"
|
||||||
group:
|
group:
|
||||||
name: "{{ group }}"
|
name: "{{ group }}"
|
||||||
with_items: "{{ user.groups }}"
|
with_items: "{{ user.groups }}"
|
||||||
|
@ -62,14 +62,14 @@
|
||||||
loop_var: group
|
loop_var: group
|
||||||
when: user.groups is defined
|
when: user.groups is defined
|
||||||
|
|
||||||
- name: "Add user '{{ user.name }}' to secondary groups"
|
- name: "Unix user '{{ user.name }}' belongs to secondary groups"
|
||||||
user:
|
user:
|
||||||
name: '{{ user.name }}'
|
name: '{{ user.name }}'
|
||||||
groups: "{{ user.groups }}"
|
groups: "{{ user.groups }}"
|
||||||
append: yes
|
append: yes
|
||||||
when: user.groups is defined
|
when: user.groups is defined
|
||||||
|
|
||||||
- name: "Fix perms on home directory for '{{ user.name }}'"
|
- name: "Home directory for '{{ user.name }}' is not accessible by group and other users"
|
||||||
file:
|
file:
|
||||||
name: '/home/{{ user.name }}'
|
name: '/home/{{ user.name }}'
|
||||||
mode: "0700"
|
mode: "0700"
|
||||||
|
@ -77,7 +77,7 @@
|
||||||
|
|
||||||
# Evomaintenance
|
# Evomaintenance
|
||||||
|
|
||||||
- name: search profile for presence of evomaintenance
|
- name: Search profile for presence of evomaintenance
|
||||||
command: 'grep -q "trap.*sudo.*evomaintenance.sh"'
|
command: 'grep -q "trap.*sudo.*evomaintenance.sh"'
|
||||||
changed_when: False
|
changed_when: False
|
||||||
failed_when: False
|
failed_when: False
|
||||||
|
@ -85,7 +85,7 @@
|
||||||
register: grep_profile_evomaintenance
|
register: grep_profile_evomaintenance
|
||||||
|
|
||||||
# Don't add the trap if it is present or commented
|
# Don't add the trap if it is present or commented
|
||||||
- name: "Add evomaintenance trap for '{{ user.name }}'"
|
- name: "User '{{ user.name }}' has its shell trap for evomaintenance"
|
||||||
lineinfile:
|
lineinfile:
|
||||||
state: present
|
state: present
|
||||||
dest: '/home/{{ user.name }}/.profile'
|
dest: '/home/{{ user.name }}/.profile'
|
||||||
|
@ -95,7 +95,7 @@
|
||||||
|
|
||||||
# SSH keys
|
# SSH keys
|
||||||
|
|
||||||
- name: "Create .ssh directory for '{{ user.name }}'"
|
- name: "SSH directory for '{{ user.name }}' is present"
|
||||||
file:
|
file:
|
||||||
dest: '/home/{{ user.name }}/.ssh/'
|
dest: '/home/{{ user.name }}/.ssh/'
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -103,14 +103,14 @@
|
||||||
owner: '{{ user.name }}'
|
owner: '{{ user.name }}'
|
||||||
group: '{{ user.name }}'
|
group: '{{ user.name }}'
|
||||||
|
|
||||||
- name: "Add user's SSH public key for '{{ user.name }}'"
|
- name: "SSH public key for '{{ user.name }}' is present"
|
||||||
authorized_key:
|
authorized_key:
|
||||||
user: "{{ user.name }}"
|
user: "{{ user.name }}"
|
||||||
key: "{{ user.ssh_key }}"
|
key: "{{ user.ssh_key }}"
|
||||||
state: present
|
state: present
|
||||||
when: user.ssh_key is defined
|
when: user.ssh_key is defined
|
||||||
|
|
||||||
- name: "Add user's SSH public keys for '{{ user.name }}'"
|
- name: "SSH public keys for '{{ user.name }}' are present"
|
||||||
authorized_key:
|
authorized_key:
|
||||||
user: "{{ user.name }}"
|
user: "{{ user.name }}"
|
||||||
key: "{{ ssk_key }}"
|
key: "{{ ssk_key }}"
|
||||||
|
|
Loading…
Reference in a new issue