ansible-roles/webapps/evoadmin-web/tasks/user.yml

86 lines
2.2 KiB
YAML

---
- name: Create evoadmin account
user:
name: evoadmin
comment: "Evoadmin Web Account"
home: "{{ evoadmin_home_dir}}"
password: "!"
- name: Create www-evoadmin group
group:
name: www-evoadmin
state: present
- name: "Create www-evoadmin and add to group shadow (jessie)"
user:
name: www-evoadmin
groups: shadow
append: yes
when: ansible_distribution_release == "jessie"
- name: "Create www-evoadmin (Debian 9 or later)"
user:
name: www-evoadmin
when: ansible_distribution_major_version | version_compare('9', '>=')
- name: Git is needed to clone the evoadmin repository
apt:
name: git
state: present
- name: "Clone evoadmin repository (jessie)"
git:
repo: https://forge.evolix.org/evoadmin-web.git
dest: "{{ evoadmin_document_root}}"
version: jessie
update: no
when: ansible_distribution_release == "jessie"
- name: "Clone evoadmin repository (Debian 9 or later)"
git:
repo: https://forge.evolix.org/evoadmin-web.git
dest: "{{ evoadmin_document_root}}"
version: master
update: yes
when: ansible_distribution_major_version | version_compare('9', '>=')
- name: Change ownership on git repository
file:
dest: "{{ evoadmin_document_root}}"
owner: "{{ evoadmin_username }}"
group: "{{ evoadmin_username }}"
recurse: yes
- include_role:
name: remount-usr
when: evoadmin_scripts_dir | search ("/usr")
- name: "Create {{ evoadmin_scripts_dir }}"
file:
dest: "{{ evoadmin_scripts_dir }}"
# recurse: yes
mode: "0700"
state: directory
- name: Install scripts like web-add.sh
shell: "cp {{ evoadmin_document_root}}/scripts/* {{ evoadmin_scripts_dir }}/"
args:
creates: "{{ evoadmin_scripts_dir }}/web-add.sh"
# we use a shell command to have a "changed" thet really reflects the result.
- name: Fix permissions
command: "chmod -R --verbose u=rwX,g=rX,o= {{ evoadmin_document_root }}"
register: command_result
changed_when: "'changed' in command_result.stdout"
# failed_when: False
args:
warn: no
- name: Add evoadmin sudoers file
template:
src: sudoers.j2
dest: /etc/sudoers.d/evoadmin
mode: "0600"
validate: "visudo -cf %s"