forked from evolix/ansible-roles
[Cleanup] Clean up evolinux-base and evolinux-users
evolinux-users: Add name to all tasks for self documentation purposes and don't compare with empty string. evolinux-base: Remove trailing whitespaces.
This commit is contained in:
parent
2036db938b
commit
3ec85f9560
|
@ -29,7 +29,7 @@
|
|||
# HP gen <10: Hewlett-Packard Company Smart Array
|
||||
# HP gen >=10: Adaptec Smart Storage PQI
|
||||
- name: Detect if RAID is installed
|
||||
shell: lspci -q | grep -e "RAID bus controller" -e "Serial Attached SCSI controller"
|
||||
shell: 'lspci -q | grep -e "RAID bus controller" -e "Serial Attached SCSI controller"'
|
||||
check_mode: no
|
||||
register: raidmodel
|
||||
changed_when: "'FAILED' in raidmodel.stdout"
|
||||
|
|
|
@ -32,9 +32,8 @@
|
|||
- postfix
|
||||
|
||||
- name: fetch users list
|
||||
shell: getent passwd | cut -d":" -f 1 | grep -v root
|
||||
shell: 'getent passwd | cut -d":" -f 1 | grep -v root'
|
||||
check_mode: no
|
||||
|
||||
register: non_root_users_list
|
||||
changed_when: False
|
||||
tags:
|
||||
|
|
|
@ -22,11 +22,13 @@
|
|||
var: grep_allowusers_ssh
|
||||
verbosity: 1
|
||||
|
||||
- assert:
|
||||
- name: "Check that only AllowUsers or AllowGroups is present"
|
||||
assert:
|
||||
that: "not (grep_allowusers_ssh.rc == 0 and grep_allowgroups_ssh.rc == 0)"
|
||||
msg: "We can't deal with AllowUsers and AllowGroups at the same time"
|
||||
|
||||
- set_fact:
|
||||
- name: "Define which protection method to use"
|
||||
set_fact:
|
||||
# If "AllowGroups is present" or "AllowUsers is absent and Debian 10+",
|
||||
ssh_allowgroups: "{{ (grep_allowgroups_ssh.rc == 0) or (grep_allowusers_ssh.rc != 0 and (ansible_distribution_major_version is version('10', '>='))) }}"
|
||||
# If "AllowGroups is absent" and "AllowUsers is absent or Debian <10"
|
||||
|
|
|
@ -102,7 +102,7 @@
|
|||
state: present
|
||||
when:
|
||||
- evolinux_internal_group is defined
|
||||
- evolinux_internal_group != ""
|
||||
- evolinux_internal_group
|
||||
- ansible_distribution_major_version is version('9', '>=')
|
||||
|
||||
- name: "Unix user '{{ user.name }}' belongs to group '{{ evolinux_internal_group }}' (Debian 9 or later)"
|
||||
|
@ -112,7 +112,7 @@
|
|||
append: yes
|
||||
when:
|
||||
- evolinux_internal_group is defined
|
||||
- evolinux_internal_group != ""
|
||||
- evolinux_internal_group
|
||||
- ansible_distribution_major_version is version('9', '>=')
|
||||
|
||||
## Optional secondary groups, defined per user
|
||||
|
|
Loading…
Reference in a new issue