--- - fail: msg: "You must provide a value for the 'tomcat_instance_port' variable." when: tomcat_instance_port is not defined or tomcat_instance_port | length == 0 - name: "Test if uid '{{ tomcat_instance_port }}' exists" command: 'id -un -- "{{ tomcat_instance_port }}"' register: get_login_from_id failed_when: False changed_when: False check_mode: no - name: "Fail if uid already exists for another user" fail: msg: "Uid '{{ tomcat_instance_port }}' is already used by '{{ get_login_from_id.stdout }}'. You must change uid for '{{ tomcat_instance_name }}'" when: - get_login_from_id.rc == 0 - get_login_from_id.stdout != tomcat_instance_name - name: Create group instance group: name: "{{ tomcat_instance_name }}" gid: "{{ tomcat_instance_port }}" - name: Create user instance user: name: "{{ tomcat_instance_name }}" group: "{{ tomcat_instance_name }}" uid: "{{ tomcat_instance_port }}" home: "{{ tomcat_instance_root }}/{{ tomcat_instance_name }}" shell: '/bin/bash' createhome: no - name: Create home dir file: path: "{{ tomcat_instance_root }}/{{ tomcat_instance_name }}" state: directory owner: "{{ tomcat_instance_name }}" group: "{{ tomcat_instance_name }}" mode: "u=rwx,g=rwxs,o=" - name: Is /etc/aliases present? stat: path: /etc/aliases register: etc_aliases - name: Set mail alias for user lineinfile: dest: '/etc/aliases' state: present line: "{{ tomcat_instance_name }}: {{ tomcat_instance_mail }}" regexp: "{{ tomcat_instance_name }}:" when: etc_aliases.stat.exists and tomcat_instance_mail is defined register: tomcat_instance_mail_alias - name: Run newaliases command: newaliases when: tomcat_instance_mail_alias is changed - name: Enable sudo right lineinfile: dest: '/etc/sudoers.d/tomcat' state: present mode: "0440" create: yes line: "%{{ tomcat_instance_name }} ALL = ({{ tomcat_instance_name }}) SETENV: ALL" validate: 'visudo -cf %s' - name: Enable sudo right for deploy user lineinfile: dest: '/etc/sudoers.d/tomcat' state: present mode: "0440" create: yes line: "{{ tomcat_instance_deploy_user }} ALL = ({{ tomcat_instance_name }}) NOPASSWD: SETENV: ALL" validate: 'visudo -cf %s' when: tomcat_instance_deploy_user is defined - name: Enable sudo right for service management lineinfile: dest: '/etc/sudoers.d/tomcat' state: present mode: "0440" create: yes line: "%{{ tomcat_instance_name }} ALL = (root) NOPASSWD: {{ item }}" validate: 'visudo -cf %s' loop: - "/bin/systemctl start tomcat@{{ tomcat_instance_name }}.service" - "/bin/systemctl stop tomcat@{{ tomcat_instance_name }}.service" - "/bin/systemctl status tomcat@{{ tomcat_instance_name }}.service" - "/bin/systemctl status -l tomcat@{{ tomcat_instance_name }}.service" - "/bin/systemctl enable tomcat@{{ tomcat_instance_name }}.service" - "/bin/systemctl disable tomcat@{{ tomcat_instance_name }}.service" - name: Enable sudo right for deploy user for service management lineinfile: dest: '/etc/sudoers.d/tomcat' state: present mode: "0440" create: yes line: "{{ tomcat_instance_deploy_user }} ALL = (root) NOPASSWD: {{ item }}" validate: 'visudo -cf %s' when: tomcat_instance_deploy_user is defined loop: - "/bin/systemctl start tomcat@{{ tomcat_instance_name }}.service" - "/bin/systemctl stop tomcat@{{ tomcat_instance_name }}.service" - "/bin/systemctl status tomcat@{{ tomcat_instance_name }}.service" - "/bin/systemctl status -l tomcat@{{ tomcat_instance_name }}.service" - "/bin/systemctl enable tomcat@{{ tomcat_instance_name }}.service" - "/bin/systemctl disable tomcat@{{ tomcat_instance_name }}.service"