forked from evolix/ansible-roles
61 lines
1.6 KiB
YAML
61 lines
1.6 KiB
YAML
---
|
|
|
|
- name: "Test if '{{ user.name }}' exists"
|
|
command: 'getent passwd {{ user.name }}'
|
|
register: loginisbusy
|
|
failed_when: False
|
|
changed_when: False
|
|
check_mode: no
|
|
|
|
- name: "Test if uid exists for '{{ user.name }}'"
|
|
command: 'getent passwd {{ user.uid }}'
|
|
register: uidisbusy
|
|
failed_when: False
|
|
changed_when: False
|
|
check_mode: no
|
|
|
|
- name: "Add Unix account with classical uid for '{{ user.name }}'"
|
|
user:
|
|
state: present
|
|
uid: '{{ user.uid }}'
|
|
name: '{{ user.name }}'
|
|
comment: '{{ user.fullname }}'
|
|
shell: /bin/bash
|
|
password: '{{ user.password_hash }}'
|
|
update_password: on_create
|
|
when: loginisbusy.rc != 0 and uidisbusy.rc != 0
|
|
|
|
- name: "Add Unix account with random uid for '{{ user.name }}'"
|
|
user:
|
|
state: present
|
|
name: '{{ user.name }}'
|
|
comment: '{{ user.fullname }}'
|
|
shell: /bin/bash
|
|
password: '{{ user.password_hash }}'
|
|
update_password: on_create
|
|
when: loginisbusy.rc != 0 and uidisbusy.rc == 0
|
|
|
|
- name: "Create evolinux-sudo group"
|
|
group:
|
|
name: evolinux-sudo
|
|
system: yes
|
|
when: ansible_distribution_major_version | version_compare('9', '>=')
|
|
|
|
- name: "Create {{ admin_users_group }} group"
|
|
group:
|
|
name: "{{ admin_users_group }}"
|
|
when: ansible_distribution_major_version | version_compare('9', '>=')
|
|
|
|
- name: "Add user to sudo group (Debian 9 or later)"
|
|
user:
|
|
name: '{{ user.name }}'
|
|
groups: 'evolinux-sudo,{{ admin_users_group }}'
|
|
append: yes
|
|
when: ansible_distribution_major_version | version_compare('9', '>=')
|
|
|
|
- name: "Fix perms on homedirectory for '{{ user.name }}'"
|
|
file:
|
|
name: '/home/{{ user.name }}'
|
|
mode: "0700"
|
|
state: directory
|