ansible-role-user_services_.../tasks/common-users-data-dirs.yml

---
- block:
  - name: Create the common group used to setup acls
    group: name={{ common_users_group }} state=present system=yes
    when: additional_data_directories is defined

  tags: [ 'users', 'users_acl' ]

- block:
  - name: Add selected users to the common group
    user: name={{ item.login }} groups={{ common_users_group }} append=yes
    with_items: '{{ users_system_users }}'

  when:
    - users_system_users is defined
    - item.state is not defined or item.state == "present"
  tags: [ 'users', 'users_acl' ]

- block:
  - name: Add additional users to the common group
    user: name={{ item.login }} groups={{ common_users_group }} append=yes
    with_items: '{{ users_system_users_adjunct }}'

  when:
    - users_system_users is defined
    - item.state is not defined or item.state == "present"
  tags: [ 'users', 'users_acl' ]

- block:
  - name: Create the users additional data dirs
    file: name={{ item.name }} state=directory owner={{ item.owner }} group={{ item.group }} mode={{ item.perms }}
    with_items: '{{ additional_data_directories }}'
    when: item.create and not item.file

  tags: [ 'users', 'users_acl' ]

- block:
  - name: Create more additional data dirs
    file: name={{ item.name }} state=directory owner={{ item.owner }} group={{ item.group }} mode={{ item.perms }}
    with_items: '{{ additional_data_directories_adjunct }}'
    when: item.create and not item.file

  tags: [ 'users', 'users_acl' ]


- name: Set the ACLs on the users data dirs
  tags: [ 'users_acl' ]
  block:
  - name: Set the read/write/access permissions on the users additional data dirs
    ansible.posix.acl:
      name: "{{ item.name }}"
      entity: "{{ item.acl_group | default(common_users_group) }}"
      etype: group
      permissions: "{{ item.aclperms | default('rwX') }}"
      state: "{{ item.acl_state | default('present') }}"
      recursive: "{{ item.acl_recursive_set | default(true) }}"
      use_nfsv4_acls: "{{ item.nfs4_acl | default(false) }}"
    loop: '{{ additional_data_directories }}'
    when: item.aclperms is defined

  - name: Set the default read/write/access permissions on the users additional data dirs
    ansible.posix.acl:
      name: "{{ item.name }}"
      entity: "{{ item.acl_group | default(common_users_group) }}"
      etype: group
      permissions: "{{ item.aclperms | default('rwX') }}"
      state: "{{ item.acl_state | default('present') }}"
      recursive: "{{ item.acl_recursive_set | default(true) }}"
      use_nfsv4_acls: "{{ item.nfs4_acl | default(false) }}"
      default: true
    loop: '{{ additional_data_directories }}'
    when: item.aclperms is defined

- name: Set the ACLs on the users data dirs
  tags: [ 'users_acl' ]
  block:
  - name: Set the read/write/access permissions on the additional data dirs
    ansible.posix.acl:
      name: "{{ item.name }}"
      entity: "{{ item.acl_group | default(common_users_group) }}"
      etype: group
      permissions: "{{ item.aclperms | default('rwX') }}"
      state: "{{ item.acl_state | default('present') }}"
      recursive: "{{ item.acl_recursive_set | default(true) }}"
      use_nfsv4_acls: "{{ item.nfs4_acl | default(false) }}"
    loop: '{{ additional_data_directories_adjunct }}'
    when: item.aclperms is defined

  - name: Set the default read/write/access permissions on the additional data dirs
    ansible.posix.acl:
      name: "{{ item.name }}"
      entity: "{{ item.acl_group | default(common_users_group) }}"
      etype: group
      permissions: "{{ item.aclperms | default('rwX') }}"
      state: "{{ item.acl_state | default('present') }}"
      recursive: "{{ item.acl_recursive_set | default(true) }}"
      use_nfsv4_acls: "{{ item.nfs4_acl | default(false) }}"
      default: true
    loop: '{{ additional_data_directories_adjunct }}'
    when: item.aclperms is defined
directories and ACLs. 2020-05-28 16:46:43 +02:00			`---`
			`- block:`
			`- name: Create the common group used to setup acls`
			`group: name={{ common_users_group }} state=present system=yes`
			`when: additional_data_directories is defined`

			`tags: [ 'users', 'users_acl' ]`

			`- block:`
Fix the assignment to the common group. 2024-03-20 16:23:39 +01:00			`- name: Add selected users to the common group`
directories and ACLs. 2020-05-28 16:46:43 +02:00			`user: name={{ item.login }} groups={{ common_users_group }} append=yes`
			`with_items: '{{ users_system_users }}'`

Fix the assignment to the common group. 2024-03-20 16:23:39 +01:00			`when:`
			`- users_system_users is defined`
Fix a conditional. 2024-03-20 16:39:44 +01:00			`- item.state is not defined or item.state == "present"`
directories and ACLs. 2020-05-28 16:46:43 +02:00			`tags: [ 'users', 'users_acl' ]`

			`- block:`
Fix the assignment to the common group. 2024-03-20 16:23:39 +01:00			`- name: Add additional users to the common group`
directories and ACLs. 2020-05-28 16:46:43 +02:00			`user: name={{ item.login }} groups={{ common_users_group }} append=yes`
			`with_items: '{{ users_system_users_adjunct }}'`

Fix the assignment to the common group. 2024-03-20 16:23:39 +01:00			`when:`
			`- users_system_users is defined`
Fix a conditional. 2024-03-20 16:39:44 +01:00			`- item.state is not defined or item.state == "present"`
directories and ACLs. 2020-05-28 16:46:43 +02:00			`tags: [ 'users', 'users_acl' ]`

			`- block:`
			`- name: Create the users additional data dirs`
			`file: name={{ item.name }} state=directory owner={{ item.owner }} group={{ item.group }} mode={{ item.perms }}`
			`with_items: '{{ additional_data_directories }}'`
			`when: item.create and not item.file`

			`tags: [ 'users', 'users_acl' ]`

			`- block:`
			`- name: Create more additional data dirs`
			`file: name={{ item.name }} state=directory owner={{ item.owner }} group={{ item.group }} mode={{ item.perms }}`
			`with_items: '{{ additional_data_directories_adjunct }}'`
			`when: item.create and not item.file`

			`tags: [ 'users', 'users_acl' ]`


Manage the NFS ACLs. 2024-05-29 11:45:03 +02:00			`- name: Set the ACLs on the users data dirs`
			`tags: [ 'users_acl' ]`
			`block:`
directories and ACLs. 2020-05-28 16:46:43 +02:00			`- name: Set the read/write/access permissions on the users additional data dirs`
Manage the NFS ACLs. 2024-05-29 11:45:03 +02:00			`ansible.posix.acl:`
			`name: "{{ item.name }}"`
			`entity: "{{ item.acl_group \| default(common_users_group) }}"`
			`etype: group`
			`permissions: "{{ item.aclperms \| default('rwX') }}"`
			`state: "{{ item.acl_state \| default('present') }}"`
			`recursive: "{{ item.acl_recursive_set \| default(true) }}"`
			`use_nfsv4_acls: "{{ item.nfs4_acl \| default(false) }}"`
			`loop: '{{ additional_data_directories }}'`
The ACL settings are now conditional. 2024-05-29 14:54:23 +02:00			`when: item.aclperms is defined`
directories and ACLs. 2020-05-28 16:46:43 +02:00
			`- name: Set the default read/write/access permissions on the users additional data dirs`
Manage the NFS ACLs. 2024-05-29 11:45:03 +02:00			`ansible.posix.acl:`
			`name: "{{ item.name }}"`
			`entity: "{{ item.acl_group \| default(common_users_group) }}"`
			`etype: group`
			`permissions: "{{ item.aclperms \| default('rwX') }}"`
			`state: "{{ item.acl_state \| default('present') }}"`
			`recursive: "{{ item.acl_recursive_set \| default(true) }}"`
			`use_nfsv4_acls: "{{ item.nfs4_acl \| default(false) }}"`
			`default: true`
			`loop: '{{ additional_data_directories }}'`
The ACL settings are now conditional. 2024-05-29 14:54:23 +02:00			`when: item.aclperms is defined`
Manage the NFS ACLs. 2024-05-29 11:45:03 +02:00
			`- name: Set the ACLs on the users data dirs`
directories and ACLs. 2020-05-28 16:46:43 +02:00			`tags: [ 'users_acl' ]`
Manage the NFS ACLs. 2024-05-29 11:45:03 +02:00			`block:`
directories and ACLs. 2020-05-28 16:46:43 +02:00			`- name: Set the read/write/access permissions on the additional data dirs`
Manage the NFS ACLs. 2024-05-29 11:45:03 +02:00			`ansible.posix.acl:`
			`name: "{{ item.name }}"`
			`entity: "{{ item.acl_group \| default(common_users_group) }}"`
			`etype: group`
			`permissions: "{{ item.aclperms \| default('rwX') }}"`
			`state: "{{ item.acl_state \| default('present') }}"`
			`recursive: "{{ item.acl_recursive_set \| default(true) }}"`
			`use_nfsv4_acls: "{{ item.nfs4_acl \| default(false) }}"`
			`loop: '{{ additional_data_directories_adjunct }}'`
The ACL settings are now conditional. 2024-05-29 14:54:23 +02:00			`when: item.aclperms is defined`
directories and ACLs. 2020-05-28 16:46:43 +02:00
			`- name: Set the default read/write/access permissions on the additional data dirs`
Manage the NFS ACLs. 2024-05-29 11:45:03 +02:00			`ansible.posix.acl:`
			`name: "{{ item.name }}"`
			`entity: "{{ item.acl_group \| default(common_users_group) }}"`
			`etype: group`
			`permissions: "{{ item.aclperms \| default('rwX') }}"`
			`state: "{{ item.acl_state \| default('present') }}"`
			`recursive: "{{ item.acl_recursive_set \| default(true) }}"`
			`use_nfsv4_acls: "{{ item.nfs4_acl \| default(false) }}"`
			`default: true`
			`loop: '{{ additional_data_directories_adjunct }}'`
The ACL settings are now conditional. 2024-05-29 14:54:23 +02:00			`when: item.aclperms is defined`