ansible-role-user_services_.../tasks/sudoers-groups.yml

54 lines
1.6 KiB
YAML
Raw Normal View History

2020-05-28 16:46:43 +02:00
---
- block:
- name: Add the additional service groups
group: name={{ item }} state=present
with_items: '{{ service_sudoers_group }}'
when: users_system_users is defined
tags: [ 'services', 'users' ]
#- block:
# - name: Remove selected users to the limited sudoers group
# user: name={{ item.login }} groups=''
# with_items: '{{ users_system_users | default([]) }}'
# when: not item.limited_sudoers_user
#
# when:
# - users_system_users is defined
# - item.limited_sudoers_user is defined
# tags: [ 'services', 'users' ]
#
#- block:
# - name: Remove additional users to the limited sudoers group
# user: name={{ item.login }} groups=''
# with_items: '{{ users_system_users_adjunct }}'
# when: not item.limited_sudoers_user
#
# when:
# - users_system_users_adjunct is defined
# - item.limited_sudoers_user is defined
# tags: [ 'services', 'users' ]
2020-05-28 16:46:43 +02:00
- block:
- name: Add selected users to the limited sudoers group
user: name={{ item.login }} groups={{ service_sudoers_group }} append=yes
with_items: '{{ users_system_users | default([]) }}'
when: item.limited_sudoers_user
when:
- users_system_users is defined
- item.limited_sudoers_user is defined
tags: [ 'services', 'users' ]
- block:
- name: Add additional users to the limited sudoers group
user: name={{ item.login }} groups={{ service_sudoers_group }} append=yes
with_items: '{{ users_system_users_adjunct }}'
when: item.limited_sudoers_user
when:
- users_system_users_adjunct is defined
- item.limited_sudoers_user is defined
tags: [ 'services', 'users' ]