ansible-roles/user_services_perms/tasks/common-groups.yml

---
- block:
  - name: Create the service user, if it is not used to run the tomcat instances
    user: name={{ service_user }} home={{ service_data_directory }} createhome=no shell=/usr/sbin/nologin

  - name: Add the additional service groups
    group: name={{ item }} state=present
    with_items:
      - '{{ service_group }}'
      - '{{ service_sudoers_group }}'
    
  - name: Add selected users to the limited sudoers group
    user: name={{ item.login }} groups={{ service_sudoers_group }} append=yes
    with_items: '{{ users_system_users | default([]) }}'
    when: item.limited_sudoers_user

  - name: Remove selected users to the limited sudoers group
    user: name={{ item.login }} groups={{ service_sudoers_group }}
    with_items: '{{ users_system_users | default([]) }}'
    when: not item.limited_sudoers_user

  when: service_custom_installation
  tags: [ 'services', 'users' ]
Role that configure users and sudo permissions. 2019-02-13 18:49:57 +01:00			`---`
			`- block:`
			`- name: Create the service user, if it is not used to run the tomcat instances`
			`user: name={{ service_user }} home={{ service_data_directory }} createhome=no shell=/usr/sbin/nologin`

			`- name: Add the additional service groups`
			`group: name={{ item }} state=present`
			`with_items:`
			`- '{{ service_group }}'`
			`- '{{ service_sudoers_group }}'`

			`- name: Add selected users to the limited sudoers group`
			`user: name={{ item.login }} groups={{ service_sudoers_group }} append=yes`
			`with_items: '{{ users_system_users \| default([]) }}'`
			`when: item.limited_sudoers_user`

			`- name: Remove selected users to the limited sudoers group`
			`user: name={{ item.login }} groups={{ service_sudoers_group }}`
			`with_items: '{{ users_system_users \| default([]) }}'`
			`when: not item.limited_sudoers_user`

			`when: service_custom_installation`
			`tags: [ 'services', 'users' ]`