ansible-roles/dnet_user_services_perms/tasks/dnet-groups.yml

26 lines
803 B
YAML

---
- name: Add the dnet groups, if it does not exist already
group: name={{ item }} state=present
with_items:
- '{{ dnet_group }}'
- '{{ dnet_sudoers_group }}'
tags: [ 'dnet', 'users' ]
- name: Add all the users to the dnet group
user: name={{ item.login }} groups={{ dnet_group }}, append=yes
with_items: users_system_users
tags: [ 'dnet', 'users' ]
- name: Add selected users to the dnet sudoers group
user: name={{ item.login }} groups={{ dnet_sudoers_group }}, append=yes
with_items: users_system_users
when: item.dnet_sudoers_user
tags: [ 'dnet', 'users' ]
- name: Remove selected users to the dnet sudoers group
user: name={{ item.login }} groups={{ dnet_group }}
with_items: users_system_users
when: not item.dnet_sudoers_user
tags: [ 'dnet', 'users' ]