library/roles/dnet_user_services_perms: Manage the creation of users that will run services other than the dnet ones.

This commit is contained in:
Andrea Dell'Amico 2015-10-07 17:01:22 +02:00
parent 304a25e564
commit 7feadf3945
4 changed files with 14 additions and 3 deletions

View File

@ -11,10 +11,13 @@ dnet_log_directories:
- /var/log/dnet - /var/log/dnet
- /var/log/dnet/search - /var/log/dnet/search
#dnet_other_services_users:
# - { user: 'dli', home: '/var/lib/dli_portal', createhome: True, shell: '/bin/bash' }
# Define the following if you want some directories readable and writable by the dnet group but outside the dnet app data dirs # Define the following if you want some directories readable and writable by the dnet group but outside the dnet app data dirs
#dnet_users_data_directories: #dnet_users_data_directories:
# - { name: '/data/1', perms: 0755, create: True } # - { name: '/data/1', perms: 0755, create: True, file: False, owner: 'root', group: 'dnet' }
# - { name: '/data/2', create: False, perms: 0755, file: False } # - { name: '/data/2', create: False, perms: 0755, file: False, owner: 'root', group: 'dnet' }
# - { name: '/data/bah', create: False, perms: 0644, file: True } # - { name: '/data/bah', create: False, perms: 0644, file: True }
# Define the following array when you want to add commands to the sudoers file # Define the following array when you want to add commands to the sudoers file

View File

@ -0,0 +1,6 @@
---
- name: Create users needed to operate services other than the dnet ones
user: name={{ item.user }} comment="{{ item.user }}" home={{ item.home }} createhome={{ item.createhome }} shell={{ item.shell }}
with_items: dnet_other_services_users
when: dnet_other_services_users is defined
tags: [ 'users', 'dnet' ]

View File

@ -1,6 +1,6 @@
--- ---
- name: Create the users dnet data dirs - name: Create the users dnet data dirs
file: name={{ item.name }} state=directory owner=root group={{ dnet_group }} mode={{ item.perms }} file: name={{ item.name }} state=directory owner={{ item.owner }} group={{ item.group }} mode={{ item.perms }}
with_items: dnet_users_data_directories with_items: dnet_users_data_directories
when: item.create and not item.file when: item.create and not item.file
tags: [ 'dnet', 'users' ] tags: [ 'dnet', 'users' ]

View File

@ -1,6 +1,8 @@
--- ---
- include: dnet-groups.yml - include: dnet-groups.yml
- include: sudo-config.yml - include: sudo-config.yml
- include: dnet-other-services-users.yml
when: dnet_other_services_users is defined
- include: dnet-data-dirs.yml - include: dnet-data-dirs.yml
when: dnet_standard_installation when: dnet_standard_installation
- include: dnet-users-data-dirs.yml - include: dnet-users-data-dirs.yml