forked from ISTI-ansible-roles/ansible-roles
library/roles/dnet_user_services_perms: Manage the creation of users that will run services other than the dnet ones.
This commit is contained in:
parent
304a25e564
commit
7feadf3945
|
@ -11,10 +11,13 @@ dnet_log_directories:
|
||||||
- /var/log/dnet
|
- /var/log/dnet
|
||||||
- /var/log/dnet/search
|
- /var/log/dnet/search
|
||||||
|
|
||||||
|
#dnet_other_services_users:
|
||||||
|
# - { user: 'dli', home: '/var/lib/dli_portal', createhome: True, shell: '/bin/bash' }
|
||||||
|
|
||||||
# Define the following if you want some directories readable and writable by the dnet group but outside the dnet app data dirs
|
# Define the following if you want some directories readable and writable by the dnet group but outside the dnet app data dirs
|
||||||
#dnet_users_data_directories:
|
#dnet_users_data_directories:
|
||||||
# - { name: '/data/1', perms: 0755, create: True }
|
# - { name: '/data/1', perms: 0755, create: True, file: False, owner: 'root', group: 'dnet' }
|
||||||
# - { name: '/data/2', create: False, perms: 0755, file: False }
|
# - { name: '/data/2', create: False, perms: 0755, file: False, owner: 'root', group: 'dnet' }
|
||||||
# - { name: '/data/bah', create: False, perms: 0644, file: True }
|
# - { name: '/data/bah', create: False, perms: 0644, file: True }
|
||||||
|
|
||||||
# Define the following array when you want to add commands to the sudoers file
|
# Define the following array when you want to add commands to the sudoers file
|
||||||
|
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
- name: Create users needed to operate services other than the dnet ones
|
||||||
|
user: name={{ item.user }} comment="{{ item.user }}" home={{ item.home }} createhome={{ item.createhome }} shell={{ item.shell }}
|
||||||
|
with_items: dnet_other_services_users
|
||||||
|
when: dnet_other_services_users is defined
|
||||||
|
tags: [ 'users', 'dnet' ]
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
- name: Create the users dnet data dirs
|
- name: Create the users dnet data dirs
|
||||||
file: name={{ item.name }} state=directory owner=root group={{ dnet_group }} mode={{ item.perms }}
|
file: name={{ item.name }} state=directory owner={{ item.owner }} group={{ item.group }} mode={{ item.perms }}
|
||||||
with_items: dnet_users_data_directories
|
with_items: dnet_users_data_directories
|
||||||
when: item.create and not item.file
|
when: item.create and not item.file
|
||||||
tags: [ 'dnet', 'users' ]
|
tags: [ 'dnet', 'users' ]
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
---
|
---
|
||||||
- include: dnet-groups.yml
|
- include: dnet-groups.yml
|
||||||
- include: sudo-config.yml
|
- include: sudo-config.yml
|
||||||
|
- include: dnet-other-services-users.yml
|
||||||
|
when: dnet_other_services_users is defined
|
||||||
- include: dnet-data-dirs.yml
|
- include: dnet-data-dirs.yml
|
||||||
when: dnet_standard_installation
|
when: dnet_standard_installation
|
||||||
- include: dnet-users-data-dirs.yml
|
- include: dnet-users-data-dirs.yml
|
||||||
|
|
Loading…
Reference in New Issue