library/roles/users/tasks/main.yml: Fix defaults for the users creation.

This commit is contained in:
Andrea Dell'Amico 2017-04-19 19:19:41 +02:00
parent a745a6a46f
commit c3c3cfc786
1 changed files with 6 additions and 12 deletions

View File

@ -11,31 +11,25 @@
- name: Create users - name: Create users
user: name={{ item.login }} comment="{{ item.name }}" home={{ item.home }}/{{ item.login }} createhome={{ item.createhome }} shell={{ item.shell }} password={{ item.password | default('*') }} update_password={{ item.update_password | default('on_create') }} user: name={{ item.login }} comment="{{ item.name }}" home={{ item.home }}/{{ item.login }} createhome={{ item.createhome }} shell={{ item.shell }} password={{ item.password | default('*') }} update_password={{ item.update_password | default('on_create') }}
with_items: '{{ users_system_users }}' with_items: '{{ users_system_users | default([]) }}'
when: users_system_users is defined
tags: users tags: users
- name: ensure that the users can login with their ssh keys - name: ensure that the users can login with their ssh keys
authorized_key: user="{{ item.login }}" key="{{ item.ssh_key }}" state=present authorized_key: user="{{ item.login }}" key="{{ item.ssh_key }}" state=present
with_items: '{{ users_system_users }}' with_items: '{{ users_system_users | default([]) }}'
when: when: item.ssh_key is defined
- users_system_users is defined
- item.ssh_key is defined
tags: users tags: users
- name: Add the admin users to the sudoers group - name: Add the admin users to the sudoers group
user: name={{ item.login }} groups={{ users_sudoers_group }} append=yes user: name={{ item.login }} groups={{ users_sudoers_group }} append=yes
with_items: '{{ users_system_users }}' with_items: '{{ users_system_users | default([]) }}'
when: when: item.admin
- users_system_users is defined
- item.admin
tags: users tags: users
- name: ensure that the users can login with their ssh keys as root if we want ensure direct access - name: ensure that the users can login with their ssh keys as root if we want ensure direct access
authorized_key: user=root key="{{ item.ssh_key }}" state=present authorized_key: user=root key="{{ item.ssh_key }}" state=present
with_items: '{{ users_system_users }}' with_items: '{{ users_system_users | default([]) }}'
when: when:
- users_system_users is defined
- item.ssh_key is defined - item.ssh_key is defined
- ( item.log_as_root is defined ) and ( item.log_as_root ) - ( item.log_as_root is defined ) and ( item.log_as_root )
tags: users tags: users