--- # tasks file for users - name: Déployer la configuration de sudo ansible.builtin.template: src: sudoers.j2 dest: /etc/sudoers.d/{{ user.name }} owner: root group: root mode: u=rw,g=,o= when: user.get('extras', {}).get('sudoers') become: true loop: "{{ users }}" loop_control: loop_var: user label: "{{ user.name }}" - name: Déployer la configuration de bash ansible.builtin.template: src: bash_aliases.j2 dest: "~{{ user.name }}/.bash_aliases" owner: "{{ user.name }}" group: "{{ user.group | default(user.name) }}" mode: u=rw,g=,o= become: true loop: "{{ users }}" loop_control: loop_var: user label: "{{ user.name }}" - name: Créer le dossier de configuration de SSH ansible.builtin.file: state: directory path: "~{{ user.name }}/.ssh" owner: "{{ user.name }}" group: "{{ user.group | default(user.name) }}" mode: u=rwX,g=rX,o=rX become: true loop: "{{ users }}" loop_control: loop_var: user label: "{{ user.name }}" - name: Déployer la configuration de SSH ansible.builtin.template: src: ssh_config.j2 dest: "~{{ user.name }}/.ssh/config" owner: "{{ user.name }}" group: "{{ user.group | default(user.name) }}" mode: u=rw,g=r,o=r when: user.get('extras', {}).get('ssh_config') become: true loop: "{{ users }}" loop_control: loop_var: user label: "{{ user.name }}" - name: Déployer les clefs SSH privées ansible.builtin.template: src: id_ed25519.j2 dest: "~{{ user.name }}/.ssh/id_ed25519" owner: "{{ user.name }}" group: "{{ user.group | default(user.name) }}" mode: u=rw,g=,o= when: user.get('extras', {}).get('id_ed25519') become: true loop: "{{ users }}" loop_control: loop_var: user label: "{{ user.name }}" - name: Déployer les clefs SSH autorisées ansible.builtin.template: src: authorized_key.j2 dest: "~{{ user.name }}/.ssh/authorized_keys" owner: "{{ user.name }}" group: "{{ user.group | default(user.name) }}" mode: u=rw,g=r,o=r when: user.get('extras', {}).get('authorized_keys') become: true loop: "{{ users }}" loop_control: loop_var: user label: "{{ user.name }}"