--- # tasks file for users - name: Deploy sudoers configuration ansible.builtin.template: src: sudoers.j2 dest: /etc/sudoers.d/{{ user.name }} owner: root group: root mode: u=rw,g=,o= when: user.get('extras', {}).get('sudoers') become: true loop: "{{ users }}" loop_control: loop_var: user label: "{{ user.name }}" - name: Deploy bash_aliases ansible.builtin.template: src: bash_aliases.j2 dest: "~{{ user.name }}/.bash_aliases" owner: "{{ user.name }}" group: "{{ user.group | default(user.name) }}" mode: u=rw,g=,o= become: true loop: "{{ users }}" loop_control: loop_var: user label: "{{ user.name }}" - name: Create ssh directory ansible.builtin.file: state: directory path: "~{{ user.name }}/.ssh" owner: "{{ user.name }}" group: "{{ user.group | default(user.name) }}" mode: u=rwX,g=rX,o=rX become: true loop: "{{ users }}" loop_control: loop_var: user label: "{{ user.name }}" - name: Deploy SSH configuration ansible.builtin.template: src: ssh_config.j2 dest: "~{{ user.name }}/.ssh/config" owner: "{{ user.name }}" group: "{{ user.group | default(user.name) }}" mode: u=rw,g=r,o=r when: user.get('extras', {}).get('ssh_config') become: true loop: "{{ users }}" loop_control: loop_var: user label: "{{ user.name }}" - name: Deploy SSH private keys ansible.builtin.template: src: id_ed25519.j2 dest: "~{{ user.name }}/.ssh/id_ed25519" owner: "{{ user.name }}" group: "{{ user.group | default(user.name) }}" mode: u=rw,g=,o= when: user.get('extras', {}).get('id_ed25519') become: true loop: "{{ users }}" loop_control: loop_var: user label: "{{ user.name }}" - name: Deploy authorized SSH keys ansible.builtin.template: src: authorized_key.j2 dest: "~{{ user.name }}/.ssh/authorized_keys" owner: "{{ user.name }}" group: "{{ user.group | default(user.name) }}" mode: u=rw,g=r,o=r when: user.get('extras', {}).get('authorized_keys') become: true loop: "{{ users }}" loop_control: loop_var: user label: "{{ user.name }}"