ansible/role_users
1
0
Fork 0
Code Pull Requests Releases Activity
role_users/tasks/configuration.yml
pulsar89.5 473492f5e3 feat: Create role
2025-04-10 16:09:27 +02:00

85 lines
2.1 KiB
YAML
Raw Blame History

---
# tasks file for users
- name: Deploy sudoers configuration
ansible.builtin.template:
src: sudoers.j2
dest: /etc/sudoers.d/{{ user.name }}
owner: root
group: root
mode: u=rw,g=,o=
when: user.get('extras', {}).get('sudoers')
become: true
loop: "{{ users }}"
loop_control:
loop_var: user
label: "{{ user.name }}"
- name: Deploy bash_aliases
ansible.builtin.template:
src: bash_aliases.j2
dest: "~{{ user.name }}/.bash_aliases"
owner: "{{ user.name }}"
group: "{{ user.group | default(user.name) }}"
mode: u=rw,g=,o=
become: true
loop: "{{ users }}"
loop_control:
loop_var: user
label: "{{ user.name }}"
- name: Create ssh directory
ansible.builtin.file:
state: directory
path: "~{{ user.name }}/.ssh"
owner: "{{ user.name }}"
group: "{{ user.group | default(user.name) }}"
mode: u=rwX,g=rX,o=rX
become: true
loop: "{{ users }}"
loop_control:
loop_var: user
label: "{{ user.name }}"
- name: Deploy SSH configuration
ansible.builtin.template:
src: ssh_config.j2
dest: "~{{ user.name }}/.ssh/config"
owner: "{{ user.name }}"
group: "{{ user.group | default(user.name) }}"
mode: u=rw,g=r,o=r
when: user.get('extras', {}).get('ssh_config')
become: true
loop: "{{ users }}"
loop_control:
loop_var: user
label: "{{ user.name }}"
- name: Deploy SSH private keys
ansible.builtin.template:
src: id_ed25519.j2
dest: "~{{ user.name }}/.ssh/id_ed25519"
owner: "{{ user.name }}"
group: "{{ user.group | default(user.name) }}"
mode: u=rw,g=,o=
when: user.get('extras', {}).get('id_ed25519')
become: true
loop: "{{ users }}"
loop_control:
loop_var: user
label: "{{ user.name }}"
- name: Deploy authorized SSH keys
ansible.builtin.template:
src: authorized_key.j2
dest: "~{{ user.name }}/.ssh/authorized_keys"
owner: "{{ user.name }}"
group: "{{ user.group | default(user.name) }}"
mode: u=rw,g=r,o=r
when: user.get('extras', {}).get('authorized_keys')
become: true
loop: "{{ users }}"
loop_control:
loop_var: user
label: "{{ user.name }}"
View Git Blame Copy Permalink