stationgroup/ansible-experiments
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

don't create users depending on OS #14

Merged
vincentvdk merged 14 commits from fix/13 into master 2018-10-21 01:36:24 +00:00
Conversation 1 Commits 14 Files changed 3 +79 -9
3 changed files with 79 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml
View file

@ -1,10 +1,22 @@
--- ---
- name: Check if user has ~/.ssh/config - name: Check if user has ~/.ssh/config | Debian/Ubuntu systems.
stat: stat:
path: "/home/{{ item.name }}/.ssh/config" path: "/home/{{ item.name }}/.ssh/config"
with_items: "{{ users }}" with_items: "{{ users }}"
register: sshconfig register: sshconfig
when: item.name != 'ec2-user' and ansible_os_family == 'Debian'
- name: Check if user has ~/.ssh/config | FreeBSD systems.
stat:
path: "/home/{{ item.name }}/.ssh/config"
with_items: "{{ users }}"
register: sshconfig
when: item.name != 'ubuntu' and ansible_os_family == 'FreeBSD'
- name: debug
debug: "{{ item.item.name }}"
with_items:
- "{{ sshconfig.results }}"
- name: Create ~/.ssh/config when absent - name: Create ~/.ssh/config when absent
file: file:
@ -13,10 +25,10 @@
group: "{{ item.item.name }}" group: "{{ item.item.name }}"
mode: 0600 mode: 0600
state: touch state: touch
when: item.stat.exists == False and item.item.state == "present" when: item.stat is defined and item.stat.exists == False and item.item.state == "present"
with_items: with_items:
- "{{ sshconfig.results }}" - "{{ sshconfig.results }}"
no_log: True no_log: True
- name: CHECK VARS - name: CHECK VARS
@ -51,5 +63,29 @@
with_items: with_items:
- "{{ users }}" - "{{ users }}"
- skip_missing: true - skip_missing: true
when: item.ssh_config is defined and item.state == "present" when: item.ssh_config is defined and item.state == "present" and item.name != 'ec2-user' and ansible_os_family == 'Debian'
- name: Configure ~/.ssh/config FreeBSD
blockinfile:
#path: "/home/{{ item.0.name }}/.ssh/config"
path: "/home/{{ item.name }}/.ssh/config"
#owner: "{{ item.0.name }}"
owner: "{{ item.name }}"
#group: "{{ item.0.name }}"
group: "{{ item.name }}"
mode: 0600
marker: "# {mark} ANSIBLE MANAGED BLOCK"
content: |
{% for host in groups['all'] -%}
Host {{ hostvars[host]['ansible_hostname'] }}
Hostname {{ hostvars[host]['inventory_hostname'] }}
RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent
RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh
{% for item in item.ssh_config %}
{{ item.line }}
{% endfor %}
{% endfor %}
with_items:
- "{{ users }}"
- skip_missing: true
when: item.ssh_config is defined and item.state == "present" and item.name != 'ubuntu' and ansible_os_family == 'FreeBSD'

29
add-users-groups-authorized_keys-dot-files/roles/users/tasks/ssh_config.yml
View file

@ -1,5 +1,5 @@
- name: Ensure .ssh folder is created - name: Ensure .ssh folder is created | Debian/Ubuntu systems
file: file:
path: "/home/{{item.name}}/.ssh" path: "/home/{{item.name}}/.ssh"
state: directory state: directory
@ -8,10 +8,10 @@
group: "{{ item.name }}" group: "{{ item.name }}"
with_items: with_items:
- "{{ users }}" - "{{ users }}"
when: item.state == "present" when: item.state == "present" and item.name != 'ec2-user' and ansible_os_family == 'Debian'
- name: Configure authorized_keys - name: Configure authorized_keys | Debian/Ubuntu systems
authorized_key: authorized_key:
user: "{{ item.0.name }}" user: "{{ item.0.name }}"
key: "{{ lookup('file', 'keys/' + item.0.name + '/' + item.1.file + '.pub') }}" key: "{{ lookup('file', 'keys/' + item.0.name + '/' + item.1.file + '.pub') }}"
@ -19,5 +19,26 @@
with_subelements: with_subelements:
- "{{ users }}" - "{{ users }}"
- keys - keys
when: item.0.state is defined and item.0.state == "present" when: item.0.state is defined and item.0.state == "present" and item.0.name != 'ec2-user' and ansible_os_family == 'Debian'
- name: Ensure .ssh folder is created | FreeBSD systems
file:
path: "/home/{{item.name}}/.ssh"
state: directory
mode: 0700
owner: "{{ item.name }}"
group: "{{ item.name }}"
with_items:
- "{{ users }}"
when: item.state == "present" and item.name != 'ubuntu' and ansible_os_family == 'FreeBSD'
- name: Configure authorized_keys | FreeBSD systems
authorized_key:
user: "{{ item.0.name }}"
key: "{{ lookup('file', 'keys/' + item.0.name + '/' + item.1.file + '.pub') }}"
state: "{{ item.1.state | default('present') }}"
with_subelements:
- "{{ users }}"
- keys
when: item.0.state is defined and item.0.state == "present" and item.0.name != 'ubuntu' and ansible_os_family == 'FreeBSD'

15
add-users-groups-authorized_keys-dot-files/roles/users/tasks/users.yml
View file

@ -7,7 +7,7 @@
with_items: "{{ user_groups }}" with_items: "{{ user_groups }}"
- name: Add/Remove user - name: Add/Remove user(s) on Ubuntu systems
user: user:
name: "{{ item.name }}" name: "{{ item.name }}"
state: "{{ item.state | default('present') }}" state: "{{ item.state | default('present') }}"
@ -18,7 +18,20 @@
remove: yes remove: yes
no_log: False no_log: False
with_items: "{{ users }}" with_items: "{{ users }}"
when: item.name != 'ec2-user' and ansible_os_family == 'Debian'
- name: Add/Remove user(s) on FreeBSD systems
user:
name: "{{ item.name }}"
state: "{{ item.state | default('present') }}"
password: "{{ item.password | default(omit) }}"
groups: "{{ item.groups | default(omit) }}"
uid: "{{ item.uid | default(omit) }}"
shell: "{{ item.shell | default(default_shell) }}"
remove: yes
no_log: False
with_items: "{{ users }}"
when: item.name != 'ubuntu' and ansible_os_family == 'FreeBSD'
- name: Configure bashrc lines - name: Configure bashrc lines
lineinfile: lineinfile: