.. | ||
defaults | ||
files/keys | ||
tasks | ||
vars | ||
README.md |
Users
Ansible roles to create/configure users on Linux/FreeBSD.
Variables
user_groups | ||
---|---|---|
name | name of the group | Data type |
gid | Optionally set the group ID | int |
state | whether the group shoud be created or removed | present/absent |
users | ||
---|---|---|
variable name | Description | Data type |
name | username | string |
state | whether the user should be created or removed | present/absent |
password | string of an encrypted value(1) | string |
groups | additional groups the user should belong to | list |
uid | optionally specify a user id | int |
enable_sudo | Enable passwordless sudo for the given user | bool |
keys | list of dictionaries | list |
bash_lines | configure lines in .bashrc | list |
bash_blocks | configure lines in .bashrc | list |
csh_lines | configure lines in .cshrc | list |
csh__blocks | configure lines in .cshrc | list |
Default variables
The default shells depending on the OS are:
- Linux:
/bin/bash
- FreeBSD:
/bin/cshrc
This is defined in the defaults
section of the users role
Example inventory
user_groups:
- name: mygroup
gid: 700
users:
- name: remember
state: present
password: "blabla"
groups:
- mygroup
uid: 1100
enable_sudo: true
keys:
- file: key1
state: present
bash_lines:
- line: "export SSH_AUTH_SOCK=$HOME/.gnupg/S.gpg-agent.ssh"
state: present
- line: "alias ls='ls lah'"
state: present
bash_blocks:
- content: |
#testing
#multiline
state: present
- name: test
enable_sudo: false
keys:
- file: key2
state: absent
csh_lines:
- line: "ls ls -lah"
state: absent
Using the Role
Example Playbook
---
- name: Manage user configuration
hosts: all
remote_user: root
roles:
- users
Configure a user's ssh keys
For every user a directory matching the username should be created under the keys folder in the role's files folder. In this folder the user's ssh keys can be stored.
├── files
│ └── keys
│ ├── remember
│ │ └── key1.pub
│ └── test
│ └── key2.pub
The name of the file holding the key should match the name in the users variable
keys:
- file: key1
state: present
Configure a user's shell
This role allows you to add or remove lines to a user's .bashrc
or cshrc
file. Since this is not based on a template that overwrites the complete file, users can still add their own configuration too.
Add items to the shell_lines key in the users variable. Each item exists of a line and state key.
lines
Use lines if you want to make sure a single line is present or not. Example:
shell_lines:
- line: "testline"
state: absent
- line: 'export SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent.ssh"'
state: present
- line: "alias ls='ls lah'"
state: present
blocks
use blocks if you want to make sure a number of lines that belong together are present or not.
Example:
bash_blocks:
- content: |
if [ condition ]; then
do something
state: present