36 lines
972 B
YAML
36 lines
972 B
YAML
---
|
|
# User management tasks
|
|
|
|
- name: Create user groups
|
|
ansible.builtin.group:
|
|
name: "{{ item.name }}"
|
|
state: present
|
|
loop: "{{ common_users }}"
|
|
when: item.create_group | default(true)
|
|
|
|
- name: Create users
|
|
ansible.builtin.user:
|
|
name: "{{ item.name }}"
|
|
groups: "{{ item.groups | default([]) }}"
|
|
shell: "{{ item.shell | default('/bin/bash') }}"
|
|
create_home: true
|
|
state: present
|
|
loop: "{{ common_users }}"
|
|
|
|
- name: Set authorized keys for users
|
|
ansible.posix.authorized_key:
|
|
user: "{{ item.0.name }}"
|
|
key: "{{ item.1 }}"
|
|
state: present
|
|
loop: "{{ common_users | subelements('ssh_keys', skip_missing=True) }}"
|
|
|
|
- name: Configure passwordless sudo for users
|
|
ansible.builtin.lineinfile:
|
|
path: "/etc/sudoers.d/{{ item.name }}"
|
|
line: "{{ item.name }} ALL=(ALL) NOPASSWD:ALL"
|
|
create: true
|
|
mode: '0440'
|
|
validate: 'visudo -cf %s'
|
|
loop: "{{ common_users }}"
|
|
when: item.passwordless_sudo | default(false)
|