ansible-role-users/tasks/users.yml

114 lines
4.0 KiB
YAML
Raw Normal View History

2022-01-23 02:20:50 +01:00
- block:
- name: "Create user '{{ user.username }}'."
tags: users
ansible.builtin.user:
name: "{{ user.username }}"
2022-01-23 02:35:27 +01:00
state: "{{ user.state | default(omit) }}"
2022-01-23 03:09:02 +01:00
group: "{{ user.group | default(omit) }}"
groups: "{{ user.groups | default(omit) }}"
2022-01-23 02:20:50 +01:00
comment: "{{ user.comment | default(omit) }}"
shell: "{{ user.shell | default(omit) }}"
password: "{{ user.password | default(omit) }}"
system: "{{ user.system | default(omit) }}"
uid: "{{ user.uid | default(omit) }}"
gid: "{{ user.gid | default(omit) }}"
update_password: on_create
2022-01-23 02:32:39 +01:00
- name: "Create home directory for user '{{ user.username }}'."
tags: users
ansible.builtin.user:
name: "{{ user.username }}"
create_home: yes
when: ldap_uris is defined and ldap_uris | length > 0
2022-01-23 02:20:50 +01:00
- name: "Create sudoers file for user '{{ user.username }}'."
tags: users,sudo
ansible.builtin.template:
src: "sudoers"
dest: "/etc/sudoers.d/{{ user.username }}"
owner: root
group: root
mode: 0440
when:
- user.sudo | default(false)
- name: "Create config directories for user '{{ user.username }}'."
tags: users
ansible.builtin.file:
path: "{{ user.home_dir | default('/home/' + user.username) }}/{{ item }}"
state: directory
owner: "{{ user.username }}"
group: "{{ user.username }}"
mode: 0700
with_items: "{{ user.config_dirs | default([]) }}"
- name: "Copy config files for user '{{ user.username }}'."
tags: users
ansible.builtin.copy:
src: "{{ item.src }}"
dest: "{{user.home_dir | default('/home/' + user.username) }}/{{ item.dest }}"
owner: "{{ user.username }}"
group: "{{ user.username }}"
mode: 0600
with_items: "{{ user.config_files | default([]) }}"
register: dotfiles_installed
- name: "Create config files from templates for user '{{ user.username }}'."
tags: users
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{user.home_dir | default('/home/' + user.username) }}/{{ item.dest }}"
owner: "{{ user.username }}"
group: "{{ user.username }}"
mode: 0600
with_items: "{{ user.config_templates | default([]) }}"
register: dotfiles_installed
- name: "Add ssh public keys for user '{{ user.username }}'."
tags: users
ansible.builtin.authorized_key:
user: "{{ user.username }}"
key: "{{ item }}"
with_items: "{{ user.ssh_keys | default([]) }}"
- name: "Check if .zsh folder exists"
stat:
path: "{{ user.home_dir | default('/home/' + user.username) }}/.zsh"
register: zsh_config_dir
2022-01-23 02:20:50 +01:00
- name: "Install antigen for '{{ user.username }}'."
tags: users
ansible.builtin.get_url:
url: https://git.io/antigen
dest: "{{ user.home_dir | default('/home/' + user.username) }}/.zsh/antigen.zsh"
mode: 0600
when: zsh_config_dir.stat.exists
register: zsh_antigen
- name: "Check if .tmux folder exists"
stat:
path: "{{ user.home_dir | default('/home/' + user.username) }}/.tmux"
register: tmux_config_dir
2022-01-23 02:20:50 +01:00
- name: "Install tpm for user '{{ user.username }}'."
tags: users
ansible.builtin.git:
repo: "https://github.com/tmux-plugins/tpm"
dest: "{{ user.home_dir | default('/home/' + user.username) }}/.tmux/plugins/tpm"
version: v3.0.0
when: tmux_config_dir.stat.exists
register: tmux_tpm
2022-01-23 02:20:50 +01:00
2022-01-23 03:09:02 +01:00
- name: "Fix permissions for user '{{ user.username }}'"
ansible.builtin.file:
path: "{{ item }}"
owner: "{{ user.username }}"
recurse: yes
with_items:
- "{{ user.home_dir | default('/home/' + user.username) }}/.tmux/plugins/tpm"
- "{{ user.home_dir | default('/home/' + user.username) }}/.zsh"
when: tmux_tpm.changed == true or zsh_antigen.changed == true
2022-01-23 03:09:02 +01:00
2022-01-23 02:20:50 +01:00
when:
- user.state | default('present') == 'present'