|
- ---
-
- - name: user groups
- group:
- name: "{{ item }}"
- gid: "{{ user_groups[item].gid }}"
- state: present
- with_items: "{{ user_groups.keys() }}"
- when: user_groups is defined
-
- - name: users primary group
- group:
- name: "{{ item }}"
- gid: "{{ users[item].gid }}"
- state: present
- with_items: "{{ users.keys() }}"
- when: users[item].gid is defined
-
- - name: user accounts
- user:
- name: "{{ item }}"
- group: "{{ item }}"
- groups: "{{ users[item].groups | join(',') }}"
- uid: "{{ users[item].uid }}"
- home: "{{ users[item].home | default('/home/'+item) }}"
- shell: "{{ users[item].shell | default('/bin/bash') }}"
- generate_ssh_key: yes
- ssh_key_type: ed25519
- state: present
- with_items: "{{ users.keys() }}"
-
- - name: user passwords
- user:
- name: "{{ item }}"
- password: "{{ users[item].password }}"
- with_items: "{{ users.keys() }}"
- when: users[item].password is defined
-
- - name: home directory
- file:
- path: "{{ users[item].home | default('/home/'+item) }}"
- owner: "{{ item }}"
- group: "{{ item }}"
- mode: "{{ users[item].homedir_mode | default(700) }}"
- state: directory
- with_items: "{{ users.keys() }}"
-
- - name: ssh directory
- file:
- path: "{{ users[item].home | default('/home/'+item) }}/.ssh"
- owner: "{{ item }}"
- group: "{{ item }}"
- mode: "700"
- state: directory
- with_items: "{{ users.keys() }}"
-
- - name: ssh authorized keys
- copy:
- content: "{{ users[item].authorized_keys }}"
- dest: "{{ users[item].home | default('/home/'+item) }}/.ssh/authorized_keys"
- owner: "{{ item }}"
- group: "{{ item }}"
- with_items: "{{ users.keys() }}"
- when: users[item].authorized_keys is defined
|