Add a users role.

2022-10-09 23:36:22 -04:00 · 2022-10-09 23:36:22 -04:00 · 0f8bf0b723
parent a6e60cef85
commit 0f8bf0b723
4 changed files with 57 additions and 0 deletions
--- a/ansible/playbook.yaml
+++ b/ansible/playbook.yaml
@ -3,3 +3,4 @@
    ansible_become: True
  roles:
    - sudo
+    - users
--- a/ansible/roles/users/defaults/main.yaml
+++ b/ansible/roles/users/defaults/main.yaml
@ -0,0 +1,8 @@
+users:
+  talexander:
+    per_user: true
+    initialize: true
+    uid: 11235
+    gid: 11235
+    groups:
+      - name: wheel
--- a/ansible/roles/users/meta/main.yaml
+++ b/ansible/roles/users/meta/main.yaml
@ -0,0 +1,2 @@
+dependencies:
+  - sudo
--- a/ansible/roles/users/tasks/main.yaml
+++ b/ansible/roles/users/tasks/main.yaml
@ -0,0 +1,46 @@
+- name: Install packages
+  when: 'os_flavor == "freebsd"'
+  package:
+    name:
+      - zsh
+      - py39-jmespath # Needed for json_query
+    state: present
+
+- name: Install packages
+  when: 'os_flavor == "linux"'
+  package:
+    name:
+      - zsh
+      - python-jmespath # Needed for json_query
+    state: present
+
+- name: Create group
+  group:
+    name: "{{ item.value.group | default(item.key) }}"
+    gid: "{{ item.value.gid | default(omit) }}"
+  loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`]') }}"
+
+- name: Create group
+  group:
+    name: "{{ item.name }}"
+    gid: "{{ item.gid | default(omit) }}"
+  loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].value.groups') | flatten }}"
+
+- name: Create user
+  user:
+    name: "{{ item.key }}"
+    group: "{{ item.value.group | default(item.key) }}"
+    groups: "{{ item.value.groups | community.general.json_query('[*].name') }}"
+    shell: "{{ item.value.shell | default('/usr/local/bin/zsh') }}"
+    uid: "{{ item.value.uid | default(omit) }}"
+  loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`]') }}"
+  when: item.value.groups is defined
+
+- name: Create user
+  user:
+    name: "{{ item.key }}"
+    group: "{{ item.value.group | default(item.key) }}"
+    shell: "{{ item.value.shell | default('/usr/local/bin/zsh') }}"
+    uid: "{{ item.value.uid | default(omit) }}"
+  loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`]') }}"
+  when: item.value.groups is not defined