71 lines
1.5 KiB
YAML
71 lines
1.5 KiB
YAML
---
|
|
|
|
# ---
|
|
# - Remove unwanted users
|
|
# ---
|
|
|
|
- name: (user.yml) Remove (old) users from system
|
|
user:
|
|
name: '{{ item.name }}'
|
|
state: absent
|
|
with_items:
|
|
- "{{ remove_system_users }}"
|
|
loop_control:
|
|
label: '{{ item.name }}'
|
|
tags:
|
|
- system-user
|
|
|
|
- name: (user.yml) Remove home directory from deleted users
|
|
file:
|
|
path: '{{ nis_base_home }}/{{ item.name }}'
|
|
state: absent
|
|
with_items:
|
|
- "{{ remove_system_users }}"
|
|
loop_control:
|
|
label: '{{ item.name }}'
|
|
tags:
|
|
- system-user
|
|
|
|
# ---
|
|
# - default user/groups
|
|
# ---
|
|
|
|
- name: (user.yml) Ensure system groups exists
|
|
group:
|
|
name: '{{ item.name }}'
|
|
state: present
|
|
gid: '{{ item.group_id | default(omit) }}'
|
|
loop: "{{ system_groups }}"
|
|
loop_control:
|
|
label: '{{ item.name }}'
|
|
when: item.group_id is defined
|
|
notify: Renew nis databases
|
|
tags:
|
|
- system-user
|
|
|
|
#- meta: end_host
|
|
|
|
- name: (user.yml) Check if system users exists
|
|
shell: "getent passwd {{ item.name }}"
|
|
register: system_users_exists
|
|
changed_when: "system_users_exists.rc == 2"
|
|
failed_when: "system_users_exists.rc > 2"
|
|
loop: "{{ system_users }}"
|
|
loop_control:
|
|
label: '{{ item.name }}'
|
|
ignore_errors: true
|
|
tags:
|
|
- system-user
|
|
|
|
- name: (user.yml) Add system users
|
|
shell: "/root/bin/admin-stuff/add_new_user.sh {{ item.name }} '{{ item.password }}'"
|
|
loop: "{{ system_users }}"
|
|
loop_control:
|
|
label: '{{ item.name }}'
|
|
when: system_users_exists is changed
|
|
notify: Renew nis databases
|
|
tags:
|
|
- system-user
|
|
|
|
|