redisign ..

2021-06-01 00:12:55 +02:00
parent 8b30c87d86
commit 140d226316
82 changed files with 24071 additions and 584 deletions
--- a/roles/common/tasks/nis-user.yml
+++ b/roles/common/tasks/nis-user.yml
@ -0,0 +1,175 @@
+---
+
+# ---
+# - Remove unwanted users
+# ---
+
+- name: (nis_user.yml) Remove (old) users from system
+  user:
+    name: '{{ item.name }}'
+    state: absent
+  with_items: 
+    - "{{ remove_nis_users }}"
+  loop_control:
+    label: '{{ item.name }}'
+  tags:
+    - nis-user
+    - system-user
+
+- name: (nis_user.yml) Remove home directory from deleted users
+  file:
+    path: '{{ nis_base_home }}/{{ item.name }}'
+    state: absent
+  with_items: 
+    - "{{ remove_nis_users }}"
+  loop_control:
+    label: '{{ item.name }}'
+  tags:
+    - nis-user
+    - system-user
+
+# ---
+# - default user/groups
+# ---
+
+- name: (nis_user.yml) Ensure nis groups exists
+  group:
+    name: '{{ item.name }}'
+    state: present
+    gid: '{{ item.group_id | default(omit) }}'
+  loop: "{{ nis_groups }}"
+  loop_control:
+    label: '{{ item.name }}'
+  when: item.group_id is defined
+  notify: Renew nis databases
+  tags:
+    - nis-user
+    - system-user
+    
+#- meta: end_host
+
+- name: (nis_user.yml) Get database of nis (system) users
+  getent:
+    database: passwd
+  tags:
+    - nis-user
+    - system-user
+
+- name: (nis_user.yml) Add nis (system) users if not yet exists..
+  shell: "/root/bin/admin-stuff/add_new_user.sh {{ item.name }} '{{ item.password }}'"
+  loop: "{{ nis_user }}"
+  loop_control:
+    label: '{{ item.name }}'
+  when:
+    - item.name not in getent_passwd
+  notify: Renew nis databases
+  tags:
+    - nis-user
+    - system-user
+
+- name: (nis_user.yml) Ensure nis users exists
+  user:
+    name: '{{ item.name }}'
+    state: present
+    uid: '{{ item.user_id | default(omit) }}'
+    #group: '{{ item.0.name | default(omit) }}'
+    groups: "{{ item.groups|join(', ') }}"
+    home: '{{ nis_base_home }}/{{ item.name }}'
+    shell: '{{ item.shell|d("/bin/bash") }}'
+    password: "{{ item.password | password_hash('sha512') }}"
+    update_password: on_create
+    append: yes
+  loop: "{{ nis_user }}"
+  loop_control:
+    label: '{{ item.name }}'
+  notify: Renew nis databases
+  tags:
+    - nis-user
+    - system-user
+
+
+- name: (nis_user.yml) Check if directory ~/.config/autostart exists
+  stat:
+    path: '{{ nis_base_home }}/{{ item.name }}/.config/autostart'
+  loop: "{{ nis_user }}"
+  loop_control:
+    label: '{{ item.name }}'
+  register: home_config_autostart
+  tags:
+    - nis-user
+    - x11vnc
+
+
+- name: (nis_user.yml) Ensure directory ~/.config/autostart if not exists
+  file:
+    path: '{{ nis_base_home }}/{{ item.item.name }}/.config/autostart'
+    state: directory
+    owner: "{{ item.item.name }}"
+    group: "{{ item.item.name }}"
+    mode: 0700
+    recurse: yes
+  loop: "{{ home_config_autostart.results }}"
+  loop_control:
+    label: '{{ item.item.name }}'
+  when : not item.stat.exists|bool
+  tags:
+    - nis-user
+    - x11vnc
+
+
+#- name: (nis_user.yml) Ensure directory ~/.config/autostart if not exists
+#  file:
+#    path: '{{ nis_base_home }}/{{ item.name }}/.config/autostart'
+#    state: directory
+#    owner: "{{ item.name }}"
+#    group: "{{ item.name }}"
+#    mode: 0700
+#    recurse: yes
+#  loop: "{{ nis_user }}"
+#  loop_control:
+#    label: '{{ item.name }}'
+#  tags:
+#    - nis-user
+#    - x11vnc
+
+
+- name: (nis_user.yml) Check if file ~/.config/autostart/x11vnc.desktop exists
+  stat:
+    path: '{{ nis_base_home }}/{{ item.name }}/.config/autostart/x11vnc.desktop'
+  loop: "{{ nis_user }}"
+  loop_control:
+    label: '{{ item.name }}'
+  register: home_config_autostart_x11vnc
+  tags:
+    - nis-user
+    - x11vnc
+
+- name: (nis_user.yml) Ensure file ~/.config/autostart/x11vnc.desktop exists
+  copy:
+    src: "{{ role_path + '/files/USER_HOME/.config/autostart/x11vnc.desktop' }}"
+    dest: '{{ nis_base_home }}/{{ item.item.name }}/.config/autostart/x11vnc.desktop'
+    owner: '{{ item.item.name }}'
+    group: '{{ item.item.name }}'
+    mode: 0600
+  loop: "{{ home_config_autostart_x11vnc.results }}"
+  loop_control:
+    label: '{{ item.item.name }}'
+  tags:
+    - nis-user
+    - x11vnc
+
+#- name: (nis_user.yml) Ensure file ~/.config/autostart/x11vnc.desktop exists
+#  copy:
+#    src: "{{ role_path + '/files/USER_HOME/.config/autostart/x11vnc.desktop' }}"
+#    dest: '{{ nis_base_home }}/{{ item.name }}/.config/autostart/x11vnc.desktop'
+#    owner: '{{ item.name }}'
+#    group: '{{ item.name }}'
+#    mode: 0600
+#  loop: "{{ nis_user }}"
+#  loop_control:
+#    label: '{{ item.name }}'
+#  tags:
+#    - nis-user
+#    - x11vnc
+
+