ansible/nis
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update..

Browse Source
This commit is contained in:
Christoph
2025-10-27 23:17:40 +01:00
parent cfcd9c84ff
commit 8a4da8c615
8 changed files with 483 additions and 293 deletions
Download Patch File Download Diff File Expand all files Collapse all files

425
roles/common/tasks/system-user-systemfiles.yml
View File

@@ -18,9 +18,9 @@
register: local_template_dir_root
# --
# Copy .profile
# ---
# --
# Copy .profile
# ---
- name: (user-systemfiles.yml) Check if users file '.profile.ORIG' exists
stat:
@@ -42,64 +42,102 @@
tags:
- profile
# 1) Für jeden User prüfen, ob eine lokale _profile existiert
- name: (system-user-systemfiles.yml) stat user _profile
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ item.name }}/_profile"
delegate_to: localhost
become: false
loop: "{{ default_user }}"
register: profile_stats
loop_control:
label: "{{ item.name }}"
# 2) Prüfe ob eine lokale default _baschrc existiert
- name: stat DEFAULT _profile
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/DEFAULT/_profile"
delegate_to: localhost
become: false
register: default_profile_stat
# 2) Falls User _profile vorhanden, kopieren
- name: (system-user-systemfiles.yml) copy .profile if it exists
copy:
src: "{{ lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/' + item.item.name + '/_profile') }}"
dest: "~{{ item.item.name }}/.profile"
owner: "{{ item.item.name }}"
group: "{{ item.item.name }}"
mode: 0644
loop: "{{ local_template_dir_system_users.results }}"
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ user.name }}/_profile"
dest: "~{{ user.name }}/.profile"
owner: "{{ user.name }}"
group: "{{ user.name }}"
mode: "0644"
become: true
loop: "{{ default_user | zip(profile_stats.results) | list }}"
loop_control:
label: '{{ item.item.name }}'
label: "{{ user.name }}"
when:
- item.stat.exists
- lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/' + item.item.name + '/_profile')
tags:
- profile
- stat_result.stat.exists | bool
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags: [bash]
- name: (system-user-systemfiles.yml) copy default .profile if it exists
template:
src: files/{{ nis_domain }}/homedirs/DEFAULT/_profile
dest: "~{{ item.item.name }}/.profile"
owner: "{{ item.item.name }}"
group: "{{ item.item.name }}"
mode: 0644
loop: "{{ local_template_dir_system_users.results }}"
# 3) Falls nicht vorhanden, DEFAULT nutzen
- name: (system-user-systemfiles.yml) copy default .profile
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/DEFAULT/_profile"
dest: "~{{ user.name }}/.profile"
owner: "{{ user.name }}"
group: "{{ user.name }}"
mode: "0644"
become: true
loop: "{{ default_user | zip(profile_stats.results) | list }}"
loop_control:
label: '{{ item.item.name }}'
label: "{{ user.name }}"
when:
- item.stat.exists == false
- lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/DEFAULT/_profile')
tags:
- profile
- not stat_result.stat.exists
- default_profile_stat.stat.exists | bool
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags: [bash]
# ---
# -- root user
# ---
- name: (system-user-systemfiles.yml) Check if file '/root/.profile.ORIG' exists
stat:
path: /root/.profile.ORIG
register: profile_root_orig_exists
tags:
- profile
- bash
- name: (system-user-systemfiles.yml) Backup existing users .profile file
command: cp -a /root/.profile /root/.profile.ORIG
- name: (system-user-systemfiles.yml) Backup /root/.profile file
command: cp /root/.profile /root/.profile.ORIG
when: profile_root_orig_exists.stat.exists == False
tags:
- profile
- bash
- name: (system-user-systemfiles.yml) copy .profile for user root
copy:
src: "{{ lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/root/_profile') }}"
dest: "/root/.profile"
# 1) Prüfen ob die _profile für root auf dem Control-Node existiert
- name: (system-user-systemfiles.yml) stat root _profile on control node
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/_profile"
delegate_to: localhost
become: false
register: profile_root_stat
# 2) Wenn vorhanden, kopieren wir sie nach /root/.profile auf dem Zielhost
- name: copy root .profile if it exists
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/_profile"
dest: /root/.profile
owner: root
group: root
mode: 0644
when:
- local_template_dir_root.stat.exists
- lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/root/_profile')
mode: '0644'
become: true
when: profile_root_stat.stat.exists
tags:
- profile
- bash
# --
# Copy .bashrc
@@ -124,38 +162,68 @@
tags:
- bashrc
# 1) Für jeden User prüfen, ob eine lokale _bashrc existiert
- name: (system-user-systemfiles.yml) stat user _bashrc
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ item.name }}/_bashrc"
delegate_to: localhost
become: false
loop: "{{ default_user }}"
register: bashrc_stats
loop_control:
label: "{{ item.name }}"
# 2) Prüfe ob eine lokale default _baschrc existiert
- name: stat DEFAULT _bashrc
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/DEFAULT/_bashrc"
delegate_to: localhost
become: false
register: default_bashrc_stat
# 2) Falls User _bashrc vorhanden, kopieren
- name: (system-user-systemfiles.yml) copy .bashrc if it exists
copy:
src: "{{ lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/' + item.item.name + '/_bashrc') }}"
dest: "~{{ item.item.name }}/.bashrc"
owner: "{{ item.item.name }}"
group: "{{ item.item.name }}"
mode: 0644
loop: "{{ local_template_dir_system_users.results }}"
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ user.name }}/_bashrc"
dest: "~{{ user.name }}/.bashrc"
owner: "{{ user.name }}"
group: "{{ user.name }}"
mode: "0644"
become: true
loop: "{{ default_user | zip(bashrc_stats.results) | list }}"
loop_control:
label: '{{ item.item.name }}'
label: "{{ user.name }}"
when:
- item.stat.exists
- lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/' + item.item.name + '/_bashrc')
tags:
- bashrc
- stat_result.stat.exists | bool
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags: [bash]
- name: (system-user-systemfiles.yml) copy default .bashrc if it exists
copy:
src: files/homedirs/DEFAULT/_bashrc
dest: "~{{ item.item.name }}/.bashrc"
owner: "{{ item.item.name }}"
group: "{{ item.item.name }}"
mode: 0644
loop: "{{ local_template_dir_system_users.results }}"
# 3) Falls nicht vorhanden, DEFAULT nutzen
- name: (system-user-systemfiles.yml) copy default .bashrc
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/DEFAULT/_bashrc"
dest: "~{{ user.name }}/.bashrc"
owner: "{{ user.name }}"
group: "{{ user.name }}"
mode: "0644"
become: true
loop: "{{ default_user | zip(bashrc_stats.results) | list }}"
loop_control:
label: '{{ item.item.name }}'
label: "{{ user.name }}"
when:
- item.stat.exists == false
tags:
- bashrc
- not stat_result.stat.exists
- default_bashrc_stat.stat.exists | bool
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags: [bash]
# ---
# -- root user
# ---
- name: (system-user-systemfiles.yml) Check if file '/root/.bashrc.ORIG' exists
stat:
path: /root/.bashrc.ORIG
@@ -169,16 +237,24 @@
tags:
- bash
- name: (system-user-systemfiles.yml) copy .bashrc for user root
copy:
src: "{{ lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/root/_bashrc') }}"
dest: "/root/.bashrc"
# 1) Prüfen ob die _bashrc für root auf dem Control-Node existiert
- name: stat root _bashrc on control node
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/_bashrc"
delegate_to: localhost
become: false
register: bashrc_root_stat
# 2) Wenn vorhanden, kopieren wir sie nach /root/.bashrc auf dem Zielhost
- name: copy root .bashrc if it exists
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/_bashrc"
dest: /root/.bashrc
owner: root
group: root
mode: 0644
when:
- local_template_dir_root.stat.exists
- lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/root/_bashrc')
mode: '0644'
become: true
when: bashrc_root_stat.stat.exists
tags:
- bash
@@ -186,93 +262,156 @@
# Copy .vimrc
# ---
- name: (system-user-systemfiles.yml) copy .vimrc if it exists
copy:
src: "{{ lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/' + item.item.name + '/_vimrc') }}"
dest: "~{{ item.item.name }}/.vimrc"
owner: "{{ item.item.name }}"
group: "{{ item.item.name }}"
mode: 0644
loop: "{{ local_template_dir_system_users.results }}"
loop_control:
label: '{{ item.item.name }}'
when:
- item.stat.exists
- lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/' + item.item.name + '/_vimrc')
tags:
- vimrc
- name: (system-user-systemfiles.yml) Check if .vim directory exists for default users
local_action: stat path={{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ item.name }}/.vim
with_items: "{{ system_users }}"
# 1. Prüfen, ob für jeden User ein lokales _vimrc existiert
- name: (system-user-systemfiles.yml) stat user _vimrc
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ item.name }}/_vimrc"
delegate_to: localhost
become: false
loop: "{{ default_user }}"
register: vimrc_stats
loop_control:
label: '{{ item.name }}'
register: local_template_dir_dotvim_default_user
# 2. Falls vorhanden, Datei kopieren
- name: (system-user-systemfiles.yml) copy .vimrc if it exists
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ user.name }}/_vimrc"
dest: "~{{ user.name }}/.vimrc"
owner: "{{ user.name }}"
group: "{{ user.name }}"
mode: '0644'
loop: "{{ default_user | zip(vimrc_stats.results) | list }}"
loop_control:
label: "{{ user.name }}"
when:
- stat_result.stat.exists
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags:
- bash
# 1) Lokal prüfen, ob ~/.vim existiert
- name: (system-user-systemfiles.yml) stat local .vim for each user
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ item.name }}/.vim"
delegate_to: localhost
become: false
loop: "{{ default_user }}"
register: dotvim_stats
loop_control:
label: "{{ item.name }}"
# 2) Wenn vorhanden, .vim-Verzeichnis ins Home des Users kopieren
- name: (system-user-systemfiles.yml) copy .vim directory if it exists
copy:
src: "{{ inventory_dir + '/files/' + nis_domain + '/homedirs/' + item.item.name + '/.vim' }}"
dest: "~{{ item.item.name }}"
owner: "{{ item.item.name }}"
group: "{{ item.item.name }}"
mode: 0644
with_items: "{{ local_template_dir_dotvim_default_user.results }}"
ansible.builtin.copy:
# Wichtig: KEINE verschachtelten {{ ... }} im String
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ user.name }}/.vim"
dest: "~{{ user.name }}/"
mode: preserve # oder weglassen; 0644 wäre für Verzeichnisse falsch
become: true
loop: "{{ default_user | zip(dotvim_stats.results) | list }}"
loop_control:
label: '{{ item.item.name }}'
label: "{{ user.name }}"
when:
- item.stat.exists
tags:
- vimrc
- stat_result.stat.exists | bool
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags: [vim]
- name: (system-user-systemfiles.yml) copy default .vimrc if it exists
copy:
src: files/homedirs/DEFAULT/_vimrc
dest: "~{{ item.item.name }}/.vimrc"
owner: "{{ item.item.name }}"
group: "{{ item.item.name }}"
mode: 0644
loop: "{{ local_template_dir_system_users.results }}"
# 3) Ownership/Gruppe rekursiv korrigieren (falls gewünscht/erforderlich)
- name: (system-user-systemfiles.yml) ensure ownership on ~/.vim recursively
ansible.builtin.file:
path: "~{{ user.name }}/.vim"
owner: "{{ user.name }}"
group: "{{ user.name }}"
recurse: true
state: directory
become: true
loop: "{{ default_user | zip(dotvim_stats.results) | list }}"
loop_control:
label: '{{ item.item.name }}'
label: "{{ user.name }}"
when:
- item.stat.exists == false
tags:
- vimrc
- stat_result.stat.exists | bool
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags: [vim]
- name: (system-user-systemfiles.yml) copy .vimrc for user root
copy:
src: "{{ lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/root/_vimrc') }}"
dest: "/root/.vimrc"
# --
# -- root user
# --
# 1) Prüfen ob die _vimrc für root auf dem Control-Node existiert
- name: (system-user-systemfiles.yml) stat root _vimrc on control node
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/_vimrc"
delegate_to: localhost
become: false
register: vimrc_root_stat
# 2) Wenn vorhanden, kopieren wir sie nach /root/.vimrc auf dem Zielhost
- name: (system-user-systemfiles.yml)copy root .vimrc if it exists
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/_vimrc"
dest: /root/.vimrc
owner: root
group: root
mode: 0644
mode: '0644'
become: true
when:
- local_template_dir_root.stat.exists
- lookup('fileglob', inventory_dir + '/files/' + nis_domain + '/homedirs/root/_vimrc')
- vimrc_root_stat.stat.exists
tags:
- vimrc
- bash
- name: (system-user-systemfiles.yml) Check if local template directory .vim exists for user root
local_action: stat path={{ inventory_dir }}/files/homedirs/root/.vim
register: local_template_dir_vim_root
with_items: 'root'
loop_control:
label: 'root'
# 1) Lokal prüfen, ob ./files/{{ nis_domain }}/homedirs/root/.vim existiert
- name: (system-user-systemfiles.yml) stat local .vim for root
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/.vim"
delegate_to: localhost
become: false
register: root_dotvim_stat
tags: [vim]
- name: (system-user-systemfiles.yml) copy .vim directory for user root if it exists
copy:
src: "{{ inventory_dir + '/files/homedirs/root/.vim' }}"
dest: "/root"
# 2) Wenn vorhanden, nach /root/ kopieren
- name: (system-user-systemfiles.yml) copy root .vim directory if it exists
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/.vim"
dest: "/root/"
mode: preserve # oder weglassen; nicht 0644 bei Verzeichnissen
become: true
when:
- root_dotvim_stat.stat.exists | bool
tags: [vim]
# 2) Wenn vorhanden, nach /root/ kopieren
#- name: (system-user-systemfiles.yml) rsync root .vim if it exists
# ansible.posix.synchronize:
# src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/.vim/"
# dest: "/root/.vim/"
# archive: true
# delete: false
# rsync_path: "sudo -n rsync" # -n = kein Passwort-Prompt; erfordert NOPASSWD
# delegate_to: localhost
# when:
# - root_dotvim_stat.stat.exists | bool
# tags: [vim]
# 3) Ownership sicherstellen (rekursiv)
- name: (system-user-systemfiles.yml) ensure ownership on /root/.vim recursively
ansible.builtin.file:
path: "/root/.vim"
owner: "root"
group: "root"
mode: 0644
with_items: "{{ local_template_dir_vim_root.results }}"
loop_control:
label: 'root'
recurse: true
state: directory
become: true
when:
- item.stat.exists
tags:
- vim
- root_dotvim_stat.stat.exists | bool
tags: [vim]