ansible/nis
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
42c3774ca6
nis/roles/common/tasks/nis-user.yml
Christoph 42c3774ca6 Initial commit
2022-02-20 12:07:59 +01:00

176 lines
4.3 KiB
YAML
Raw Blame History

---
## # ---
## # - Remove unwanted users
## # ---
##
## - name: (nis_user.yml) Remove (old) users from system
## user:
## name: '{{ item.name }}'
## state: absent
## with_items:
## - "{{ remove_nis_users }}"
## loop_control:
## label: '{{ item.name }}'
## tags:
## - nis-user
## - system-user
##
## - name: (nis_user.yml) Remove home directory from deleted users
## file:
## path: '{{ nis_base_home }}/{{ item.name }}'
## state: absent
## with_items:
## - "{{ remove_nis_users }}"
## loop_control:
## label: '{{ item.name }}'
## tags:
## - nis-user
## - system-user
# ---
# - default user/groups
# ---
- name: (nis_user.yml) Ensure nis groups exists
group:
name: '{{ item.name }}'
state: present
gid: '{{ item.group_id | default(omit) }}'
loop: "{{ nis_groups }}"
loop_control:
label: '{{ item.name }}'
when: item.group_id is defined
notify: Renew nis databases
tags:
- nis-user
- system-user
#- meta: end_host
- name: (nis_user.yml) Get database of nis (system) users
getent:
database: passwd
tags:
- nis-user
- system-user
- name: (nis_user.yml) Add nis (system) users if not yet exists..
shell: "/root/bin/admin-stuff/add_new_user.sh {{ item.name }} '{{ item.password }}'"
loop: "{{ nis_user }}"
loop_control:
label: '{{ item.name }}'
when:
- item.name not in getent_passwd
notify: Renew nis databases
tags:
- nis-user
- system-user
- name: (nis_user.yml) Ensure nis users exists
user:
name: '{{ item.name }}'
state: present
uid: '{{ item.user_id | default(omit) }}'
#group: '{{ item.0.name | default(omit) }}'
groups: "{{ item.groups|join(', ') }}"
home: '{{ nis_base_home }}/{{ item.name }}'
shell: '{{ item.shell|d("/bin/bash") }}'
password: "{{ item.password | password_hash('sha512') }}"
update_password: on_create
append: yes
loop: "{{ nis_user }}"
loop_control:
label: '{{ item.name }}'
notify: Renew nis databases
tags:
- nis-user
- system-user
- name: (nis_user.yml) Check if directory ~/.config/autostart exists
stat:
path: '{{ nis_base_home }}/{{ item.name }}/.config/autostart'
loop: "{{ nis_user }}"
loop_control:
label: '{{ item.name }}'
register: home_config_autostart
tags:
- nis-user
- x11vnc
- name: (nis_user.yml) Ensure directory ~/.config/autostart if not exists
file:
path: '{{ nis_base_home }}/{{ item.item.name }}/.config/autostart'
state: directory
owner: "{{ item.item.name }}"
group: "{{ item.item.name }}"
mode: 0700
recurse: yes
loop: "{{ home_config_autostart.results }}"
loop_control:
label: '{{ item.item.name }}'
when : not item.stat.exists|bool
tags:
- nis-user
- x11vnc
#- name: (nis_user.yml) Ensure directory ~/.config/autostart if not exists
# file:
# path: '{{ nis_base_home }}/{{ item.name }}/.config/autostart'
# state: directory
# owner: "{{ item.name }}"
# group: "{{ item.name }}"
# mode: 0700
# recurse: yes
# loop: "{{ nis_user }}"
# loop_control:
# label: '{{ item.name }}'
# tags:
# - nis-user
# - x11vnc
- name: (nis_user.yml) Check if file ~/.config/autostart/x11vnc.desktop exists
stat:
path: '{{ nis_base_home }}/{{ item.name }}/.config/autostart/x11vnc.desktop'
loop: "{{ nis_user }}"
loop_control:
label: '{{ item.name }}'
register: home_config_autostart_x11vnc
tags:
- nis-user
- x11vnc
- name: (nis_user.yml) Ensure file ~/.config/autostart/x11vnc.desktop exists
copy:
src: "{{ role_path + '/files/USER_HOME/.config/autostart/x11vnc.desktop' }}"
dest: '{{ nis_base_home }}/{{ item.item.name }}/.config/autostart/x11vnc.desktop'
owner: '{{ item.item.name }}'
group: '{{ item.item.name }}'
mode: 0600
loop: "{{ home_config_autostart_x11vnc.results }}"
loop_control:
label: '{{ item.item.name }}'
tags:
- nis-user
- x11vnc
#- name: (nis_user.yml) Ensure file ~/.config/autostart/x11vnc.desktop exists
# copy:
# src: "{{ role_path + '/files/USER_HOME/.config/autostart/x11vnc.desktop' }}"
# dest: '{{ nis_base_home }}/{{ item.name }}/.config/autostart/x11vnc.desktop'
# owner: '{{ item.name }}'
# group: '{{ item.name }}'
# mode: 0600
# loop: "{{ nis_user }}"
# loop_control:
# label: '{{ item.name }}'
# tags:
# - nis-user
# - x11vnc
Reference in New Issue View Git Blame Copy Permalink