ansible/nis
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
8a4da8c61517b9252233b760f19670dcaa3d9202
nis/roles/common/tasks/system-user-systemfiles.yml
Christoph 8a4da8c615 update..
2025-10-27 23:17:40 +01:00

418 lines
12 KiB
YAML
Raw Blame History

---
# ---
# Check if local template directories exists
# ---
# system_user
- name: (system-user-systemfiles.yml) Check if local template directory exists for default users
local_action: stat path={{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ item.name }}
with_items: "{{ system_users }}"
loop_control:
label: '{{ item.name }}'
register: local_template_dir_system_users
# root
- name: (system-user-systemfiles.yml) Check if local template directory exists for root
local_action: stat path={{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root
register: local_template_dir_root
# --
# Copy .profile
# ---
- name: (user-systemfiles.yml) Check if users file '.profile.ORIG' exists
stat:
path: "~{{ item.name }}/.profile.ORIG"
register: profile_user_orig_exists
loop: "{{ system_users }}"
loop_control:
label: '{{ item.name }}'
tags:
- profile
- name: (user-systemfiles.yml) Backup existing users .profile file
command: cp -a ~{{ item.item.name }}/.profile ~{{ item.item.name }}/.profile.ORIG
loop: "{{ profile_user_orig_exists.results }}"
loop_control:
label: '{{ item.item.name }}'
when:
- item.stat.exists == False
tags:
- profile
# 1) Für jeden User prüfen, ob eine lokale _profile existiert
- name: (system-user-systemfiles.yml) stat user _profile
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ item.name }}/_profile"
delegate_to: localhost
become: false
loop: "{{ default_user }}"
register: profile_stats
loop_control:
label: "{{ item.name }}"
# 2) Prüfe ob eine lokale default _baschrc existiert
- name: stat DEFAULT _profile
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/DEFAULT/_profile"
delegate_to: localhost
become: false
register: default_profile_stat
# 2) Falls User _profile vorhanden, kopieren
- name: (system-user-systemfiles.yml) copy .profile if it exists
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ user.name }}/_profile"
dest: "~{{ user.name }}/.profile"
owner: "{{ user.name }}"
group: "{{ user.name }}"
mode: "0644"
become: true
loop: "{{ default_user | zip(profile_stats.results) | list }}"
loop_control:
label: "{{ user.name }}"
when:
- stat_result.stat.exists | bool
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags: [bash]
# 3) Falls nicht vorhanden, DEFAULT nutzen
- name: (system-user-systemfiles.yml) copy default .profile
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/DEFAULT/_profile"
dest: "~{{ user.name }}/.profile"
owner: "{{ user.name }}"
group: "{{ user.name }}"
mode: "0644"
become: true
loop: "{{ default_user | zip(profile_stats.results) | list }}"
loop_control:
label: "{{ user.name }}"
when:
- not stat_result.stat.exists
- default_profile_stat.stat.exists | bool
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags: [bash]
# ---
# -- root user
# ---
- name: (system-user-systemfiles.yml) Check if file '/root/.profile.ORIG' exists
stat:
path: /root/.profile.ORIG
register: profile_root_orig_exists
tags:
- bash
- name: (system-user-systemfiles.yml) Backup /root/.profile file
command: cp /root/.profile /root/.profile.ORIG
when: profile_root_orig_exists.stat.exists == False
tags:
- bash
# 1) Prüfen ob die _profile für root auf dem Control-Node existiert
- name: (system-user-systemfiles.yml) stat root _profile on control node
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/_profile"
delegate_to: localhost
become: false
register: profile_root_stat
# 2) Wenn vorhanden, kopieren wir sie nach /root/.profile auf dem Zielhost
- name: copy root .profile if it exists
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/_profile"
dest: /root/.profile
owner: root
group: root
mode: '0644'
become: true
when: profile_root_stat.stat.exists
tags:
- bash
# --
# Copy .bashrc
# ---
- name: (system-user-systemfiles.yml) Check if users file '.bashrc.ORIG' exists
stat:
path: "~{{ item.name }}/.bashrc.ORIG"
register: bashrc_user_orig_exists
loop: "{{ system_users }}"
loop_control:
label: '{{ item.name }}'
tags:
- bashrc
- name: (system-user-systemfiles.yml) Backup existing users .bashrc file
command: cp -a ~{{ item.item.name }}/.bashrc ~{{ item.item.name }}/.bashrc.ORIG
loop: "{{ bashrc_user_orig_exists.results }}"
loop_control:
label: '{{ item.item.name }}'
when: item.stat.exists == False
tags:
- bashrc
# 1) Für jeden User prüfen, ob eine lokale _bashrc existiert
- name: (system-user-systemfiles.yml) stat user _bashrc
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ item.name }}/_bashrc"
delegate_to: localhost
become: false
loop: "{{ default_user }}"
register: bashrc_stats
loop_control:
label: "{{ item.name }}"
# 2) Prüfe ob eine lokale default _baschrc existiert
- name: stat DEFAULT _bashrc
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/DEFAULT/_bashrc"
delegate_to: localhost
become: false
register: default_bashrc_stat
# 2) Falls User _bashrc vorhanden, kopieren
- name: (system-user-systemfiles.yml) copy .bashrc if it exists
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ user.name }}/_bashrc"
dest: "~{{ user.name }}/.bashrc"
owner: "{{ user.name }}"
group: "{{ user.name }}"
mode: "0644"
become: true
loop: "{{ default_user | zip(bashrc_stats.results) | list }}"
loop_control:
label: "{{ user.name }}"
when:
- stat_result.stat.exists | bool
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags: [bash]
# 3) Falls nicht vorhanden, DEFAULT nutzen
- name: (system-user-systemfiles.yml) copy default .bashrc
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/DEFAULT/_bashrc"
dest: "~{{ user.name }}/.bashrc"
owner: "{{ user.name }}"
group: "{{ user.name }}"
mode: "0644"
become: true
loop: "{{ default_user | zip(bashrc_stats.results) | list }}"
loop_control:
label: "{{ user.name }}"
when:
- not stat_result.stat.exists
- default_bashrc_stat.stat.exists | bool
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags: [bash]
# ---
# -- root user
# ---
- name: (system-user-systemfiles.yml) Check if file '/root/.bashrc.ORIG' exists
stat:
path: /root/.bashrc.ORIG
register: bashrc_root_orig_exists
tags:
- bash
- name: (system-user-systemfiles.yml) Backup /root/.bashrc file
command: cp /root/.bashrc /root/.bashrc.ORIG
when: bashrc_root_orig_exists.stat.exists == False
tags:
- bash
# 1) Prüfen ob die _bashrc für root auf dem Control-Node existiert
- name: stat root _bashrc on control node
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/_bashrc"
delegate_to: localhost
become: false
register: bashrc_root_stat
# 2) Wenn vorhanden, kopieren wir sie nach /root/.bashrc auf dem Zielhost
- name: copy root .bashrc if it exists
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/_bashrc"
dest: /root/.bashrc
owner: root
group: root
mode: '0644'
become: true
when: bashrc_root_stat.stat.exists
tags:
- bash
# --
# Copy .vimrc
# ---
# 1. Prüfen, ob für jeden User ein lokales _vimrc existiert
- name: (system-user-systemfiles.yml) stat user _vimrc
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ item.name }}/_vimrc"
delegate_to: localhost
become: false
loop: "{{ default_user }}"
register: vimrc_stats
loop_control:
label: '{{ item.name }}'
# 2. Falls vorhanden, Datei kopieren
- name: (system-user-systemfiles.yml) copy .vimrc if it exists
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ user.name }}/_vimrc"
dest: "~{{ user.name }}/.vimrc"
owner: "{{ user.name }}"
group: "{{ user.name }}"
mode: '0644'
loop: "{{ default_user | zip(vimrc_stats.results) | list }}"
loop_control:
label: "{{ user.name }}"
when:
- stat_result.stat.exists
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags:
- bash
# 1) Lokal prüfen, ob ~/.vim existiert
- name: (system-user-systemfiles.yml) stat local .vim for each user
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ item.name }}/.vim"
delegate_to: localhost
become: false
loop: "{{ default_user }}"
register: dotvim_stats
loop_control:
label: "{{ item.name }}"
# 2) Wenn vorhanden, .vim-Verzeichnis ins Home des Users kopieren
- name: (system-user-systemfiles.yml) copy .vim directory if it exists
ansible.builtin.copy:
# Wichtig: KEINE verschachtelten {{ ... }} im String
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ user.name }}/.vim"
dest: "~{{ user.name }}/"
mode: preserve # oder weglassen; 0644 wäre für Verzeichnisse falsch
become: true
loop: "{{ default_user | zip(dotvim_stats.results) | list }}"
loop_control:
label: "{{ user.name }}"
when:
- stat_result.stat.exists | bool
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags: [vim]
# 3) Ownership/Gruppe rekursiv korrigieren (falls gewünscht/erforderlich)
- name: (system-user-systemfiles.yml) ensure ownership on ~/.vim recursively
ansible.builtin.file:
path: "~{{ user.name }}/.vim"
owner: "{{ user.name }}"
group: "{{ user.name }}"
recurse: true
state: directory
become: true
loop: "{{ default_user | zip(dotvim_stats.results) | list }}"
loop_control:
label: "{{ user.name }}"
when:
- stat_result.stat.exists | bool
vars:
user: "{{ item.0 }}"
stat_result: "{{ item.1 }}"
tags: [vim]
# --
# -- root user
# --
# 1) Prüfen ob die _vimrc für root auf dem Control-Node existiert
- name: (system-user-systemfiles.yml) stat root _vimrc on control node
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/_vimrc"
delegate_to: localhost
become: false
register: vimrc_root_stat
# 2) Wenn vorhanden, kopieren wir sie nach /root/.vimrc auf dem Zielhost
- name: (system-user-systemfiles.yml)copy root .vimrc if it exists
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/_vimrc"
dest: /root/.vimrc
owner: root
group: root
mode: '0644'
become: true
when:
- vimrc_root_stat.stat.exists
tags:
- bash
# 1) Lokal prüfen, ob ./files/{{ nis_domain }}/homedirs/root/.vim existiert
- name: (system-user-systemfiles.yml) stat local .vim for root
ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/.vim"
delegate_to: localhost
become: false
register: root_dotvim_stat
tags: [vim]
# 2) Wenn vorhanden, nach /root/ kopieren
- name: (system-user-systemfiles.yml) copy root .vim directory if it exists
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/.vim"
dest: "/root/"
mode: preserve # oder weglassen; nicht 0644 bei Verzeichnissen
become: true
when:
- root_dotvim_stat.stat.exists | bool
tags: [vim]
# 2) Wenn vorhanden, nach /root/ kopieren
#- name: (system-user-systemfiles.yml) rsync root .vim if it exists
# ansible.posix.synchronize:
# src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/root/.vim/"
# dest: "/root/.vim/"
# archive: true
# delete: false
# rsync_path: "sudo -n rsync" # -n = kein Passwort-Prompt; erfordert NOPASSWD
# delegate_to: localhost
# when:
# - root_dotvim_stat.stat.exists | bool
# tags: [vim]
# 3) Ownership sicherstellen (rekursiv)
- name: (system-user-systemfiles.yml) ensure ownership on /root/.vim recursively
ansible.builtin.file:
path: "/root/.vim"
owner: "root"
group: "root"
recurse: true
state: directory
become: true
when:
- root_dotvim_stat.stat.exists | bool
tags: [vim]
Reference in New Issue View Git Blame Copy Permalink