adjusted users to match caladan
Ricard Illa
parent
e1c577cc95
commit
ae33fefaaf
|
|
@ -22,5 +22,10 @@
|
||||||
become_method: doas
|
become_method: doas
|
||||||
roles:
|
roles:
|
||||||
- basic
|
- basic
|
||||||
|
- users
|
||||||
vars:
|
vars:
|
||||||
|
users:
|
||||||
|
- rilla
|
||||||
|
- ansible
|
||||||
|
- woodpecker
|
||||||
use_lbu: false
|
use_lbu: false
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,6 @@ all:
|
||||||
|
|
||||||
caladan:
|
caladan:
|
||||||
ansible_host: caladan
|
ansible_host: caladan
|
||||||
ansible_user: rilla
|
ansible_user: ansible
|
||||||
ansible_port: 22
|
ansible_port: 22
|
||||||
ansible_python_interpreter: /usr/bin/python3
|
ansible_python_interpreter: /usr/bin/python3
|
||||||
|
|
|
||||||
|
|
@ -11,7 +11,6 @@
|
||||||
home: /var/lib/ansible
|
home: /var/lib/ansible
|
||||||
password: "*" # disabled password but can be accessed with SSH
|
password: "*" # disabled password but can be accessed with SSH
|
||||||
groups:
|
groups:
|
||||||
- ansible
|
|
||||||
- wheel
|
- wheel
|
||||||
|
|
||||||
- name: make sure ansible owns its home
|
- name: make sure ansible owns its home
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,12 @@
|
||||||
|
- name: create group 'deploy'
|
||||||
|
group:
|
||||||
|
name: deploy
|
||||||
|
gid: 700
|
||||||
|
|
||||||
|
- name: determine available groups
|
||||||
|
getent:
|
||||||
|
database: group
|
||||||
|
|
||||||
- name: create users
|
- name: create users
|
||||||
include_tasks: "{{ username }}.yml"
|
include_tasks: "{{ username }}.yml"
|
||||||
loop: "{{ users }}"
|
loop: "{{ users }}"
|
||||||
|
|
|
||||||
|
|
@ -10,9 +10,18 @@
|
||||||
group: rilla
|
group: rilla
|
||||||
home: /home/rilla
|
home: /home/rilla
|
||||||
groups:
|
groups:
|
||||||
- rilla
|
- deploy
|
||||||
- wheel
|
- wheel
|
||||||
|
|
||||||
|
- name: additional groups to rilla
|
||||||
|
user:
|
||||||
|
name: rilla
|
||||||
|
groups: "{{item}}"
|
||||||
|
append: yes
|
||||||
|
when: item in ansible_facts.getent_group
|
||||||
|
with_items:
|
||||||
|
- docker
|
||||||
|
|
||||||
- name: make sure rilla owns its home
|
- name: make sure rilla owns its home
|
||||||
file:
|
file:
|
||||||
state: directory
|
state: directory
|
||||||
|
|
|
||||||
|
|
@ -11,7 +11,16 @@
|
||||||
home: /var/lib/woodpecker
|
home: /var/lib/woodpecker
|
||||||
password: "*" # disabled password but can be accessed with SSH
|
password: "*" # disabled password but can be accessed with SSH
|
||||||
groups:
|
groups:
|
||||||
- woodpecker
|
- deploy
|
||||||
|
|
||||||
|
- name: additional groups to woodpecker
|
||||||
|
user:
|
||||||
|
name: woodpecker
|
||||||
|
groups: "{{item}}"
|
||||||
|
append: yes
|
||||||
|
when: item in ansible_facts.getent_group
|
||||||
|
with_items:
|
||||||
|
- docker
|
||||||
|
|
||||||
- name: make sure woodpecker owns its home
|
- name: make sure woodpecker owns its home
|
||||||
file:
|
file:
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue