Initial commit - moved from ansible_configs

mivok · mivok · commit cb2deaa410f9 · 2013-12-21T14:29:32.000-05:00
diff --git a/README.md b/README.md
@@ -0,0 +1,61 @@
+# Users role
+
+Role to manage users on a system.
+
+## Role configuration
+
+* users_create_per_user_group (default: true) - when creating users, also
+  create a group with the same username and make that the user's primary
+  group.
+* users_group (default: users) - if users_create_per_user_group is _not_ set,
+  then this is the primary group for all created users.
+* users_default_shell (default: /bin/bash) - the default shell if none is
+  specified for the user.
+* users_create_homedirs (default: true) - create home directories for new
+  users. Set this to false is you manage home directories separately.
+
+## Creating users
+
+Add a users variable containing the list of users to add. A good place to put
+this is in `group_vars/all` or `group_vars/groupname` if you only want the
+users to be on certain machines.
+
+The following attributes are required for each user:
+
+* username - The user's username.
+* name - The full name of the user (gecos field)
+* uid - The numeric user id for the user. This is required for uid consistency
+  across systems.
+* groups - a list of supplementary groups for the user.
+* ssh-key - This should be a list of ssh keys for the user. Each ssh key
+  should be included directly and should have no newlines.
+
+In addition, the following items are optional for each user:
+
+* shell - The user's shell. This defaults to /bin/bash. The default is
+  configurable using the users_default_shell variable if you want to give all
+  users the same shell, but it is different than /bin/bash.
+
+Example:
+
+    ---
+    users:
+      - username: foo
+        name: Foo Barrington
+        groups: ['wheel','systemd-journal']
+        uid: 1001
+        ssh_key:
+          - "ssh-rsa AAAAA.... foo@machine"
+          - "ssh-rsa AAAAB.... foo2@machine"
+    users_deleted:
+      - username: bar
+        name: Bar User
+        uid: 1002
+
+## Deleting users
+
+The `users_deleted` variable contains a list of users who should no longer be
+in the system, and these will be removed on the next ansible run. The format
+is the same as for users to add, but the only required field is `username`.
+However, it is recommended that you also keep the `uid` field for reference so
+that numeric user ids are not accidentally reused.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -0,0 +1,15 @@
+---
+# Create a group for every user and make that their primary group
+users_create_per_user_group: true
+# If we're not creating a per-user group, then this is the group all users
+# belong to
+users_group: users
+# The default shell for a user if none is specified
+users_default_shell: /bin/bash
+# Create home dirs for new users? Set this to false if you manage home
+# directories in some other way.
+users_create_homedirs: true
+
+# Lists of users to create and delete
+users: []
+users_deleted: []
diff --git a/meta/main.yml b/meta/main.yml
@@ -0,0 +1,36 @@
+---
+galaxy_info:
+  author: Mark Harrison
+  description: User creation role
+  license: MIT
+  min_ansible_version: 1.2
+  platforms:
+  - name: EL
+    versions:
+    - all
+  - name: GenericUNIX
+    versions:
+    - all
+    - any
+  - name: Fedora
+    versions:
+    - all
+  - name: opensuse
+    versions:
+    - all
+  - name: Ubuntu
+    versions:
+    - all
+  - name: SLES
+    versions:
+    - all
+  - name: GenericLinux
+    versions:
+    - all
+    - any
+  - name: Debian
+    versions:
+    - all
+  categories:
+  - system
+dependencies: []
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -0,0 +1,31 @@
+---
+- name: Per-user group creation
+  group: name="{{item.username}}" gid="{{item.uid}}"
+  with_items: users
+  when: users_create_per_user_group
+
+- name: User creation
+  user: name="{{item.username}}"
+        group="{{item.username if users_create_per_user_group
+            else users_group}}"
+        groups="{{item.groups | join(',')}}"
+        shell={{item.shell if item.shell is defined else users_default_shell}}
+        comment="{{item.name}}"
+        uid="{{item.uid}}"
+        createhome="{{'yes' if users_create_homedirs else 'no'}}"
+  with_items: users
+
+- name: SSH keys
+  authorized_key: user="{{item.0.username}}" key="{{item.1}}"
+  with_subelements:
+    - users
+    - ssh_key
+
+- name: Deleted user removal
+  user: name="{{item.username}}" state=absent
+  with_items: users_deleted
+
+- name: Deleted per-user group removal
+  group: name="{{item.username}}" state=absent
+  with_items: users_deleted
+  when: users_create_per_user_group
