Merge pull request #31 from singleplatform-eng/master

Merge SinglePlatform changes

Author: Colin Hoglund

.travis.yml

@@ -1,9 +1,27 @@
+---
+sudo: required
 language: python
-python:
-  - "2.7"
+python: "2.7"
+
 install:
-  - "pip install ansible"
+  - pip install ansible
+
+  # Add ansible.cfg to pick up roles path.
+  - "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg"
+
 script:
-  - cd tests
-  - ansible-playbook --connection=local --limit=localhost --inventory-file=hosts all.yml
+  # Syntax Check
+  - ansible-playbook -i localhost, tests/test.yml --syntax-check
+
+  # Run test.yml
+  - ansible-playbook -i localhost, --connection=local --sudo tests/test.yml
+
+  # Run the role/playbook again, checking to make sure it's idempotent.
+  - >
+    ansible-playbook -i localhost, --connection=local --sudo tests/test.yml
+    | grep -q 'changed=0.*failed=0'
+    && (echo 'Idempotence test: pass' && exit 0)
+    || (echo 'Idempotence test: fail' && exit 1)
 
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

README.md

@@ -1,6 +1,6 @@
-[![Build Status](https://travis-ci.org/mivok/ansible-users.png)](https://travis-ci.org/mivok/ansible-users)
+[![Build Status](https://travis-ci.org/singleplatform-eng/ansible-users.svg?branch=master)](https://travis-ci.org/singleplatform-eng/ansible-users)
 
-# Users role
+# ansible-users
 
 Role to manage users on a system.
 
@@ -31,6 +31,7 @@ The following attributes are required for each user:
 * password - If a hash is provided then that will be used, but otherwise the
   account will be locked
 * groups - a list of supplementary groups for the user.
+* profile - a string block for setting custom shell profiles
 * ssh-key - This should be a list of ssh keys for the user. Each ssh key
   should be included directly and should have no newlines.
 
@@ -48,9 +49,14 @@ Example:
         name: Foo Barrington
         groups: ['wheel','systemd-journal']
         uid: 1001
+        profile: |
+          alias ll='ls -lah'
         ssh_key:
           - "ssh-rsa AAAAA.... foo@machine"
           - "ssh-rsa AAAAB.... foo2@machine"
+    groups_to_create:
+      - name: developers
+        gid: 10000
     users_deleted:
       - username: bar
         name: Bar User

defaults/main.yml

@@ -13,4 +13,10 @@ users_create_homedirs: true
 # Lists of users to create and delete
 users: []
 users_deleted: []
+
+# List of groups to create
+# Example:
+#   groups_to_create:
+#     - name: developers
+#       gid: 10000
 groups_to_create: []

meta/main.yml

@@ -1,36 +1,37 @@
 ---
 galaxy_info:
-  author: Mark Harrison
+  author: Mark Harrison (Modified by SinglePlatform Engineering)
   description: User creation role
   license: MIT
   min_ansible_version: 1.3
   platforms:
-  - name: EL
-    versions:
-    - all
-  - name: GenericUNIX
-    versions:
-    - all
-    - any
-  - name: Fedora
-    versions:
-    - all
-  - name: opensuse
-    versions:
-    - all
-  - name: Ubuntu
-    versions:
-    - all
-  - name: SLES
-    versions:
-    - all
-  - name: GenericLinux
-    versions:
-    - all
-    - any
-  - name: Debian
-    versions:
-    - all
-  categories:
-  - system
+    - name: EL
+      versions:
+        - all
+    - name: GenericUNIX
+      versions:
+        - all
+        - any
+    - name: Fedora
+      versions:
+        - all
+    - name: opensuse
+      versions:
+        - all
+    - name: Ubuntu
+      versions:
+        - all
+    - name: SLES
+      versions:
+        - all
+    - name: GenericLinux
+      versions:
+        - all
+        - any
+    - name: Debian
+      versions:
+        - all
+  galaxy_tags:
+    - system
+
 dependencies: []

tasks/main.yml

@@ -1,42 +1,54 @@
 ---
 - name: Creating groups
-  group: name="{{item}}"
-  with_items: groups_to_create
+  group: name="{{item.name}}" gid="{{item.gid | default(omit)}}"
+  with_items: "{{groups_to_create}}"
   tags: ['users','groups','configuration']
 
 - name: Per-user group creation
   group: name="{{item.username}}" gid="{{item.uid}}"
-  with_items: users
+  with_items: "{{users}}"
   when: users_create_per_user_group
   tags: ['users','configuration']
 
 - name: User creation
-  user: name="{{item.username}}"
-        group="{{item.username if users_create_per_user_group
-            else users_group}}"
-        groups="{{item.groups | join(',')}}"
-        shell={{item.shell if item.shell is defined else users_default_shell}}
-        password="{{item.password if item.password is defined else '!'}}"
-        comment="{{item.name}}"
-        uid="{{item.uid}}"
-        createhome="{{'yes' if users_create_homedirs else 'no'}}"
-  with_items: users
+  user:
+    name: "{{item.username}}"
+    group: "{{item.username if users_create_per_user_group else users_group}}"
+    # empty string removes user from all secondary groups
+    groups: "{{item.groups | join(',') if 'groups' in item else ''}}"
+    shell: "{{item.shell if item.shell is defined else users_default_shell}}"
+    password: "{{item.password if item.password is defined else '!'}}"
+    comment: "{{item.name}}"
+    uid: "{{item.uid}}"
+    createhome: "{{'yes' if users_create_homedirs else 'no'}}"
+  with_items: "{{users}}"
   tags: ['users','configuration']
 
 - name: SSH keys
   authorized_key: user="{{item.0.username}}" key="{{item.1}}"
   with_subelements:
-    - users
+    - "{{users}}"
     - ssh_key
   tags: ['users','configuration']
 
+- name: Setup user profiles
+  blockinfile:
+    block: "{{item.profile}}"
+    dest: "/home/{{item.username}}/.profile"
+    owner: "{{item.username}}"
+    group: "{{item.username}}"
+    mode: 0644
+    create: true
+  when: users_create_homedirs and item.profile is defined
+  with_items: "{{users}}"
+
 - name: Deleted user removal
   user: name="{{item.username}}" state=absent
-  with_items: users_deleted
+  with_items: "{{users_deleted}}"
   tags: ['users','configuration']
 
 - name: Deleted per-user group removal
   group: name="{{item.username}}" state=absent
-  with_items: users_deleted
+  with_items: "{{users_deleted}}"
   when: users_create_per_user_group
   tags: ['users','configuration']