ansible/roles/users/tasks/main.yml

33 lines
844 B
YAML
Raw Normal View History

2022-07-19 11:44:55 +02:00
---
- name: Create users
user:
name: "{{ item.key }}"
groups: "{{ item.value | default('') }}"
shell: "{{ user_dict[item.key].shell | default('/bin/bash') }}"
password: "{{ user_dict[item.key].password_hash }}"
update_password: always
2022-07-21 17:43:24 +02:00
# Prevent the user from changing their password
password_expire_max: -1
password_expire_min: 1
2022-07-19 11:44:55 +02:00
state: present
loop: "{{ users | dict2items }}"
- name: Create authorized_keys directory
file:
path: /etc/ssh/authorized_keys
state: directory
owner: root
group: root
2022-07-21 17:43:24 +02:00
mode: 0711
2022-07-19 11:44:55 +02:00
- name: Add SSH key to users
2022-07-21 17:43:24 +02:00
ansible.builtin.copy:
dest: "/etc/ssh/authorized_keys/{{ item.key }}"
content: "{{ user_dict[item.key].ssh_keys | join('\n') }}\n"
owner: root
group: "{{ item.key }}"
mode: 0640
2022-07-19 11:44:55 +02:00
loop: "{{ users | dict2items }}"