improved users group with ACL

2 years ago · d331e4d0e9
parent fd796ce99c
commit d331e4d0e9
2 changed files with 2 additions and 12 deletions
--- a/group_vars/all/user_vault.example
+++ b/group_vars/all/user_vault.example
@ -1,10 +0,0 @@
---
-uservault_users:
-  - {
-      name: lorem,
-      groups: sudo,
-      shell: "/bin/bash",
-      password_hash: "$6$lvbzekjvbzejbvzvzvbzvbzhvbzbv....aezrfv/", # the string betwenn the first and second `:` in /etc/shadow
-      ssh_key: "ssh-rsa azrekgnbmoienbzrinoien...aoeuzn user@host",
-      totp: "daeae8ce486f6636d68c37c21ce002" # the hex value
-    }
--- a/roles/base_totp/tasks/main.yml
+++ b/roles/base_totp/tasks/main.yml
@ -13,10 +13,10 @@
  lineinfile:
    path: /etc/users.oath
    regexp: "{{ item.name }}"
-    line: "HOTP/T{{ totp_periode }}/{{ totp_digits }} {{ item.name }} - {{item.totp}}"
+    line: "HOTP/T{{ totp_periode }}/{{ totp_digits }} {{ users.key }} - {{ users_dict[users.key].totp }}"
    create: true
    group: root
    owner: root
    mode: '600'
-  loop: "{{ uservault_users }}"
+  loop: "{{ users | dict2items }}"
  no_log: true