2023-04-05 22:06:50 +02:00
|
|
|
{{ ansible_managed | comment }}
|
|
|
|
|
|
|
|
{% for name, user in pve_auth__users.items() %}
|
2023-04-05 23:27:11 +02:00
|
|
|
{% set enabled = user.enabled | default(True) %}
|
|
|
|
user:{{ name }}@pve:{{ enabled | ternary(1, 0) }}:0::::::
|
2023-04-05 22:06:50 +02:00
|
|
|
{% endfor %}
|
|
|
|
|
2023-04-06 18:22:37 +02:00
|
|
|
{% for name, user in pve_auth__pam_users.items() %}
|
|
|
|
{% set enabled = user.enabled | default(True) %}
|
|
|
|
user:{{ name }}@pam:{{ enabled | ternary(1, 0) }}:0::::::
|
|
|
|
{% endfor %}
|
|
|
|
|
2023-04-05 22:06:50 +02:00
|
|
|
{% for group in pve_auth__groups.keys() %}
|
2023-04-06 18:22:37 +02:00
|
|
|
{% set pve_users = pve_auth__users
|
|
|
|
| dict2items
|
|
|
|
| selectattr("value.groups", "defined")
|
|
|
|
| selectattr("value.groups", "contains", group)
|
|
|
|
| map(attribute="key")
|
|
|
|
| map("suffix", "@pve") %}
|
|
|
|
{% set pam_users = pve_auth__pam_users
|
|
|
|
| dict2items
|
|
|
|
| selectattr("value.groups", "defined")
|
|
|
|
| selectattr("value.groups", "contains", group)
|
|
|
|
| map(attribute="key")
|
|
|
|
| map("suffix", "@pam") %}
|
|
|
|
group:{{ group }}:{{ (pve_users + pam_users) | join(",") }}::
|
2023-04-05 22:06:50 +02:00
|
|
|
{% endfor %}
|
|
|
|
|
|
|
|
{% for group, roles in pve_auth__groups.items() %}
|
|
|
|
acl:1:/:@{{ group }}:{{ roles | join(",") }}:
|
|
|
|
{% endfor %}
|