Skip to content
This repository has been archived by the owner on Jul 8, 2021. It is now read-only.

willshersystems/ansible-users

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Build Status Ansible Galaxy

User management

Configure users, group, SSH keys and administrative sudo access. The role can:

  • Add and remove groups
  • Add and remove users
  • Install SSH keys for users
  • Configure sudo to allow root access for the administration group

Requirements

Tested on:

  • Ubuntu 14.04 LTS

Should work with:

  • All Ubuntu
  • All Debian
  • All EL 6,7 based distros

Role Variables

Users

  • users

A list containing dictionaries of configuration. Each list item can have the following elements. Italic text indicates the default.

  • name required
  • state (present)
  • uid
  • group (item.name)
  • groups
  • shell ({{ users_default_shell }})
  • comment (Unknown user)
  • password ({{ users_default_password }})
  • home (/home/{{item.name}})
  • createhome ({{ users_create_homedirs }})
  • system
  • is_admin

users_default_password is set to watching the default password is for new accounts for the given OS, e.g. !!

All other variable defaults are given below.

is_admin is a boolean. If set, the user is added to the OSs admin group.

All other items correspond to the ansible users module parameters.

Example

users:
- name: alice
  comment: Alice
  password: '$6$hE1TkH.X$F9flUhXGiL8zI4lOioqp1FxN8L8HrMbuP4ZFVbv5MnyeQFAhIAsbTmT6t7.p93FgyiJo3U/aJeiGHzCTUvA.s.'
  is_admin: yes
  groups:
    - devs
    - mgmt
- name: bob
  state: absent

Groups

  • users_groups

A list of user groups to create. Each list item can have the following elements. Italic text indicates the default.

  • name required
  • state (present)
  • system
  • gid

Example

users_groups:
- name: devs
  gid: 1000
- name: mgmt
  gid: 2000
- name: hr
  state: absent

SSH Keys

  • users_ssh_keys

A list of users, each containing a key with a list of public SSH keys as its value.

  • name
  • keys

name is the username.

keys is a list of public SSH keys.

Example

users_ssh_keys:
- name: alice
  keys:
    - ssh-rsa AAAA..... [email protected]
    - ssh-rsa AAAA..... [email protected]
- name: bob
  keys:
    - ssh-rsa AAAA.... [email protected]

Tuning configuration

  • users_default_shell

The default shell for a user if none is specified. Defaults to /bin/bash

  • users_create_homedirs

Create home dirs for new users? Set this to false if you manage home directories in some other way. Defaults to true.

  • users_per_user_groups

Create groups for users with the same name as the users group. Defaults to true

Sudo configuration

  • users_manage_admin_sudoers

If true, create sudo configuration to allow users in the admin group to become root via sudo. Defaults to true

  • users_admin_uses_ansible

If true, assume the admin group is also used to run Ansible jobs. This disables requiretty for the admin group in the sudoers configuration. Defaults to true

  • users_admin_sudo_password

If true require a password for sudo, false to not require a password. Defaults to true

Dependencies

None

Example Playbook

---
- hosts: all
  sudo: true
  vars:
    users_admin_sudo_password: false
  roles:
  - role: willshersystems.users
    users:
    - name: carl
      uid: 1010
      comment: 'Carl Crisp'
      is_admin: yes
      groups:
      - beancounters
    - name: ec_user
      state: absent
    users_groups:
    - name: beancounters
    users_ssh_keys:
    - name: carl
      keys:
      - ssh-rsa AAAA....... [email protected]

License

LGPLv3

Author Information

Matt Willsher, [email protected]

(c)2015 Willsher Systems