xaked/ansible-role-users
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

feat(role): add ansible-lint, fix ansible-lint issues
All checks were successful
checks-test / Lint (push) Successful in 53s
Details
checks-test / molecule (rockylinux9) (push) Successful in 2m59s
Details
checks-test / molecule (debian11) (push) Successful in 3m10s
Details
checks-test / molecule (ubuntu2204) (push) Successful in 3m24s
Details

Browse Source
This commit is contained in:
Mykhailo Nikiforov
2024-01-14 19:21:16 +02:00
parent e776a43962
commit f3b6072eb6
6 changed files with 18 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.ansible-lint Normal file
View File

@@ -0,0 +1,3 @@
skip_list:
- yaml
- role-name

6
.gitea/workflows/checks-test.yml
View File

@@ -26,9 +26,11 @@ jobs:
with: with:
python-version: '3.x' python-version: '3.x'
- name: Intall test dependencies - name: Intall test dependencies
run: pip3 install yamllint run: pip3 install yamllint ansible-lint
- name: Lint code - name: Lint code with yamllint
run: 'yamllint .' run: 'yamllint .'
- name: Lint code with yamllint
run: 'ansible-lint --profile production --show-relpath .'
molecule: molecule:
name: molecule name: molecule
runs-on: ubuntu-latest runs-on: ubuntu-latest

2
meta/main.yml
View File

@@ -3,7 +3,7 @@ galaxy_info:
author: palkx author: palkx
description: provision users and groups description: provision users and groups
license: license (BSD, MIT) license: license (BSD, MIT)
min_ansible_version: 2.1 min_ansible_version: '2.10'
platforms: platforms:
- name: Fedora - name: Fedora
versions: versions:

2
tasks/group.yml
View File

@@ -1,6 +1,6 @@
--- ---
- name: "Create group `{{ group }}`" - name: "Create group `{{ group }}`"
become: true become: true
group: ansible.builtin.group:
name: "{{ group }}" name: "{{ group }}"
gid: "{{ users_groups[group].get('gid', None) }}" gid: "{{ users_groups[group].get('gid', None) }}"

6
tasks/main.yml
View File

@@ -1,10 +1,12 @@
--- ---
- include_tasks: group.yml - name: Create groups
ansible.builtin.include_tasks: group.yml
with_items: "{{ users_groups.keys() }}" with_items: "{{ users_groups.keys() }}"
loop_control: loop_control:
loop_var: group loop_var: group
- include_tasks: user.yml - name: Create users
ansible.builtin.include_tasks: user.yml
when: ansible_default_ipv4.address in users[username]['passwords'] or users[username]['passwords'].get('default') when: ansible_default_ipv4.address in users[username]['passwords'] or users[username]['passwords'].get('default')
with_items: "{{ users.keys() }}" with_items: "{{ users.keys() }}"
loop_control: loop_control:

10
tasks/user.yml
View File

@@ -1,5 +1,5 @@
--- ---
- name: "create user `{{ username }}`" - name: "Create user `{{ username }}`"
ansible.builtin.user: ansible.builtin.user:
name: "{{ username }}" name: "{{ username }}"
append: true append: true
@@ -7,22 +7,22 @@
shell: "{{ users[username].get('shell', '/bin/bash') }}" shell: "{{ users[username].get('shell', '/bin/bash') }}"
uid: "{{ users[username].get('uid', None) }}" uid: "{{ users[username].get('uid', None) }}"
- name: "set specific password for user `{{ username }}`" - name: "Set specific password for user `{{ username }}`"
ansible.builtin.user: ansible.builtin.user:
name: "{{ username }}" name: "{{ username }}"
password: "{{ users[username]['passwords'].get(ansible_default_ipv4.address) }}" password: "{{ users[username]['passwords'].get(ansible_default_ipv4.address) }}"
when: "ansible_default_ipv4.address in users[username]['passwords'] and when: "ansible_default_ipv4.address in users[username]['passwords'] and
users[username]['passwords'].get(ansible_default_ipv4.address) != 'default'" users[username]['passwords'].get(ansible_default_ipv4.address) != 'default'"
- name: "set default password for user `{{ username }}`" - name: "Set default password for user `{{ username }}`"
ansible.builtin.user: ansible.builtin.user:
name: "{{ username }}" name: "{{ username }}"
password: "{{ users[username]['passwords'].get('default') }}" password: "{{ users[username]['passwords'].get('default') }}"
when: "ansible_default_ipv4.address not in users[username]['passwords'] or when: "ansible_default_ipv4.address not in users[username]['passwords'] or
users[username]['passwords'].get(ansible_default_ipv4.address) == 'default'" users[username]['passwords'].get(ansible_default_ipv4.address) == 'default'"
- name: "setup ssh key for user `{{ username }}`" - name: "Setup ssh key for user `{{ username }}`"
ansible.builtin.authorized_key: ansible.posix.authorized_key:
user: "{{ username }}" user: "{{ username }}"
state: "{{ users[username]['authorized_keys'][item].get('state', 'present') }}" state: "{{ users[username]['authorized_keys'][item].get('state', 'present') }}"
key: "{{ users[username]['authorized_keys'][item].get('key') }}" key: "{{ users[username]['authorized_keys'][item].get('key') }}"