GROG.user
User Management Role
This is a role for managing users on your systems.
Related Roles
These roles are designed to work well with the user management role:
- authorized-key: Manages SSH authorized keys.
- sudo: Manages sudo rights.
The management-user role combines all these roles into one easy-to-use role.
Requirements
- Your hosts need to be ready to use Ansible (Python and other dependencies installed).
- You need root access (set
become: yes). - The commands
useradd,userdel, andusermodshould be available on the host.
Role Variables
Here's a summary of the main variables you can use:
| Variable | Description | Default Value |
|---|---|---|
user_list |
List of users to manage (see details below) | [] |
user_list_host |
Users specific to hosts (see details below) | [] |
user_list_group |
Users specific to groups (see details below) | [] |
user_append |
Should it only append to groups? | no |
user_createhome |
Should it create a home directory for the user? | yes |
user_force |
Force deletion of users if needed? | no |
user_generate_ssh_key |
Should it generate an SSH key? | no |
user_move_home |
Should the home directory be moved? | no |
user_none_unique |
Allow non-unique user IDs? | no |
user_remove |
Use a special removal option when deleting a user? | no |
user_shell |
Default shell for the user | '/bin/sh' |
user_ssh_key_bits |
Default size for SSH keys | 4096 |
user_ssh_key_file |
Default location for SSH keys | '.ssh/id_rsa' |
user_system |
Is this a system account? | no |
user_update_password |
Should it always update the password? | always |
Details for user_list
The user_list, user_list_host, and user_list_group will be combined when managing users. You can specify users for each host or group.
You can define the following attributes for each user in the list:
| Variable | Description | Required | Default |
|---|---|---|---|
append |
Should it only append users to groups? | no | user_append |
comment |
Description for the user | no | / |
createhome |
Should it create a home directory? | no | user_createhome |
expires |
Expiry date for the account | no | / |
force |
Use the --force option when deleting a user? | no | user_force |
generate_ssh_key |
Should it generate an SSH key? | no | user_generate_ssh_key |
group |
Primary group for the user | no | / |
groups |
Additional groups for the user | no | / |
home |
Home directory for the user | no | / |
login_class |
Login class for BSD systems | no | / |
move_home |
Should the home directory be moved? | no | user_move_home |
name |
Name of the user | yes | / |
non_unique |
Allow non-unique user IDs? | no | user_none_unique |
password |
Password for the user | no | / |
remove |
Use --remove when deleting a user? | no | user_remove |
shell |
User's shell | no | user_shell |
ssh_key_bits |
Size of the SSH key | no | user_ssh_key_bits |
ssh_key_comment |
Comment for the SSH key | no | / |
ssh_key_file |
File for the SSH key | no | user_ssh_key_file |
ssh_key_passphrase |
Passphrase for the SSH key | no | / |
ssh_key_type |
Type of SSH key | no | rsa |
state |
User state (present/absent) | no | 'present' |
system |
Is this a system account? | no | user_system |
uid |
User ID | no | / |
update_password |
Should the password be updated if changed? | no | user_update_password |
Example user_list
user_list:
- name: user1
- name: user2
uid: 1001
groups:
- test
- sudo
- name: user3
uid: 1002
state: absent
Dependencies
None.
Example Playbook
---
- hosts: servers
roles:
- { role: GROG.user, become: yes }
In the group_vars/servers.yml file:
user_list_group:
- name: user
uid: 1001
- name: test
state: absent
Contributing
We welcome any contributions, changes, or ideas! Check here to get involved.
Author
Created by G. Roggemans.
License
MIT