cans.user-make
cans.user-make
Ansible role to create multiple users on target machines.
How it works
To create a user, you need to define it with the following details:
usermake_users:
- name: "johndoe" # required
gecos: "John Doe,,," # default: none
groups: "sudo,adm" # default: none
passwordless_sudo: true # default: usermake_sudoer_passwordless
ssh_key_create: false # default: true
ssh_key_upload_to_ec2: true # default: usermake_ssh_key_upload_to_ec2
ssh_key_download: true # default: usermake_ssh_key_download
sudoer: true # default: usermake_sudoer
system: false # default: false
upload_my_key: false # default: usermake_upload_ssh_key_to_target
remove: false # default: none or usermake_remove
home_dir: "/home/jdoe" # default: usermake_home_base_dir/name
Here's what each variable means:
name: the username for the new user.gecos: additional information about the user.groups: the groups the user will belong to; these should already exist.passwordless_sudo: if true, the user can switch to other users without a password.remove: if the user account is deleted, should their files be removed too?ssh_key_create: if true, generate an SSH key pair for the user.ssh_key_download: if true, download the user's SSH public key to your machine.ssh_key_upload_to_ec2: if true, upload the user's SSH public key to AWS EC2.state: use 'present' to create a user or 'absent' to delete one (default is 'present').sudoer: if true, the user will have sudo privileges.system: if true, the user will be a system user with a low UID and no login.upload_my_key: if true, upload your local SSH key to the target machine.
These settings override the default options provided below.
Limitations of this role
This role cannot add users to existing groups. It will replace a user's groups with the new list provided.
Requirements
This role does not have any special requirements.
Role Variables
All variable names in this role start with the prefix usermake_.
usermake_home_base_dir: change the base directory for user home directories (default:/home).usermake_remove: should users' home directories be deleted when they are removed? (default: false)usermake_ssh_key_create: should SSH key pairs be created for new users by default? (default: true)usermake_ssh_key_download: should SSH keys for new users be downloaded locally?usermake_ssh_key_download_dir: where to save downloaded public SSH keys (default:{{ playbook_dir }}/collected-keys).usermake_ssh_key_download_dir_mode: permissions for the directory storing the keys (default: 0750).usermake_ssh_key_passphrase: a default passphrase for SSH keys; it's better to set this another way. (default: none)usermake_sudoer: should new users have sudo access by default? (default: false)usermake_sudoer_dir: where to place sudoer rules on target machines (default:/etc/sudoers.d).usermake_system: should new users be system users by default? (default: false)usermake_upload_ssh_key_to_target: should the local user's SSH public key be uploaded to the target machine? (default: true)usermake_upload_ssh_key_file: the file to read the public key from if you upload it (default:~/.ssh/id_rsa.pub).usermake_user_groups: default groups for new users (default: none).usermake_users: a list of users to create, defined as shown above (default:[]).
Dependencies
This role has no dependencies.
Example Playbook
To create some users:
- hosts: servers
roles:
- role: cans.user-make
usermake_users:
- name: "alice"
groups: "sudo,adm"
system: false
ssh_key_create: true
- name: "bob"
gecos: "Bob no sponge,,,"
system: true
ssh_key_create: true
To delete some users:
- hosts: servers
roles:
- role: cans.user-make
usermake_users:
- name: "alice"
state: "absent"
remove: true # Remove all files owned by the user
- name: "bob"
state: "absent"
You can also check the tests in tests/test.yml for more usage examples of this role.
Todo
Implement integration testing for AWS key upload.
License
GPLv2
Author Information
Copyright © 2017, Nicolas CANIART.
Installa
ansible-galaxy install cans.user-makeLicenza
gpl-2.0
Download
149
Proprietario