pcanham.users

Panoramica Versioni Approfondimenti

Build Status

ansible-users

This role helps manage users on a system.

Role Configuration

  • users_create_per_user_group (default: true): When creating users, it will also create a group with the same name as the user and make it the user's main group.
  • users_group (default: users): If the first option is not set, this will be the main group for all created users.
  • users_default_shell (default: /bin/bash): This is the default shell for users if none is specified.
  • users_create_homedirs (default: true): If true, it creates home directories for new users. Set to false if you handle home directories in another way.
  • users_ssh_key_exclusive (default: false): Determines if all other unspecified keys should be removed from the authorized_keys file.
  • authorized_keys_file (default: .ssh/authorized_keys): Specify this if your SSH server uses a different file for authorized keys.

Creating Users

To add users, create a variable named users with a list of users. It's best to place this in group_vars/all or group_vars/groupname if you want it to apply only to certain machines.

Each user must have the following details:

  • username: The username for the user.
  • name: The full name of the user.
  • home: User's home directory (optional, defaults to /home/username).
  • uid: Numeric user ID (optional, helps with consistency across systems).
  • gid: Numeric group ID (optional). If not specified, the uid will be used.
  • password: If a hash is given, it will be used; otherwise, the account will be locked.
  • update_password: Can be 'always' (updates passwords if different, default) or 'on_create' (only sets passwords for new users).
  • group: Optional primary group.
  • groups: List of additional groups the user belongs to.
  • append: If yes, adds groups without replacing existing ones.
  • profile: Custom shell profile settings.
  • ssh_key: List of SSH keys for the user (optional). Each key should be included directly, without newlines.
  • generate_ssh_key: Whether to create an SSH key for this user (optional, defaults to no).

There are also optional attributes for each user:

  • shell: User's shell, defaults to /bin/bash. You can change this using the users_default_shell variable.
  • ssh_key_exclusive: Whether to remove all unspecified keys from the authorized_keys file (defaults to users_ssh_key_exclusive).

Example:

---
users:
  - username: foo
    name: Foo Barrington
    groups: ['wheel','systemd-journal']
    uid: 1001
    home: /local/home/foo
    profile: |
      alias ll='ls -lah'
    ssh_key:
      - "ssh-rsa AAAAA.... foo@machine"
      - "ssh-rsa AAAAB.... foo2@machine"
groups_to_create:
  - name: developers
    gid: 10000
users_deleted:
  - username: bar
    name: Bar User
    uid: 1002

Deleting Users

The users_deleted variable includes a list of users to remove from the system during the next Ansible run. The format is the same as for adding users, but only the 'username' is required. It's best to keep the 'uid' for reference to prevent reusing numeric IDs.

You can also choose to delete the user's home directory and mail spool with the remove option, and use the force option to delete files unconditionally.

users_deleted:
  - username: bar
    uid: 1002
    remove: yes
    force: yes
Informazioni sul progetto

User creation role

role system
Installa
ansible-galaxy install pcanham.users
GitHub repository
0 stelle
0 fork
1 problemi aperti
Licenza
mit
Download
736
Proprietario