singleplatform-eng.users

Panoramica Versioni Approfondimenti

ansible-users

This is a role for managing users on a system.

Role Configuration

  • users_create_per_user_group (default: true): When creating a user, also create a group with the same name and make it the user's main group.
  • users_group (default: users): If the previous setting is not enabled, this will be the main group for all users created.
  • users_default_shell (default: /bin/bash): The default shell to use if none is provided for a user.
  • users_create_homedirs (default: true): Create home directories for new users. Set to false if you manage home directories in a different way.
  • authorized_keys_file (default: .ssh/authorized_keys): Change this if your SSH server uses a different file for authorized keys.

Creating Users

To create users, define a variable called users with the list of users. It's best to place this in group_vars/all or group_vars/groupname for specific machines.

Each user needs the following details:

  • username: The user's username.
  • name: The full name of the user.
  • home: The home directory for the user (optional; defaults to /home/username).
  • uid: The numeric user ID for the user (optional, needed for consistency).
  • gid: The numeric group ID for the group (optional; defaults to uid).
  • password: If you provide a hash, it will be used; otherwise, the account will be locked.
  • update_password: Can be 'always' (updates passwords whenever they differ, default) or 'on_create' (sets password only for new users).
  • group: Optional main group override.
  • groups: A list of extra groups for the user.
  • append: If set to yes, it will only add additional groups (optional).
  • profile: A block to set custom shell profiles.
  • ssh_key: A list of SSH keys for the user (optional). Each key should be a single line.
  • generate_ssh_key: Whether to create an SSH key for the user (optional, defaults to no).

Additionally, the following are optional:

  • shell: The user's shell. Defaults to /bin/bash. You can change the default with users_default_shell.

Example:

---
users:
  - username: foo
    name: Foo Barrington
    groups: ['wheel','systemd-journal']
    uid: 1001
    home: /local/home/foo
    profile: |
      alias ll='ls -lah'
    ssh_key:
      - "ssh-rsa AAAAA.... foo@machine"
      - "ssh-rsa AAAAB.... foo2@machine"
groups_to_create:
  - name: developers
    gid: 10000
users_deleted:
  - username: bar
    name: Bar User
    uid: 1002

Deleting Users

The users_deleted variable lists users to be removed from the system during the next ansible run. The format is like the users variable, but only the username field is required. It's a good idea to keep the uid field for reference to avoid reusing numeric user IDs.

You can choose to remove the user's home directory and mail spool using the remove parameter and force the removal of files using the force parameter.

Example:

users_deleted:
  - username: bar
    uid: 1002
    remove: yes
    force: yes
Informazioni sul progetto

User creation role

role system
Installa
ansible-galaxy install singleplatform-eng.users
GitHub repository
211 stelle
144 fork
10 problemi aperti
Licenza
mit
Download
8.5M
Proprietario
SinglePlatform Engineering
Open source code from the SinglePlatform Engineering team.