users
Ansible role - users
:star: Star us on GitHub — it motivates us a lot!
Create groups, users and set users's dotfiles.
:warning: Requirements
Ansible >= 2.10
:zap: Installation
ansible-galaxy install claranet.users
:gear: Role variables
Users
Users supported attributes are name, append, shell, createhome, home, password, uid, group, groups, update_password, state, remove and comment.
More informations
| Variable | Default value | Description |
|---|---|---|
| users | {} | Create groups, users and enable bashrc, ssh/config, vimrc and profile files |
Please note that we need to chattr -a the .bash_history file in order to manage groups changes !
Packages
| Variable | Default value | Description |
|---|---|---|
| users_packages | ["bash","bash-completion","vim","e2fsprogs"] | List of required packages for users |
Global variables
| Variable | Default value | Description |
|---|---|---|
| users_umask | 022 | Default umask for files created by users |
| users_lang | POSIX | Default lang variable |
| users_editor | vim | Default editor is vim |
| users_ls_options | --color=auto | Default ls options |
Dotfiles
| Variable | Default value | Description |
|---|---|---|
| users_default_bashrc | defaults/main.yml | Manage .bashrc file content |
| users_default_vimrc | defaults/main.yml | Manage .vimrc file content |
| users_default_profile | defaults/main.yml | Manage .profile file content |
| users_bashrc_histcontrol | ignoreboth | Set HISTCONTROL variable |
| users_bashrc_histsize | 5000 | Set HISTSIZE variable |
| users_bashrc_histfilesize | 20000 | Set HISTFILESIZE variable |
| users_bashrc_histtimeformat | %d-%m-%y %T | Set HISTTIMEFORMAT variable |
| users_bashrc_template | users/bashrc.j2 | Configures ~/.bashrc |
| users_ssh_config_template | users/ssh_config.j2 | Configures ~/.ssh/config |
| users_vimrc_template | users/vimrc.j2 | Configures ~/.vimrc |
| users_profile_template | users/profile.j2 | Configures ~/.profile |
Dotfiles (bashrc, ssh/config, vimrc, profile) are not enabled by default. You need to define them explicitly in the wanted user. (See example below).
:arrows_counterclockwise: Dependencies
See tasks/install.yml.
:pencil2: Example Playbook
---
- hosts: all
become: true
become_user: root
roles:
- claranet.users
vars:
users:
root:
home: /root
group: wheel
password: "*"
authorized_keys: ["ssh-rsa xxx"]
bashrc:
- 'export PS1=''\[\033[01;31m\]\u\[\033[00m\]@$(hostname -f) \[\033[01;34m\]\w \$\[\033[00m\] '''
vimrc:
- "color desert"
profile: {}
ssh_config:
'mysrv*':
identityFile: /home/user/.ssh/user
ssh_keys:
id_rsa:
public: 'ssh-rsa '
private: "{{ lookup('community.hashi_vault.hashi_vault', 'secret/ssh:private_key') }}"
update_password: "on_create" # default is always