Refactor windmill_users logic
We now have windmill_users, which is all the users in the system. And windmill_root_users indicate which users should be considered root. Change-Id: I2f2240a9fef36372f5aa0642bcc7a1b5403bf60b Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This commit is contained in:
parent
395a0a3c87
commit
9f5bab1863
|
@ -12,4 +12,5 @@
|
||||||
# License for the specific language governing permissions and limitations
|
# License for the specific language governing permissions and limitations
|
||||||
# under the License.
|
# under the License.
|
||||||
---
|
---
|
||||||
|
windmill_root_users: []
|
||||||
windmill_users: {}
|
windmill_users: {}
|
||||||
|
|
|
@ -15,29 +15,29 @@
|
||||||
- name: Create windmill_users group
|
- name: Create windmill_users group
|
||||||
become: true
|
become: true
|
||||||
group:
|
group:
|
||||||
name: "{{ item.name }}"
|
name: "{{ item }}"
|
||||||
gid: "{{ item.gid }}"
|
gid: "{{ windmill_users[item].gid }}"
|
||||||
state: present
|
state: present
|
||||||
with_items: "{{ windmill_users }}"
|
with_items: "{{ windmill_root_users }}"
|
||||||
|
|
||||||
- name: Create windmill_users user
|
- name: Create windmill_users user
|
||||||
become: true
|
become: true
|
||||||
user:
|
user:
|
||||||
name: "{{ item.name }}"
|
name: "{{ item }}"
|
||||||
group: "{{ item.gid }}"
|
group: "{{ windmill_users[item].gid }}"
|
||||||
groups: sudo
|
groups: sudo
|
||||||
shell: /bin/bash
|
shell: /bin/bash
|
||||||
uid: "{{ item.uid }}"
|
uid: "{{ windmill_users[item].uid }}"
|
||||||
with_items: "{{ windmill_users }}"
|
with_items: "{{ windmill_root_users }}"
|
||||||
|
|
||||||
- name: Add SSH public key
|
- name: Add SSH public key
|
||||||
become: true
|
become: true
|
||||||
authorized_key:
|
authorized_key:
|
||||||
exclusive: true
|
exclusive: true
|
||||||
key: "{{ item.key }}"
|
key: "{{ windmill_users[item].key }}"
|
||||||
state: present
|
state: present
|
||||||
user: "{{ item.name }}"
|
user: "{{ item }}"
|
||||||
with_items: "{{ windmill_users }}"
|
with_items: "{{ windmill_root_users }}"
|
||||||
|
|
||||||
- name: Disable password for sudo users
|
- name: Disable password for sudo users
|
||||||
become: true
|
become: true
|
||||||
|
|
Loading…
Reference in New Issue