Refactor windmill_users logic

We now have windmill_users, which is all the users in the system. And
windmill_root_users indicate which users should be considered root.

Change-Id: I2f2240a9fef36372f5aa0642bcc7a1b5403bf60b
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This commit is contained in:
Paul Belanger 2019-03-16 17:56:12 -04:00
parent 395a0a3c87
commit 9f5bab1863
2 changed files with 11 additions and 10 deletions

View File

@ -12,4 +12,5 @@
# License for the specific language governing permissions and limitations
# under the License.
---
windmill_root_users: []
windmill_users: {}

View File

@ -15,29 +15,29 @@
- name: Create windmill_users group
become: true
group:
name: "{{ item.name }}"
gid: "{{ item.gid }}"
name: "{{ item }}"
gid: "{{ windmill_users[item].gid }}"
state: present
with_items: "{{ windmill_users }}"
with_items: "{{ windmill_root_users }}"
- name: Create windmill_users user
become: true
user:
name: "{{ item.name }}"
group: "{{ item.gid }}"
name: "{{ item }}"
group: "{{ windmill_users[item].gid }}"
groups: sudo
shell: /bin/bash
uid: "{{ item.uid }}"
with_items: "{{ windmill_users }}"
uid: "{{ windmill_users[item].uid }}"
with_items: "{{ windmill_root_users }}"
- name: Add SSH public key
become: true
authorized_key:
exclusive: true
key: "{{ item.key }}"
key: "{{ windmill_users[item].key }}"
state: present
user: "{{ item.name }}"
with_items: "{{ windmill_users }}"
user: "{{ item }}"
with_items: "{{ windmill_root_users }}"
- name: Disable password for sudo users
become: true