diff --git a/README.md b/README.md index e3b76b234d9ff8228d8c3ef0f3c4633ac7bab681..8de9e3c2da54f9b37cbfdd886b9f89a1a99dc4ec 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ roles: - name: role-manage-user src: https://25_read_ansible_roles:glpat-5Ci385Nui9Uvyy8dQcuC@git.slub-dresden.de/ansible/referat25/role-manage-users.git scm: git - version: v1.0 + version: v1.1 # or whatever version you need ``` ```bash @@ -32,6 +32,8 @@ Provide valid variables and include role inside your playbook. For variables see `defaults/main.yml`. +Note: Users with the variable `sudo: true` can not have a password. A set password will be ignored. + ## License For open source projects, say how it is licensed. diff --git a/defaults/main.yml b/defaults/main.yml index 27f5c409a229edf71d22e56dba428ed9895ccb75..4200718658cf5586256eb8764c890d1caa47721c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -2,9 +2,10 @@ human_users: # - name: "dummy" # shell: /bin/bash + # password: # groups: "dummy" # extra_groups: "ssh" - # ssh_key_file: "claussni.pub" + # ssh_key_file: "dummy.pub" # ssh_key_url: https://git.slub-dresden.de/{{ name }}.keys # sudo: false | true diff --git a/tasks/main.yml b/tasks/main.yml index afb967be62d87f051a1ee36628e0b43f9e77d285..f15f3598552e571e0db6911530c684542555766e 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -19,11 +19,12 @@ user: name: "{{ item.name }}" shell: "{{ item.shell | default('/bin/sh') }}" - password_lock: true + password: "{% if item.sudo == false %}{{ item.password }}{% endif %}" + password_lock: "{{ item.sudo }}" with_items: "{{ human_users }}" become: true -- name: make user sudo if +- name: Make user sudo if variables say so ansible.builtin.template: src: etc/sudoers.d/sudoers-user-file.jinja2 dest: /etc/sudoers.d/{{ item.name }}