ansible-user/tasks/main.yml

---
# tasks file for ansible-user
- name: Print user name
  ansible.builtin.debug:
    msg: {{ user_name }}
- name: Create system user
  become: true
  ansible.builtin.user:
    name: '{{ user_name }}'
    system: true
    password: "{{ user_password|default('') }}"
    groups: "{{ user_groups | join(',') }}"
    home: "{{ user_home | default('/') }}"
    shell: "{{ user_shell | default('/usr/bin/nologin') }}"
  when: user_name != "root" and not user_ldap
- name: simulate login
  stat:
    path: "/home/{{user.name}}"
    become: true
    become_user: "{{user.name}}"
  when: user_ldap

- name: Ensure .ssh exist  for user
  become: true
  ansible.builtin.file:
    state: directory
    path: "{{ user_home | default('/') }}/.ssh"
    owner: '{{ user_name }}'
    mode: 0700

- name: Copy  ssh config for user
  become: true
  ansible.builtin.template:
    dest: "{{ user_home | default('/') }}/.ssh/config"
    src: 'config.j2'
    force: true
    mode: '600'
    selevel: s0
    owner: '{{ user_name }}'


- name: Install ssh private key
  become: true
  ansible.builtin.copy:
    content: '{{ item.key }}'
    dest: '{{ user_home}}/.ssh/{{ item.keyname }}'
    mode: 0600
    owner: '{{ user_name }}'
  with_items: '{{ user_privatekey }}'

- name: Deploy SSH-Keys to remote host
  ansible.posix.authorized_key:
    user: '{{ user_name }}'
    key: '{{ item }}'
    exclusive: false
  with_items: '{{ user_authorized_key }}'
feat: init role 2023-01-15 10:05:39 +00:00			`---`
			`# tasks file for ansible-user`
			`- name: Print user name`
			`ansible.builtin.debug:`
			`msg: {{ user_name }}`
			`- name: Create system user`
			`become: true`
			`ansible.builtin.user:`
			`name: '{{ user_name }}'`
			`system: true`
			`password: "{{ user_password\|default('') }}"`
			`groups: "{{ user_groups \| join(',') }}"`
			`home: "{{ user_home \| default('/') }}"`
			`shell: "{{ user_shell \| default('/usr/bin/nologin') }}"`
			`when: user_name != "root" and not user_ldap`
			`- name: simulate login`
			`stat:`
			`path: "/home/{{user.name}}"`
			`become: true`
			`become_user: "{{user.name}}"`
			`when: user_ldap`

			`- name: Ensure .ssh exist for user`
			`become: true`
			`ansible.builtin.file:`
			`state: directory`
			`path: "{{ user_home \| default('/') }}/.ssh"`
			`owner: '{{ user_name }}'`
			`mode: 0700`

			`- name: Copy ssh config for user`
			`become: true`
			`ansible.builtin.template:`
			`dest: "{{ user_home \| default('/') }}/.ssh/config"`
			`src: 'config.j2'`
			`force: true`
			`mode: '600'`
			`selevel: s0`
			`owner: '{{ user_name }}'`


			`- name: Install ssh private key`
			`become: true`
			`ansible.builtin.copy:`
			`content: '{{ item.key }}'`
			`dest: '{{ user_home}}/.ssh/{{ item.keyname }}'`
			`mode: 0600`
			`owner: '{{ user_name }}'`
			`with_items: '{{ user_privatekey }}'`

			`- name: Deploy SSH-Keys to remote host`
			`ansible.posix.authorized_key:`
			`user: '{{ user_name }}'`
			`key: '{{ item }}'`
			`exclusive: false`
			`with_items: '{{ user_authorized_key }}'`