feat: remove reference to a specific user

2023-01-10 20:45:21 +01:00 · 2023-01-10 20:45:21 +01:00 · 885a1388d9
commit 885a1388d9
parent 12532110b7
4 changed files with 4 additions and 13 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -21,6 +21,7 @@ system_user:
      home: /home/ansible
      shell: '/bin/bash'
 system_group: []
+system_sudoers_group: "superusergroup" 
 keystodeploy: []
 # - name: toto
 #  user: toto
--- a/tasks/base_software.yml
+++ b/tasks/base_software.yml
@ -53,11 +53,3 @@
    update_cache: true
  become: true
  when: ansible_facts['os_family'] == "RedHat"
-
-#- name: Pass user shell to zsh
-#  user:
-#    name: "{{ user.name }}"
-#    shell: /bin/zsh
-#    state: present
-#  when: ansible_facts['os_family'] != "RedHat"
-#  become: true
--- a/tasks/ssh.yml
+++ b/tasks/ssh.yml
@ -11,7 +11,6 @@
    owner: '{{ item }}'
    mode: 0700
  with_items:
-    - '{{ user.name }}'
    - ansible

 - name: Copy  ssh config for user
@ -25,7 +24,6 @@
    selevel: s0
    owner: '{{ item }}'
  with_items:
-    - '{{ user.name }}'
    - ansible
 - name: Ensure root ssh directory exist
  become: true
--- a/tasks/sudoers.yml
+++ b/tasks/sudoers.yml
@ -1,6 +1,6 @@
 - name: Set sudoers right
  ansible.builtin.lineinfile:
-    dest: '/etc/sudoers.d/{{ user.name }}'
+    dest: '/etc/sudoers.d/{{ system_sudoers_group }}'
    regexp: '{{ item.regexp }}'
    line: '{{ item.line }}'
    state: 'present'
@ -10,8 +10,8 @@
    mode: '0440'
    validate: 'visudo -cf "%s"'
  with_items:
-    - regexp: '^{{ user.name }}\s'
-      line: '{{ user.name }} ALL = (ALL) NOPASSWD:ALL'
+    - regexp: '^%{{ system_sudoers_group }}\s'
+      line: '%{{ system_sudoers_group }} ALL = (ALL) NOPASSWD:ALL'
  become: True

 - name: Change secure path