feat: remove reference to a specific user
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
12532110b7
commit
885a1388d9
@ -21,6 +21,7 @@ system_user:
|
||||
home: /home/ansible
|
||||
shell: '/bin/bash'
|
||||
system_group: []
|
||||
system_sudoers_group: "superusergroup"
|
||||
keystodeploy: []
|
||||
# - name: toto
|
||||
# user: toto
|
||||
|
@ -53,11 +53,3 @@
|
||||
update_cache: true
|
||||
become: true
|
||||
when: ansible_facts['os_family'] == "RedHat"
|
||||
|
||||
#- name: Pass user shell to zsh
|
||||
# user:
|
||||
# name: "{{ user.name }}"
|
||||
# shell: /bin/zsh
|
||||
# state: present
|
||||
# when: ansible_facts['os_family'] != "RedHat"
|
||||
# become: true
|
||||
|
@ -11,7 +11,6 @@
|
||||
owner: '{{ item }}'
|
||||
mode: 0700
|
||||
with_items:
|
||||
- '{{ user.name }}'
|
||||
- ansible
|
||||
|
||||
- name: Copy ssh config for user
|
||||
@ -25,7 +24,6 @@
|
||||
selevel: s0
|
||||
owner: '{{ item }}'
|
||||
with_items:
|
||||
- '{{ user.name }}'
|
||||
- ansible
|
||||
- name: Ensure root ssh directory exist
|
||||
become: true
|
||||
|
@ -1,6 +1,6 @@
|
||||
- name: Set sudoers right
|
||||
ansible.builtin.lineinfile:
|
||||
dest: '/etc/sudoers.d/{{ user.name }}'
|
||||
dest: '/etc/sudoers.d/{{ system_sudoers_group }}'
|
||||
regexp: '{{ item.regexp }}'
|
||||
line: '{{ item.line }}'
|
||||
state: 'present'
|
||||
@ -10,8 +10,8 @@
|
||||
mode: '0440'
|
||||
validate: 'visudo -cf "%s"'
|
||||
with_items:
|
||||
- regexp: '^{{ user.name }}\s'
|
||||
line: '{{ user.name }} ALL = (ALL) NOPASSWD:ALL'
|
||||
- regexp: '^%{{ system_sudoers_group }}\s'
|
||||
line: '%{{ system_sudoers_group }} ALL = (ALL) NOPASSWD:ALL'
|
||||
become: True
|
||||
|
||||
- name: Change secure path
|
||||
|
Loading…
Reference in New Issue
Block a user