feat: remove reference to a specific user
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
vincent 2023-01-10 20:45:21 +01:00
parent 12532110b7
commit 885a1388d9
4 changed files with 4 additions and 13 deletions

View File

@ -21,6 +21,7 @@ system_user:
home: /home/ansible
shell: '/bin/bash'
system_group: []
system_sudoers_group: "superusergroup"
keystodeploy: []
# - name: toto
# user: toto

View File

@ -53,11 +53,3 @@
update_cache: true
become: true
when: ansible_facts['os_family'] == "RedHat"
#- name: Pass user shell to zsh
# user:
# name: "{{ user.name }}"
# shell: /bin/zsh
# state: present
# when: ansible_facts['os_family'] != "RedHat"
# become: true

View File

@ -11,7 +11,6 @@
owner: '{{ item }}'
mode: 0700
with_items:
- '{{ user.name }}'
- ansible
- name: Copy ssh config for user
@ -25,7 +24,6 @@
selevel: s0
owner: '{{ item }}'
with_items:
- '{{ user.name }}'
- ansible
- name: Ensure root ssh directory exist
become: true

View File

@ -1,6 +1,6 @@
- name: Set sudoers right
ansible.builtin.lineinfile:
dest: '/etc/sudoers.d/{{ user.name }}'
dest: '/etc/sudoers.d/{{ system_sudoers_group }}'
regexp: '{{ item.regexp }}'
line: '{{ item.line }}'
state: 'present'
@ -10,8 +10,8 @@
mode: '0440'
validate: 'visudo -cf "%s"'
with_items:
- regexp: '^{{ user.name }}\s'
line: '{{ user.name }} ALL = (ALL) NOPASSWD:ALL'
- regexp: '^%{{ system_sudoers_group }}\s'
line: '%{{ system_sudoers_group }} ALL = (ALL) NOPASSWD:ALL'
become: True
- name: Change secure path