50 lines
1.7 KiB
YAML
50 lines
1.7 KiB
YAML
---
|
|
- name: Create or remove groups
|
|
ansible.builtin.group:
|
|
name: "{{ item.name }}"
|
|
gid: "{{ item.gid | default(omit) }}"
|
|
state: "{{ item.state | default('present') }}"
|
|
loop: "{{ accounts_groups | default([]) }}"
|
|
loop_control:
|
|
label: "{{ item.name }}"
|
|
|
|
- name: Ensure users (create or remove)
|
|
ansible.builtin.user:
|
|
name: "{{ item.name }}"
|
|
uid: "{{ item.uid | default(omit) }}"
|
|
group: "{{ item.group | default(omit) }}"
|
|
groups: "{{ item.groups | join(',') if (item.groups is defined and item.groups | length > 0) else omit }}"
|
|
append: yes
|
|
home: "{{ item.home | default(omit) }}"
|
|
shell: "{{ item.shell | default(omit) }}"
|
|
create_home: "{{ item.create_home | default(false) }}"
|
|
system: "{{ item.system | default(false) }}"
|
|
remove: "{{ item.remove_home | default(false) }}"
|
|
state: "{{ item.state | default('present') }}"
|
|
loop: "{{ accounts_users | default([]) }}"
|
|
loop_control:
|
|
label: "{{ item.name }}"
|
|
|
|
# - name: Create missing users declared as group members (optional)
|
|
# ansible.builtin.user:
|
|
# name: "{{ item.1 }}"
|
|
# state: present
|
|
# when: create_missing_users | default(false) and item.0.state | default('present') == 'present'
|
|
# with_subelements:
|
|
# - "{{ accounts_groups | default([]) }}"
|
|
# - members
|
|
# loop_control:
|
|
# label: "{{ item.0.name }}:{{ item.1 }}"
|
|
|
|
# - name: Ensure declared group members exist in their groups (only for present groups)
|
|
# ansible.builtin.user:
|
|
# name: "{{ item.1 }}"
|
|
# groups: "{{ item.0.name }}"
|
|
# append: yes
|
|
# state: present
|
|
# when: item.0.state | default('present') == 'present'
|
|
# with_subelements:
|
|
# - "{{ accounts_groups | default([]) }}"
|
|
# - members
|
|
# loop_control:
|
|
# label: "{{ item.0.name }}:{{ item.1 }}"
|