diff --git a/tasks/groups.yml b/tasks/groups.yml index 2d6b5ea..568f570 100644 --- a/tasks/groups.yml +++ b/tasks/groups.yml @@ -5,9 +5,9 @@ gid: "{{ omit }}" - set_fact: - group: "{{ defaultgroup|combine(item.value|d({}), {'name': item.key} ) }}" + group: "{{ defaultgroup|combine(currentgroup.value|d({}), {'name': currentgroup.key} ) }}" -- name: create groupss +- name: create groups group: name: "{{ group.name }}" system: "{{ group.system }}" diff --git a/tasks/main.yml b/tasks/main.yml index 15d750e..819862c 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,9 +1,13 @@ - name: handle groups - with_dict: "{{ accounts.groups }}" + loop: "{{ accounts.groups|dict2items }}" + loop_control: + loop_var: currentgroup include_tasks: file: groups.yml - name: handle users - with_dict: "{{ accounts.users }}" + loop: "{{ accounts.users|dict2items }}" + loop_control: + loop_var: currentuser include_tasks: file: users.yml diff --git a/tasks/users.yml b/tasks/users.yml index 4364147..7acdd58 100644 --- a/tasks/users.yml +++ b/tasks/users.yml @@ -3,17 +3,18 @@ genssh: false group: ~ groups: [] - home: "{{ ('/var/lib/'+item.key) if (item.value.system|d(True)) else ('/home/'+item.key) }}" + home: "{{ ('/var/lib/'+currentuser.key) if (currentuser.value.system|d(True)) else ('/home/'+currentuser.key) }}" system: true state: present uid: "{{ omit }}" password: "*" shell: "/usr/sbin/nologin" + authorized_keys: {} - set_fact: - user: "{{ defaultuser|combine(item.value|d({}), {'name': item.key} ) }}" + user: "{{ defaultuser|combine(currentuser.value|d({}), {'name': currentuser.key} ) }}" -- name: create users +- name: "create user ({{ user.name }})" user: name: "{{ user.name }}" generate_ssh_key: "{{ user.genssh }}" @@ -26,3 +27,10 @@ uid: "{{ user.uid|d(omit) }}" password: "{{ user.password }}" shell: "{{ user.shell }}" + +- name: "setup ssh key(s) ({{ user.name }})" + loop: "{{ user.authorized_keys|dict2items }}" + authorized_key: + user: "{{ user.name }}" + key: "{{ item.value }}" + comment: "{{ item.key }}"