-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
main.yml
35 lines (30 loc) · 1.28 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
---
defaults_sa:
users: {}
groups: {}
group_nesting:
enable: true # if nested groups will be supported/processed; when set to false only direct members are processed
max_depth: 10
SYS_AUTH: "{{ defaults_sa | combine(system_auth, recursive=true) }}"
defaults_group:
state: 'present'
defaults_user:
password_change: true # if the password must be changed if the user was updated (normally only after first run)
force_password_change: false
always_update_password: false
shell: '/bin/bash'
comment: 'Ansible managed'
comment_prefix: 'Ansible managed - ' # will be prepended if not default comment
groups: []
append_groups: true # will not be evaluated while processing SYS_AUTH.groups
state: 'present'
remove: false # if the files related to the user should be removed once he/she/it gets deleted
force_remove: false # force delete the above
sudoers_file_prefix: 'user_priv'
sudoers_prompt: false # if user should be prompted for password
sshpub_path:
# IF NOT SET: uses default of posix.authorized_key module '~/.ssh/authorized_keys'
# per example: '/etc/ssh/authorized_keys/${USER}' or '/home/${USER}/.ssh/authorized_keys'
bashrc: [] # lines to append to bashrc
SYS_AUTH_HC:
sshpub_user_var: '${USER}' # '${USER}' will be replaced by the user's name