Home Explore Help
Sign In
ffdo-infrastruktur
/
ffdo-ansible
mirror of https://github.com/ffdo/ffdo-ansible.git
5
0
Fork 0
Files
Tree: 9e232bd885
Branches Tags
ffdo-ansible
/
galaxy-roles
/
usermanage
Till Klocke 952a314cfc Fixed problem in template of role debops.radvd. Our interface bat0 is not always available as a fact in ansible, therefore the variable ansible_bat0 is then missing 9 years ago
..
defaults 16dad0839c Added requirements.yml and galaxy-roles to manage and install third party roles 9 years ago
library 16dad0839c Added requirements.yml and galaxy-roles to manage and install third party roles 9 years ago
meta 952a314cfc Fixed problem in template of role debops.radvd. Our interface bat0 is not always available as a fact in ansible, therefore the variable ansible_bat0 is then missing 9 years ago
tasks 16dad0839c Added requirements.yml and galaxy-roles to manage and install third party roles 9 years ago
templates 16dad0839c Added requirements.yml and galaxy-roles to manage and install third party roles 9 years ago
test 16dad0839c Added requirements.yml and galaxy-roles to manage and install third party roles 9 years ago
.gitignore 16dad0839c Added requirements.yml and galaxy-roles to manage and install third party roles 9 years ago
.kitchen.yml 16dad0839c Added requirements.yml and galaxy-roles to manage and install third party roles 9 years ago
.travis.yml 16dad0839c Added requirements.yml and galaxy-roles to manage and install third party roles 9 years ago
Gemfile 16dad0839c Added requirements.yml and galaxy-roles to manage and install third party roles 9 years ago
README.md 16dad0839c Added requirements.yml and galaxy-roles to manage and install third party roles 9 years ago

README.md

ansible-usermanage

Build Status

What

This playbook was developed to manage users, groups, teams and SSH keys in multi node environment. It supports two modes simple and advanced mode

How

Simple Mode

You define your user in a variable usermanage_usersdb. You can define that differnetly per host our group.

usermanage_usersdb: 
  daniels: 
    comment: "Jack daniels"
    state: "present"
    keys: 
      - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLql1khoXEH/pThpLSDwJNBIEHkjrBggjEvRCqCFYvE1Neavc6iuLSzjLdnj74LNrPEjY+xcjAcPmgwxo8+WKpLL7Iy8e9IGH3lwB05x9jfnw2H1ZRnZZxF+wV/ei/vfCmRyt2cqv+DLomg18RDTnyTk2pvSEvL0xkRn5QRbzxqbnB+9xmItTjdtq/ZDYRgFYn2ZPfokFyyr3KpwpK0gNcpFhCF94CvExKpu6SFPTv+ERnFvHEN9d8SlzwkyCP4yqrfOjFuVUuZf2FtAkDx0d4cXo0i7VUM/hOthUNFpmljZLhkxafPxwp50Q/xRe7MvDQMrEPGPZ/pubOwzqVmMWH"
      - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxAqbTlltSFlRY+gQyAx3j0W+WDnahZYbECAXiwNqAHG7PP8GSEDVkfZTkJdlu9PoB/B3nW2R/Q3//IxUfzRsUnjUzl0WXbhz331n5bHtgJlg82MGqwbNjN0yMR/GB4pQKeExYOLKi/7jI/wkOAJ4X9Bv9skEK/mHAWWPrBf/5C5qWUOxVC1+he3iaU+LSbiL6uiNs8S49fiGno8tBkBFgth+9gqdCLRAFVe2dzJJK1nSQTffHCs12pJs2S3yBD9KkUQJO51tByP4qO3549iwLo8hQnqtFULMpL+NN5Muk1bFZ2jW+0Sri1bhVS58llZCuoENZsLf/+xejbfwJAk4h"
        key_options: no-port-forwarding
  gin: 
    comment: "Gordons Gin"
    keys: 
      - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCcoo+eU8+k7QYpKbZwOQwiMpeklQcmEyLTsJr0RLTeqsHkIh8rFWyMZURDZ5pgEGo3iXZD+dqM28agy2Pw68/V0wht/9n0PjmUVZgkWIas162w3vZrJENDi8wAo4ojQJf0lZf63K8AxoB12fF+QdR7jfTLrz2bCxv9XaHKm7nYGtRO0f8ETgvwpIS2jN0mPAD7qnCFvLtbaxd/UzsQS5M8Au42+9zdn78Atm7gtKY9uR5U1Jwrop8KipXf0wAtMo39Xc9P8hGbYGA1jkbcG2x1LI7G9L+PddxeZjpkW2Uv559YJDRjBJfJAfp6K4HGV5uXITSMVDY9KBYvepolrlul"
    shell: /bin/zsh
    uid: 2300
  vodaka: 
    comment: "Savvy Vodka"
    state: "absent"
    keys: 
      - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2Pq3M7AgeBjmNII6HGsKd2uaXFIfaljpNg1Rf6y3iGP84wC82bMfZTSIhnzJ4qwHj7Bzn8oiMmqtyeGcmEwLXm5f7mk3lj9NmxUEfbuWsPoSX4VHIney0F2cjrYRAHua8vZ50OrqYvRaBNttx+pCsub/Kw/t91PQvz7s5ML12DfhlfbE5f/g+ZrKHBxsn6Vw0VqN1Cx5cecaN+9NbdwTV25/RVsXC6v9TQlIqWR+znt4ZVxUSCTAbGc51tmauoleZee2XBkAO7xmJ7zPQEndhErq/zm0euZGx1xGIjQ7dVBK8t1ah2UdBS4pSHgjhDulo0hr4gIubQ0FSV+8cWCNN"

Basically usermanage_usersdb is a dictionary of users each user will accept all options defined in user ansible module

A special argument keys which is a list of keys that will be created for that user, each key can accept all options defined in authorized key module

Group Management

To manage groups you can define usermanage_groupsdb as a list. You must define atleast the name of group and optional state,gid and system.

usermanage_groupsdb  :
      - name         : "group1"
        state        : "present"
        gid          : "5000"
        system       : "true"

      - name         : "group2"
        state        : "present"
        gid          : "5001"
        system       : "false"

      - name         : "group3"

      - name         : "group4"
        state        : "absent"

Some *nix system does not support creating the primary group for each user with the same name. If you want to enable that functionality for systems that does not support it. just enable that flag.

usermanage_create_per_user_group            : true

Users DB Sources

** TODO **

Advanced mode

ToDo document

teams

ToDo document

Private Key

ToDo document