Verified Commit cc5b5af4 authored by rlacko's avatar rlacko 💬
Browse files

Fix reused user variable in user creation

parent 7b7e771d
......@@ -16,7 +16,7 @@
when: base_users is defined
loop: "{{ base_users }}"
loop_control:
loop_var: user
loop_var: base_user
- name: Install basic packages
import_tasks: packages.yml
......
---
- name: Print current user
debug:
msg: "{{ user }}"
msg: "{{ base_user }}"
- name: "Create group for user"
group:
name: "{{ user.name }}"
name: "{{ base_user.name }}"
- name: "Create user"
user:
name: "{{ user.name }}"
comment: "{{ user.comment | default('') }}"
group: "{{ user.name }}"
shell: "/bin/{{ user.shell | default('bash') }}"
name: "{{ base_user.name }}"
comment: "{{ base_user.comment | default('') }}"
group: "{{ base_user.name }}"
shell: "/bin/{{ base_user.shell | default('bash') }}"
- name: "SUDO"
user:
name: "{{ user.name }}"
name: "{{ base_user.name }}"
append: true
groups:
- sudo
when: user.sudo
when: base_user.sudo
- name: Insert sudoer file content
template:
src: base-role/etc/sudoers.d/user.j2
dest: /etc/sudoers.d/{{ user.name }}
dest: /etc/sudoers.d/{{ base_user.name }}
mode: 0600
owner: root
group: root
when: user.passwordless_sudo
when: base_user.passwordless_sudo
- name: "Set password to be expired"
command: passwd --delete '{{ user.name }}'
when: not user.passwordless_sudo
command: passwd --delete '{{ base_user.name }}'
when: not base_user.passwordless_sudo
- name: Set authorized keys
ansible.posix.authorized_key:
user: "{{ user.name }}"
user: "{{ base_user.name }}"
state: present
key: "{{ user.ssh_key }}"
key: "{{ base_user.ssh_key }}"
manage_dir: yes
exclusive: yes
when: user.ssh_key is defined
when: base_user.ssh_key is defined
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment