diff --git a/accounts.yml b/accounts.yml new file mode 100644 index 00000000..46a1f996 --- /dev/null +++ b/accounts.yml @@ -0,0 +1,6 @@ +- name: default configuration + hosts: all + gather_facts: no + become: yes + roles: + - accounts diff --git a/common.yml b/common.yml index 5eed2f88..ab4bae7a 100644 --- a/common.yml +++ b/common.yml @@ -4,3 +4,4 @@ become: yes roles: - common + - accounts diff --git a/group_vars/all/accounts.yml b/group_vars/all/accounts.yml new file mode 100644 index 00000000..bd802ed8 --- /dev/null +++ b/group_vars/all/accounts.yml @@ -0,0 +1,149 @@ +--- +accounts__users: + cquest: + uid: 1202 + admin: true + + jocelyn: + uid: 1203 + admin: true + + marc_marc: + uid: 1216 + admin: true + + achetta: + uid: 1236 + + apavie: + uid: 1211 + + cgiquello: + uid: 1212 + + cormoran: + uid: 1219 + + davidbgk: + uid: 1251 + + don-vip: + uid: 1247 + + driss: + uid: 1224 + + etienne: + uid: 1213 + + eloks: + uid: 1214 + + famlam: + uid: 1250 + + flacombe: + uid: 1246 + + francois2: + uid: 1221 + + fred: + uid: 1205 + + gileri: + uid: 1311 + + guillaumeamat: + uid: 1235 + + gpelloux: + uid: 1237 + + hamlet: + uid: 1305 + + jacques: + uid: 1306 + + jben: + uid: 1206 + + jgcailton: + uid: 1207 + + juliep: + uid: 1210 + + karl: + uid: 1238 + + lcombe: + uid: 1215 + + ljbouere: + uid: 1248 + + mael: + uid: 1218 + + nlehuby: + uid: 1220 + + nmoyroud: + uid: 1226 + + panieravide: + uid: 1230 + + phyks: + uid: 1233 + + pyrog: + uid: 1333 + + redfox: + uid: 1209 + + rodolphe: + uid: 1208 + + rvoirin: + uid: 1308 + + sly: + uid: 1209 + + stephanec: + uid: 1225 + + teslix: + uid: 1222 + + thomasg77: + uid: 1249 + + thomasl: + uid: 1210 + + thorieux: + uid: 1229 + + thrrp: + uid: 1310 + + tykayn: + uid: 1312 + + tyndare: + uid: 1212 + + vdct: + uid: 1217 + + ybon: + uid: 1223 + + ydel: + uid: 1313 +... diff --git a/roles/accounts/defaults/main.yml b/roles/accounts/defaults/main.yml new file mode 100644 index 00000000..c61f82ee --- /dev/null +++ b/roles/accounts/defaults/main.yml @@ -0,0 +1,3 @@ +--- +accounts__users: {} +... diff --git a/roles/accounts/files/default.gitconfig b/roles/accounts/files/default.gitconfig new file mode 100644 index 00000000..98421525 --- /dev/null +++ b/roles/accounts/files/default.gitconfig @@ -0,0 +1,13 @@ +[color] + diff = auto + status = auto + branch = auto +[alias] + st = status + ci = commit + br = branch + cp = cherry-pick + logf = log --follow +[log] + decorate = short + diff --git a/roles/accounts/files/default.vimrc b/roles/accounts/files/default.vimrc new file mode 100644 index 00000000..ac3ac296 --- /dev/null +++ b/roles/accounts/files/default.vimrc @@ -0,0 +1,16 @@ +colorscheme elflord +syn on +set ruler +set noai +set title + +set is " incremental search +set hlsearch + +set foldlevel=500 + +" Pour se souvenir de la dernière position dans le fichier +autocmd BufReadPost * + \ if line("'\"") > 0 && line("'\"") <= line("$") | + \ exe "normal g`\"" | + \ endif diff --git a/roles/accounts/tasks/account.yml b/roles/accounts/tasks/account.yml new file mode 100644 index 00000000..a921ee8f --- /dev/null +++ b/roles/accounts/tasks/account.yml @@ -0,0 +1,41 @@ +--- +- name: Set {{ user }} group + group: + name: "{{ user }}" + +- name: Set {{ user }} account + user: + group: "{{ user }}" + home: "/home/{{ user }}/" + name: "{{ user }}" + uid: "{{ uid }}" + +- name: Initialise /data/work/ folder for {{ user }} + file: + path: /data/work/{{ user }} + state: directory + group: "{{ user }}" + owner: "{{ user }}" + +- name: Copy SSH key of user {{ user }} + authorized_key: + user: "{{ user }}" + key: "{{ lookup('file', file) }}" + with_fileglob: + - "public_keys/{{ user }}*" + loop_control: + loop_var: file + +- name: Copy default config files + copy: + force: false + src: "default{{ file }}" + dest: "/home/{{ user }}/{{ file }}" + group: "{{ user }}" + owner: "{{ user }}" + loop: + - .gitconfig + - .vimrc + loop_control: + loop_var: file +... diff --git a/roles/accounts/tasks/main.yml b/roles/accounts/tasks/main.yml new file mode 100644 index 00000000..1d3db707 --- /dev/null +++ b/roles/accounts/tasks/main.yml @@ -0,0 +1,9 @@ +--- +- name: Set accounts + include_tasks: account.yml + vars: + user: "{{ item.user }}" + uid: "{{ item.value.uid }}" + loop: "{{ accounts__users | dict2items(key_name = 'user') }}" + when: "item.user in group_names or (item.value.admin | default(false))" +... diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index b5c306d0..9bcc2341 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -401,145 +401,6 @@ - /data/project - /data/work -- include: ../../../shared/account.yml user=cquest uid=1202 -- include: ../../../shared/account.yml user=jocelyn uid=1203 -- include: ../../../shared/account.yml user=marc_marc uid=1216 - -- include: ../../../shared/account.yml user=achetta uid=1236 - when: "'achetta' in group_names" - -- include: ../../../shared/account.yml user=apavie uid=1211 - when: "'apavie' in group_names" - -- include: ../../../shared/account.yml user=cgiquello uid=1212 - when: "'cgiquello' in group_names" - -- include: ../../../shared/account.yml user=cormoran uid=1219 - when: "'cormoran' in group_names" - -- include: ../../../shared/account.yml user=davidbgk uid=1251 - when: "'davidbgk' in group_names" - -- include: ../../../shared/account.yml user=don-vip uid=1247 - when: "'don-vip' in group_names" - -- include: ../../../shared/account.yml user=driss uid=1224 - when: "'driss' in group_names" - -- include: ../../../shared/account.yml user=etienne uid=1213 - when: "'etienne' in group_names" - -- include: ../../../shared/account.yml user=eloks uid=1214 - when: "'eloks' in group_names" - -- include: ../../../shared/account.yml user=famlam uid=1250 - when: "'famlam' in group_names" - -- include: ../../../shared/account.yml user=flacombe uid=1246 - when: "'flacombe' in group_names" - -- include: ../../../shared/account.yml user=francois2 uid=1221 - when: "'francois2' in group_names" - -- include: ../../../shared/account.yml user=fred uid=1205 - when: "'fred' in group_names" - -- include: ../../../shared/account.yml user=gileri uid=1311 - when: "'gileri' in group_names" - -- include: ../../../shared/account.yml user=guillaumeamat uid=1235 - when: "'guillaumeamat' in group_names" - -- include: ../../../shared/account.yml user=gpelloux uid=1237 - when: "'gpelloux' in group_names" - -- include: ../../../shared/account.yml user=hamlet uid=1305 - when: "'hamlet' in group_names" - -- include: ../../../shared/account.yml user=jacques uid=1306 - when: "'jacques' in group_names" - -- include: ../../../shared/account.yml user=jben uid=1206 - when: "'jben' in group_names" - -- include: ../../../shared/account.yml user=jgcailton uid=1207 - when: "'jgcailton' in group_names" - -- include: ../../../shared/account.yml user=juliep uid=1210 - when: "'juliep' in group_names" - -- include: ../../../shared/account.yml user=karl uid=1238 - when: "'karl' in group_names" - -- include: ../../../shared/account.yml user=lcombe uid=1215 - when: "'lcombe' in group_names" - -- include: ../../../shared/account.yml user=ljbouere uid=1248 - when: "'ljbouere' in group_names" - -- include: ../../../shared/account.yml user=mael uid=1218 - when: "'mael' in group_names" - -- include: ../../../shared/account.yml user=nlehuby uid=1220 - when: "'nlehuby' in group_names" - -- include: ../../../shared/account.yml user=nmoyroud uid=1226 - when: "'nmoyroud' in group_names" - -- include: ../../../shared/account.yml user=panieravide uid=1230 - when: "'panieravide' in group_names" - -- include: ../../../shared/account.yml user=phyks uid=1233 - when: "'phyks' in group_names" - -- include: ../../../shared/account.yml user=pyrog uid=1333 - when: "'pyrog' in group_names" - -- include: ../../../shared/account.yml user=redfox uid=1209 - when: "'redfox' in group_names" - -- include: ../../../shared/account.yml user=rodolphe uid=1208 - when: "'rodolphe' in group_names" - -- include: ../../../shared/account.yml user=rvoirin uid=1308 - when: "'rvoirin' in group_names" - -- include: ../../../shared/account.yml user=sly uid=1209 - when: "'sly' in group_names" - -- include: ../../../shared/account.yml user=stephanec uid=1225 - when: "'stephanec' in group_names" - -- include: ../../../shared/account.yml user=teslix uid=1222 - when: "'teslix' in group_names" - -- include: ../../../shared/account.yml user=thomasg77 uid=1249 - when: "'thomasg77' in group_names" - -- include: ../../../shared/account.yml user=thomasl uid=1210 - when: "'thomasl' in group_names" - -- include: ../../../shared/account.yml user=thorieux uid=1229 - when: "'thorieux' in group_names" - -- include: ../../../shared/account.yml user=thrrp uid=1310 - when: "'thrrp' in group_names" - -- include: ../../../shared/account.yml user=tykayn uid=1312 - when: "'tykayn' in group_names" - -- include: ../../../shared/account.yml user=tyndare uid=1212 - when: "'tyndare' in group_names" - -- include: ../../../shared/account.yml user=vdct uid=1217 - when: "'vdct' in group_names" - -- include: ../../../shared/account.yml user=ybon uid=1223 - when: "'ybon' in group_names" - -- include: ../../../shared/account.yml user=ydel uid=1313 - when: "'ydel' in group_names" - - name: add default sudoers copy: src: sudoers diff --git a/shared/account.yml b/shared/account.yml deleted file mode 100644 index 231b2cb3..00000000 --- a/shared/account.yml +++ /dev/null @@ -1,32 +0,0 @@ -- name: Check if user {{ user }} exists - action: shell /usr/bin/getent passwd {{ user }} - register: user_exist - ignore_errors: True - changed_when: "user_exist.rc != 0" - tags: user_creation - -- name: init user {{ user }} - user: name={{ user }} home=/home/{{ user }}/ shell=/bin/bash uid={{ uid }} - when: user_exist.changed - tags: user_creation - -- name: init group {{ user }} - group: name={{ user }} - tags: user_creation - -- name: init /data/work/ path for {{ user }} - file: path=/data/work/{{ user }} state=directory owner={{ user }} group={{ user }} - tags: user_creation - -- name: init ssh key to user {{ user }} - authorized_key: user={{ user }} key="{{ lookup('file',item) }}" - tags: user_creation - with_fileglob: - - "{{ lookup('env','PWD') }}/public_keys/{{ user }}*" - -- name: copy default config files - copy: force=no src="shared/files/default{{ item }}" dest="/home/{{ user }}/{{ item }}" owner={{ user }} group={{ user }} - tags: user_creation - with_items: - - .gitconfig - - .vimrc