From f8a6ae477ce5df68fdb51c656b39f2063a59b36e Mon Sep 17 00:00:00 2001 From: Daniel Palomar Date: Tue, 26 Sep 2017 12:50:00 +0200 Subject: [PATCH] Reorganized tasks in common role and delete small playbooks --- playbooks/users.yml | 9 ------- roles/common/tasks/install_packages.yml | 18 ++++++++++++++ roles/common/tasks/main.yml | 20 +++------------- roles/common/tasks/users.yml | 31 +++++++++++++++++++++++++ roles/common/templates/sudoer.j2 | 2 ++ 5 files changed, 54 insertions(+), 26 deletions(-) delete mode 100644 playbooks/users.yml create mode 100644 roles/common/tasks/install_packages.yml create mode 100644 roles/common/tasks/users.yml create mode 100644 roles/common/templates/sudoer.j2 diff --git a/playbooks/users.yml b/playbooks/users.yml deleted file mode 100644 index 3c21a7f..0000000 --- a/playbooks/users.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -# Add all users defined in host var. -- name: Manage users - hosts: odoo_servers - remote_user: root - roles: - - role: users - become: yes - tags: users diff --git a/roles/common/tasks/install_packages.yml b/roles/common/tasks/install_packages.yml new file mode 100644 index 0000000..03ae266 --- /dev/null +++ b/roles/common/tasks/install_packages.yml @@ -0,0 +1,18 @@ +--- +- name: install common packages + apt: + pkg={{ item }} + state=present + become: yes + with_items: + - python-dev + - libxml2 + - libxml2-dev + - libxslt1-dev + - lib32z1-dev + - libssl-dev + - zlib1g-dev + - libldap2-dev + - libsasl2-dev + - git + - wkhtmltopdf diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 03ae266..240f015 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -1,18 +1,4 @@ --- -- name: install common packages - apt: - pkg={{ item }} - state=present - become: yes - with_items: - - python-dev - - libxml2 - - libxml2-dev - - libxslt1-dev - - lib32z1-dev - - libssl-dev - - zlib1g-dev - - libldap2-dev - - libsasl2-dev - - git - - wkhtmltopdf +- include: users.yml +- include: install_packages.yml + diff --git a/roles/common/tasks/users.yml b/roles/common/tasks/users.yml new file mode 100644 index 0000000..f0b4f7f --- /dev/null +++ b/roles/common/tasks/users.yml @@ -0,0 +1,31 @@ +--- + +# Setup a default user - Work user. + +- name: create users + become: yes + user: + name="{{ item.key }}" + groups="{{ item.value.group }}" + append=yes + state="{{ item.value.state }}" + shell=/bin/bash + with_dict: "{{ users }}" + +- name: ssh keys + become: yes + authorized_key: + user={{ item.key }} + key="{{ lookup('file', item.value.key) }}" + state={{ item.value.state }} + when: item.value.state == "present" + with_dict: "{{ users }}" + +- name: add custom sudoer file + become: yes + template: + src=sudoer.j2 + dest="/etc/sudoers.d/90-{{ item.key }}" + mode=0440 + when: item.value.state == "present" + with_dict: "{{ users }}" diff --git a/roles/common/templates/sudoer.j2 b/roles/common/templates/sudoer.j2 new file mode 100644 index 0000000..fee1515 --- /dev/null +++ b/roles/common/templates/sudoer.j2 @@ -0,0 +1,2 @@ +# {{ item.key }} needs passwordless sudo functionality. +{{ item.key }} ALL=(ALL) NOPASSWD:ALL