roles/users/tasks/main.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38


# users ~~ roles/users/tasks/main.yml
# Manage default users

---

- name: retrieve available users
  shell: awk -F ":" '{ if($3 == 0 || $3 > 999 && $3 < 16000) { print $1 }}' /etc/passwd
  register: valid_users_shell

- name: change shell to zsh for all valid users
  user: name="{{ item }}" shell="{{ path_zsh }}"
  loop: "{{ valid_users_shell.stdout_lines }}"

- name: add operator user
  user:
    name: "{{ user_op }}"
    comment: Operator user
    group: "{{ group_root }}"

- name: remove default users
  user:
    name: "{{ item }}"
    state: absent
    remove: true
  loop:
    - toor
    - pi

- name: generate doas configuration
  template:
    src: doas.conf.j2
    dest: "{{ path_doasconfig }}"
    owner: root
    group: "{{ group_root }}"
    mode: 0644
  when: ansible_become_method == "doas" or ansible_distribution == "OpenBSD"