aboutsummaryrefslogtreecommitdiffstats
path: root/roles/unix_users/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'roles/unix_users/tasks')
-rw-r--r--roles/unix_users/tasks/main.yml39
1 files changed, 39 insertions, 0 deletions
diff --git a/roles/unix_users/tasks/main.yml b/roles/unix_users/tasks/main.yml
new file mode 100644
index 0000000..291e134
--- /dev/null
+++ b/roles/unix_users/tasks/main.yml
@@ -0,0 +1,39 @@
+---
+
+- name: retrieve all users
+ ansible.builtin.getent:
+ database: passwd
+ register: unix_users__register_getent
+
+- name: parse all users in uid range
+ ansible.builtin.set_fact:
+ unix_users__parsed_getent: "[
+ {% for name, attributes in
+ unix_users__register_getent.ansible_facts.getent_passwd.items() %}
+ {{ { 'name': name, 'uid': (attributes[2] | int) } }},
+ {% endfor %}
+ ]"
+
+- name: retrieve minimum available uid
+ ansible.builtin.set_fact:
+ unix_users__available_uid_min: "{{ unix_users__parsed_getent
+ | map(attribute='uid')
+ | select('in', unix_users__enabled_uid_slots)
+ | max
+ | default(unix_users__enabled_uid_min)
+ | int }}"
+
+- name: create user with specific uid
+ ansible.builtin.user:
+ name: "{{ item.username }}"
+ uid: "{{ (unix_users__available_uid_min | int) + (index | int) }}"
+ loop: "{{ unix_users__users }}"
+ loop_control:
+ index_var: index
+ when: item.username not in (unix_users__parsed_getent | map(attribute='name'))
+
+- name: update user informations
+ ansible.builtin.user:
+ name: "{{ item.username }}"
+ comment: "{{ item.comment | normalize_unicode_to_ansii }}"
+ loop: "{{ unix_users__users }}"
remember that computers suck.