aboutsummaryrefslogtreecommitdiffstats
path: root/roles/unix_users/tasks/main.yml
blob: 291e134cbf9069deac2376c434e6af724dd4efcf (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
---

- name: retrieve all users
  ansible.builtin.getent:
    database: passwd
  register: unix_users__register_getent

- name: parse all users in uid range
  ansible.builtin.set_fact:
    unix_users__parsed_getent: "[
      {% for name, attributes in
        unix_users__register_getent.ansible_facts.getent_passwd.items() %}
      {{ { 'name': name, 'uid': (attributes[2] | int) } }},
      {% endfor %}
      ]"

- name: retrieve minimum available uid
  ansible.builtin.set_fact:
    unix_users__available_uid_min: "{{ unix_users__parsed_getent
      | map(attribute='uid')
      | select('in', unix_users__enabled_uid_slots)
      | max
      | default(unix_users__enabled_uid_min)
      | int }}"

- name: create user with specific uid
  ansible.builtin.user:
    name: "{{ item.username }}"
    uid: "{{ (unix_users__available_uid_min | int) + (index | int) }}"
  loop: "{{ unix_users__users }}"
  loop_control:
    index_var: index
  when: item.username not in (unix_users__parsed_getent | map(attribute='name'))

- name: update user informations
  ansible.builtin.user:
    name: "{{ item.username }}"
    comment: "{{ item.comment | normalize_unicode_to_ansii }}"
  loop: "{{ unix_users__users }}"
remember that computers suck.