user initial commit

user/README.md

@@ -0,0 +1,71 @@
+# Role user
+
+A role to create users.
+
+# Usage
+
+Include in role:
+
+```yaml
+- hosts: all
+  role:
+    - user
+
+```
+
+In group_vars or host_vars:
+
+```yaml
+group:
+  - groupname
+
+user:
+  - name: piet
+    password: "(See link below)"
+    home: /home/piet
+    createhome: yes
+    groups: automotive
+    state: present
+    shell: /bin/bash
+    generate_ssh_keys: yes
+    sshpubkey: "ssh-rsa AA...BB"
+    sshpubkeys: 
+      - "ssh-rsa AA...BB"
+      - "ssh-rsa AA...BB"
+```
+
+
+## Requirements / Dependencies
+
+* None
+
+## Supported system
+
+* Ubuntu
+
+## Installation
+
+No extra steps needed.
+
+## Role Variables
+
+|Name|Type|Description|Default|
+|----|----|-----------|-------|
+`name`|string|username|`-`
+`password`|string|password|`-`
+`update_password`|string|update_password|`on_create`
+`home`|string|homefolder|`-`
+`createhome`|bool|optional|`yes`
+`groups`|string|optional|`users`
+`state`|string|optional|`present`
+`shell`|string|optional|`/bin/bash`
+`generate_ssh_keys`|bool|optional|`no`
+`sshpubkey`|string|optional|`"ssh-rsa AA...BB"`
+`sshpubkeys`|list|optional|`"- ssh-rsa AA...BB"`
+
+
+## Generate user password hash:
+
+pwgen -s -1 | tee pwd | mkpasswd -m sha-512 -s ;cat pwd
+
+http://docs.ansible.com/faq.html#how-do-i-generate-crypted-passwords-for-the-user-module

user/tasks/main.yml

@@ -0,0 +1,67 @@
+---
+
+- name: create groups
+  group:
+    name={{ item }}
+  with_items: '{{group}}'
+  when: group is defined
+  tags: user
+
+- name: create users
+  user: 
+    name={{ item.name }}
+    password={{ item.password }}
+    home={{ item.home }}
+    createhome={{ item.createhome|default("yes") }}
+    groups={{ item.groups|default("users") }}
+    append=yes
+    state={{ item.state|default("present") }}
+    shell={{ item.shell|default("/bin/bash") }}
+    update_password={{ item.update_password|default("on_create") }}
+    generate_ssh_key={{ item.generate_ssh_key|default("yes") }}
+  with_items: '{{user}}'
+  when: user is defined
+  tags: user
+
+- name: create {{ item.home }}/.ssh/
+  file:
+    path={{ item.home }}/.ssh
+    state=directory
+    group={{ item.name }}
+    owner={{ item.name }}
+    mode=0700
+  with_items: '{{user}}'
+  when: user is defined and (item.sshpubkey is defined or item.sshpubkeys is defined)
+  ignore_errors: true
+  tags: user
+
+- name: create .ssh/authorized_keys
+  file:
+    path={{ item.home }}/.ssh/authorized_keys
+    state=touch
+  with_items: '{{user}}'
+  when: user is defined and item.sshpubkey is defined
+  ignore_errors: true
+  tags: user
+
+- name: add ssh-pub-key
+  lineinfile:
+    dest={{ item.home }}/.ssh/authorized_keys
+    line={{ item.sshpubkey }}
+  with_items: '{{user}}'
+  when: user is defined and item.sshpubkey is defined
+  ignore_errors: true
+  tags: user
+
+- name: add ssh-pub-key via template
+  template:
+    src=authorized_keys.j2
+    dest={{ item.home }}/.ssh/authorized_keys
+    backup=yes
+  with_items: '{{user}}'
+  when: user is defined and item.sshpubkeys is defined
+  ignore_errors: true
+  tags:
+    - user
+    - sshpubkeys
+

user/templates/authorized_keys.j2

@@ -0,0 +1,5 @@
+{% set sshpubkeys    = item.sshpubkeys|default(false) %}
+{% for sshkey in sshpubkeys %}
+{{ sshkey }}
+{% endfor %}
+