tachtler:benutzer_mit_ansible_verwalten
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen RevisionVorhergehende ÜberarbeitungNächste Überarbeitung | Vorhergehende Überarbeitung | ||
tachtler:benutzer_mit_ansible_verwalten [2020/03/20 06:18] – [~/ansible/roles/00_user/tasks/main.yml] klaus | tachtler:benutzer_mit_ansible_verwalten [2020/03/20 13:01] (aktuell) – [/home/ansible/ansible/00_user.yml] klaus | ||
---|---|---|---|
Zeile 270: | Zeile 270: | ||
- hosts: all | - hosts: all | ||
vars_files: | vars_files: | ||
- | - / | + | - inventories/ |
roles: | roles: | ||
- { role: 00_user } | - { role: 00_user } | ||
Zeile 295: | Zeile 295: | ||
Die Definition, das das **Playbook** nachfolgende Variablen Datei verwenden soll. | Die Definition, das das **Playbook** nachfolgende Variablen Datei verwenden soll. | ||
- | * <code yaml> | + | * <code yaml> |
Die Definition, der Variablen Datei welche das **Playbook** verwenden soll. | Die Definition, der Variablen Datei welche das **Playbook** verwenden soll. | ||
Zeile 409: | Zeile 409: | ||
- "{{ users }}" | - "{{ users }}" | ||
no_log: True | no_log: True | ||
- | - name: Add users to group ' | + | - name: Add users to group ' |
user: | user: | ||
append: yes | append: yes | ||
Zeile 419: | Zeile 419: | ||
with_dict: | with_dict: | ||
- "{{ users }}" | - "{{ users }}" | ||
- | no_log: True | + | no_log: True |
+ | - name: Remove users from all groups except the primary group, if set to False. | ||
+ | user: | ||
+ | append: no | ||
+ | groups: '' | ||
+ | name: "{{ item.value.name }}" | ||
+ | when: | ||
+ | - " | ||
+ | - " | ||
+ | with_dict: | ||
+ | - "{{ users }}" | ||
+ | no_log: True | ||
</ | </ | ||
Zeile 474: | Zeile 485: | ||
* '' | * '' | ||
* mit dem Status '' | * mit dem Status '' | ||
- | * '' | + | * '' |
* '' | * '' | ||
**gelöscht** wird, **__falls dieser NICHT als aktiv gekennzeichnet ist!__** | **gelöscht** wird, **__falls dieser NICHT als aktiv gekennzeichnet ist!__** | ||
Zeile 494: | Zeile 505: | ||
* '' | * '' | ||
* mit dem Status '' | * mit dem Status '' | ||
- | * '' | + | * '' |
* '' | * '' | ||
**gelöscht** wird, **__falls dieser NICHT als aktiv gekennzeichnet ist!__** | **gelöscht** wird, **__falls dieser NICHT als aktiv gekennzeichnet ist!__** | ||
Zeile 500: | Zeile 511: | ||
:!: **HINWEIS** - **Dies bewirkt, das die Gruppe __komplett gelöscht__ wird!** | :!: **HINWEIS** - **Dies bewirkt, das die Gruppe __komplett gelöscht__ wird!** | ||
- | * <code yaml>- name: Ensure group exists. | + | * <code yaml>- name: Ensure group exists, ONLY if active. |
group: | group: | ||
gid: "{{ item.value.gid }}" | gid: "{{ item.value.gid }}" | ||
name: "{{ item.value.group }}" | name: "{{ item.value.group }}" | ||
state: present | state: present | ||
+ | when: " | ||
with_dict: | with_dict: | ||
- "{{ users }}" | - "{{ users }}" | ||
Zeile 513: | Zeile 525: | ||
* '' | * '' | ||
* mit dem Status '' | * mit dem Status '' | ||
+ | * '' | ||
* '' | * '' | ||
durchgeführt wird. | durchgeführt wird. | ||
- | * <code yaml>- name: Ansible-Host - Ensure user exists. | + | * <code yaml>- name: Ansible-Host - Ensure user exists, ONLY if active. |
user: | user: | ||
append: yes | append: yes | ||
Zeile 532: | Zeile 545: | ||
state: present | state: present | ||
uid: "{{ item.value.uid }}" | uid: "{{ item.value.uid }}" | ||
+ | when: " | ||
with_dict: | with_dict: | ||
- "{{ users }}" | - "{{ users }}" | ||
Zeile 552: | Zeile 566: | ||
* mit dem Status '' | * mit dem Status '' | ||
* '' | * '' | ||
+ | * '' | ||
* '' | * '' | ||
* '' | * '' | ||
durchgeführt wird. | durchgeführt wird. | ||
- | * <code yaml>- name: Clients - Ensure user exists. | + | * <code yaml>- name: Clients - Ensure user exists, ONLY if active. |
user: | user: | ||
append: yes | append: yes | ||
Zeile 567: | Zeile 582: | ||
state: present | state: present | ||
uid: "{{ item.value.uid }}" | uid: "{{ item.value.uid }}" | ||
+ | when: " | ||
with_dict: | with_dict: | ||
- "{{ users }}" | - "{{ users }}" | ||
Zeile 581: | Zeile 597: | ||
* mit dem Status '' | * mit dem Status '' | ||
* '' | * '' | ||
+ | * '' | ||
* '' | * '' | ||
durchgeführt wird. | durchgeführt wird. | ||
- | * <code yaml>- name: Set exclusive authorized key for users taken from file. | + | * <code yaml>- name: Set exclusive authorized key for users taken from file, ONLY if active. |
authorized_key: | authorized_key: | ||
user: "{{ item.value.name }}" | user: "{{ item.value.name }}" | ||
Zeile 590: | Zeile 607: | ||
state: present | state: present | ||
exclusive: True | exclusive: True | ||
+ | when: " | ||
with_dict: | with_dict: | ||
- "{{ users }}" | - "{{ users }}" | ||
Zeile 601: | Zeile 619: | ||
* mit dem Status '' | * mit dem Status '' | ||
* '' | * '' | ||
+ | * '' | ||
* '' | * '' | ||
durchgeführt wird. | durchgeführt wird. | ||
Zeile 609: | Zeile 628: | ||
groups: wheel | groups: wheel | ||
name: "{{ item.value.name }}" | name: "{{ item.value.name }}" | ||
- | when: " | + | when: |
+ | - " | ||
+ | - " | ||
with_dict: | with_dict: | ||
- "{{ users }}" | - "{{ users }}" | ||
Zeile 618: | Zeile 639: | ||
der Gruppe '' | der Gruppe '' | ||
* '' | * '' | ||
- | * '' | + | * '' |
+ | * '' | ||
+ | * '' | ||
+ | durchgeführt wird. | ||
+ | |||
+ | * <code yaml>- name: Remove users from all groups except the primary group, if set to False. | ||
+ | user: | ||
+ | append: no | ||
+ | groups: '' | ||
+ | name: "{{ item.value.name }}" | ||
+ | | ||
+ | - " | ||
+ | - " | ||
+ | with_dict: | ||
+ | - "{{ users }}" | ||
+ | no_log: True</ | ||
+ | |||
+ | Es wird sicher gestellt, das ein **Benutzer** des **Benutzers** aus dem **dictionary (Wörterbuch)** - '' | ||
+ | * auf **__allen__ Clients** | ||
+ | von allen Gruppen, auch '' | ||
+ | * '' | ||
+ | * '' | ||
+ | * '' | ||
* '' | * '' | ||
durchgeführt wird. | durchgeführt wird. | ||
Zeile 668: | Zeile 711: | ||
SSH password: | SSH password: | ||
Vault password: | Vault password: | ||
+ | |||
+ | PLAY [all] ********************************************************************* | ||
+ | |||
+ | TASK [Gathering Facts] ********************************************************* | ||
+ | ok: [192.168.1.20] | ||
+ | ok: [192.168.1.30] | ||
+ | |||
+ | TASK [00_user : Make sure group ' | ||
+ | ok: [192.168.1.20] | ||
+ | ok: [192.168.1.30] | ||
+ | |||
+ | TASK [00_user : Allow ' | ||
+ | changed: [192.168.1.20] | ||
+ | changed: [192.168.1.30] | ||
+ | |||
+ | TASK [00_user : Ensure user NOT exists, if NOT active.] ************************ | ||
+ | skipping: [192.168.1.20] => (item=None) | ||
+ | skipping: [192.168.1.20] => (item=None) | ||
+ | skipping: [192.168.1.20] | ||
+ | skipping: [192.168.1.30] => (item=None) | ||
+ | skipping: [192.168.1.30] => (item=None) | ||
+ | skipping: [192.168.1.30] | ||
+ | |||
+ | TASK [00_user : Ensure group NOT exists, if NOT active.] *********************** | ||
+ | skipping: [192.168.1.20] => (item=None) | ||
+ | skipping: [192.168.1.20] => (item=None) | ||
+ | skipping: [192.168.1.20] | ||
+ | skipping: [192.168.1.30] => (item=None) | ||
+ | skipping: [192.168.1.30] => (item=None) | ||
+ | skipping: [192.168.1.30] | ||
+ | |||
+ | TASK [00_user : Ensure group exists, ONLY if active.] ************************** | ||
+ | ok: [192.168.1.20] => (item=None) | ||
+ | changed: [192.168.1.30] => (item=None) | ||
+ | changed: [192.168.1.20] => (item=None) | ||
+ | changed: [192.168.1.20] | ||
+ | changed: [192.168.1.30] => (item=None) | ||
+ | changed: [192.168.1.30] | ||
+ | |||
+ | TASK [00_user : Ansible-Host - Ensure user exists, ONLY if active.] ************ | ||
+ | changed: [192.168.1.20 -> 127.0.0.1] => (item=None) | ||
+ | changed: [192.168.1.30 -> 127.0.0.1] => (item=None) | ||
+ | changed: [192.168.1.20 -> 127.0.0.1] => (item=None) | ||
+ | changed: [192.168.1.20] | ||
+ | changed: [192.168.1.30 -> 127.0.0.1] => (item=None) | ||
+ | changed: [192.168.1.30] | ||
+ | |||
+ | TASK [00_user : Clients - Ensure user exists, ONLY if active.] ***************** | ||
+ | changed: [192.168.1.20] => (item=None) | ||
+ | changed: [192.168.1.30] => (item=None) | ||
+ | changed: [192.168.1.20] => (item=None) | ||
+ | changed: [192.168.1.20] | ||
+ | changed: [192.168.1.30] => (item=None) | ||
+ | changed: [192.168.1.30] | ||
+ | |||
+ | TASK [00_user : Set exclusive authorized key for users taken from file, ONLY if active.] *** | ||
+ | ok: [192.168.1.20] => (item=None) | ||
+ | changed: [192.168.1.30] => (item=None) | ||
+ | changed: [192.168.1.20] => (item=None) | ||
+ | changed: [192.168.1.20] | ||
+ | changed: [192.168.1.30] => (item=None) | ||
+ | changed: [192.168.1.30] | ||
+ | |||
+ | TASK [00_user : Add users to group ' | ||
+ | ok: [192.168.1.20] => (item=None) | ||
+ | skipping: [192.168.1.20] => (item=None) | ||
+ | ok: [192.168.1.20] | ||
+ | changed: [192.168.1.30] => (item=None) | ||
+ | skipping: [192.168.1.30] => (item=None) | ||
+ | changed: [192.168.1.30] | ||
+ | |||
+ | TASK [00_user : Remove users from all groups except the primary group, if set to False.] *** | ||
+ | skipping: [192.168.1.20] => (item=None) | ||
+ | skipping: [192.168.1.30] => (item=None) | ||
+ | ok: [192.168.1.20] => (item=None) | ||
+ | ok: [192.168.1.20] | ||
+ | ok: [192.168.1.30] => (item=None) | ||
+ | ok: [192.168.1.30] | ||
+ | |||
+ | PLAY RECAP ********************************************************************* | ||
+ | 192.168.1.20 | ||
+ | 192.168.1.30 | ||
</ | </ | ||
tachtler/benutzer_mit_ansible_verwalten.1584681505.txt.gz · Zuletzt geändert: 2020/03/20 06:18 von klaus