Skip to content

Rickkwa/ansible-user-management

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
defaults
defaults
 
 
meta
meta
 
 
molecule
molecule
 
 
tasks
tasks
 
 
vars
vars
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
.yamllint
.yamllint
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 

Repository files navigation

Ansible User Management Role

Build Status Ansible Role license

Manages user accounts, groups, and sudoers using a centralized user/group inventory.

The role takes on a centralized and flat approach. It contains all user and group information in one place, instead of overriding the user/group inventory on a per host/group basis. Using host_vars/group_vars to give users different access to different systems can lead to uncertainty if a host belongs to multiple host groups with conflicting user/group inventories. When that happens, it's up to Ansible to choose which group has priority. With the flat and centralized approach that this role uses, you can define which host groups the user/group should or should not be in.

Requirements

  • Ansible 2.5+

User and Group Inventory Variables

User

The user inventory is a list containing the details of each user. This list is stored in vars/users.yml and each item of the list is a dict that has the following fields:

Field Required Type Default Description
name yes string undefined User's login name.
rel_uid yes int undefined Relative UID in this inventory list. The group's UID would be rel_uid + um_uid_base.
present no list[str] ['all'] List of ansible defined host groups containing the hosts that the user should be on.
absent no list[str] [] List of host groups containing the hosts that the user should not be on. This setting takes precedence over present.
passwd yes string undefined Hashed password for account. See this ansible doc on how you should generate the hashed password.
authorized_keys no string/list[str] omit A single pubkey or list of pubkeys to include in the user's authorized_keys file.
groups no list[str] omit A list of groups that the user should belong in.

Group

The group inventory is a list containing the details of each group. This list is stored in vars/groups.yml and each item of the list is a dict that has the following fields:

Field Required Type Default Description
name yes string undefined Group name.
rel_gid yes int undefined Relative GID in this inventory list. The group's GID would be rel_gid + um_gid_base.
present no list[str] ['all'] List of ansible defined host groups containing the hosts that the group should be on.
absent no list[str] [] List of host groups containing the hosts that the group should not be on. This setting takes precedence over present.
sudoer no string omit File content for the sudoer file associated with this group.

License

MIT. See LICENSE for more information.

About

Ansible user management role.

Topics

linux ansible user-manager ansible-role user-management ansible-galaxy linux-users linux-administration

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases 1

Version 1.0.0 Latest
Jul 14, 2018

Packages

No packages published

Contributors 2

  •  
  •  

Languages