Update the role

Stouts · Sep 10, 2014 · 3fc5ad8 · 3fc5ad8
1 parent c0b78e1
commit 3fc5ad8
Show file tree

Hide file tree

Showing 4 changed files with 55 additions and 15 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -23,12 +23,21 @@ script:
     && (echo 'Idempotence test: pass' && exit 0)
     || (echo 'Idempotence test: fail' && exit 1)
 
+  # Should be existed
   - sudo cat /etc/passwd | grep testuser || exit 1
+
+  # Shouldn't be existed
+  - sudo cat /etc/passwd | grep wronguser && exit 1
+
+  # Should be presented
   - sudo cat /home/testuser/.ssh/authorized_keys | grep TESTKEY || exit 1
 
+# Variables
 users_groups: [testgroup]
-users_users:
+users_users: [testuser, wronguser]
+users_to_install: [testuser]
+users_ssh_keys:
   - name: testuser
-    ssh_keys:
-      - ssh-rsa TESTKEY
+    authorized:
+    - ssh-rsa TESTKEY
 
diff --git a/README.md b/README.md
@@ -26,8 +26,20 @@ users_users: []                 # Create users
                                 #     - name: name1
                                 #       groups: admin,sudo
                                 #       shell: /bin/zsh
-                                #       ssh_keys:
-                                #         - ssh-rsa KEY-WILL-BE-ADDED-TO-AUTHORIZED-KEYS
+
+users_ssh_keys: []              # Assign allowed keys to users
+                                #   users_ssh_keys:
+                                #   - name: username1
+                                #     authorized:
+                                #     - ssh-rsa KEY-WILL-BE-ADDED-TO-AUTHORIZED-KEYS
+                                #     - ssh-rsa KEY-WILL-BE-ADDED-TO-AUTHORIZED-KEYS
+                                #   - name: username2
+                                #     authorized:
+                                #      - ssh-rsa KEY-WILL-BE-ADDED-TO-AUTHORIZED-KEYS
+
+users_to_install: []            # List of usernames. If not empty only users from the list will be installed.
+                                # So that way you could keep a huge list of users somewhere and install only
+                                # some of them in special environments.
 
 users_shell: /bin/bash          # Default user shell
 
@@ -50,10 +62,14 @@ Example:
 
   vars:
     users_groups: [admin]
-    users_users:
-      - name: klen
-        ssh_keys:
-          - ssh-rsa KEY-HERE
+    users_users: [tom, jerry]
+    users_ssh_keys:
+    - name: tom
+      authorized: 
+      - ssh-rsa KEY-HERE
+    - name: jerry
+      authorized: 
+      - ssh-rsa KEY-HERE
 
 ```
 

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -19,8 +19,20 @@ users_users: []                 # Create users
                                 #     - name: name1
                                 #       groups: admin,sudo
                                 #       shell: /bin/zsh
-                                #       ssh_keys:
-                                #         - ssh-rsa KEY-WILL-BE-ADDED-TO-AUTHORIZED-KEYS
+
+users_ssh_keys: []              # Assign allowed keys to users
+                                #   users_ssh_keys:
+                                #   - name: username1
+                                #     authorized:
+                                #     - ssh-rsa KEY-WILL-BE-ADDED-TO-AUTHORIZED-KEYS
+                                #     - ssh-rsa KEY-WILL-BE-ADDED-TO-AUTHORIZED-KEYS
+                                #   - name: username2
+                                #     authorized:
+                                #      - ssh-rsa KEY-WILL-BE-ADDED-TO-AUTHORIZED-KEYS
+
+users_to_install: []            # List of usernames. If not empty only users from the list will be installed.
+                                # So that way you could keep a huge list of users somewhere and install only
+                                # some of them in special environments.
 
 users_shell: /bin/bash          # Default user shell
 

diff --git a/tasks/users.yml b/tasks/users.yml
@@ -10,6 +10,7 @@
 
 - name: users | Create per user groups
   group: name={{item.name|default(item)}}
+  when: not users_to_install or item.name|default(item) in users_to_install
   with_items: users_users
 
 - name: users | Ensure the users are present
@@ -18,14 +19,15 @@
       comment: "{{item.comment|default('')}}"
       createhome: "{{item.createhome|default('yes')}}"
       force: "{{item.force|default('no')}}"
-      group: "{{item.group|default(item.name)}}"
+      group: "{{item.group|default(item.name|default(item))}}"
       groups: "{{item.groups|default('')}}"
-      home: "{{item.home|default('/home/' + item.name)}}"
+      home: "{{item.home|default('/home/' + item.name|default(item))}}"
       move_home: "{{item.move_home|default('no')}}"
       non_unique: "{{item.non_unique|default('no')}}"
       shell: "{{item.shell|default(users_shell)}}"
       system: "{{item.system|default('no')}}"
       update_password: "{{item.uid|default('always')}}"
+  when: not users_to_install or item.name|default(item) in users_to_install
   with_items: users_users
 
 - name: users | Ensure the removed users are not present
@@ -34,6 +36,7 @@
 
 - name: users | Ensure the users ssh keys are present
   authorized_key: "user={{item.0.name}} key='{{item.1}}'"
+  when: not users_to_install or item.0.name in users_to_install
   with_subelements:
-    - users_users
-    - ssh_keys
+    - users_ssh_keys
+    - authorized