Add preprocessing tasks and auth playbook
Update secrets submodule
This commit is contained in:
39
tasks/preprocess-users.yml
Normal file
39
tasks/preprocess-users.yml
Normal file
@@ -0,0 +1,39 @@
|
||||
---
|
||||
- name: Load users variables
|
||||
include_vars:
|
||||
file: users.yml
|
||||
|
||||
- name: Reconcile user targets with host targets to get host users
|
||||
set_fact:
|
||||
users_local: >-
|
||||
{{
|
||||
users_local | default([]) + ([item] if item.targets | intersect(local_targets) else [])
|
||||
}}
|
||||
loop: "{{ omni_users }}"
|
||||
|
||||
- name: Determine local user names
|
||||
set_fact:
|
||||
users_local_names: "{{ users_local_names | default([]) + [item.name] }}"
|
||||
loop: "{{ users_local }}"
|
||||
|
||||
- name: Determine administrative users
|
||||
set_fact:
|
||||
users_local_admin: >-
|
||||
{{
|
||||
users_local_admin | default([]) + ([item] if item.admin | default(False) else [])
|
||||
}}
|
||||
loop: "{{ users_local }}"
|
||||
|
||||
- name: Determine existing users
|
||||
shell: 'grep omni /etc/group | cut -d: -f4 | tr "," "\n"'
|
||||
changed_when: false
|
||||
register: users_local_existing
|
||||
|
||||
- name: Determine removed users
|
||||
set_fact:
|
||||
users_local_removed: >-
|
||||
{{
|
||||
users_local_removed | default([]) +
|
||||
([item] if item not in users_local_names else [])
|
||||
}}
|
||||
loop: "{{ users_local_existing.stdout_lines }}"
|
||||
Reference in New Issue
Block a user