Infrastructure/ansible/roles/user/tasks/main.yml

---

- name: Check if required parameters are set
  ansible.builtin.assert:
    that:
      - user is defined

- name: Create user
  ansible.builtin.user:
    name: "{{ user }}"
    home: "{{ users[user].home | default(omit) }}"
    uid: "{{ users[user].uid | default(omit) }}"
    state: present

- name: Add public keys for user '{{ user }}'
  ansible.posix.authorized_key:
    user: "{{ user }}"
    key: "{{ lookup('file', '../../access/keys/' + item + '.pub') }}"
    state: present  # Note: we don't remove other/existing keys
  with_items: >-
    {{ global_ssh_keys +
        (ssh_keys[user] | default([])) +
        (ssh_keys['*'] | default([])) }}
Decouple users from podman 2024-02-20 09:48:10 +02:00			`---`

			`- name: Check if required parameters are set`
			`ansible.builtin.assert:`
			`that:`
			`- user is defined`

			`- name: Create user`
			`ansible.builtin.user:`
			`name: "{{ user }}"`
			`home: "{{ users[user].home \| default(omit) }}"`
			`uid: "{{ users[user].uid \| default(omit) }}"`
			`state: present`

			`- name: Add public keys for user '{{ user }}'`
			`ansible.posix.authorized_key:`
			`user: "{{ user }}"`
			`key: "{{ lookup('file', '../../access/keys/' + item + '.pub') }}"`
			`state: present # Note: we don't remove other/existing keys`
			`with_items: >-`
			`{{ global_ssh_keys +`
			`(ssh_keys[user] \| default([])) +`
			`(ssh_keys['*'] \| default([])) }}`