24 lines
657 B
YAML
24 lines
657 B
YAML
---
|
|
|
|
- name: Check if required parameters are set
|
|
ansible.builtin.assert:
|
|
that:
|
|
- user is defined
|
|
|
|
- name: Create user
|
|
ansible.builtin.user:
|
|
name: "{{ user }}"
|
|
home: "{{ users[user].home | default(omit) }}"
|
|
uid: "{{ users[user].uid | default(omit) }}"
|
|
state: present
|
|
|
|
- name: Add public keys for user '{{ user }}'
|
|
ansible.posix.authorized_key:
|
|
user: "{{ user }}"
|
|
key: "{{ lookup('file', '../../access/keys/' + item + '.pub') }}"
|
|
state: present # Note: we don't remove other/existing keys
|
|
with_items: >-
|
|
{{ global_ssh_keys +
|
|
(ssh_keys[user] | default([])) +
|
|
(ssh_keys['*'] | default([])) }}
|