Stanislav Asunkin
1 year ago
1 changed files with 40 additions and 22 deletions
+ 40
- 22
users/init.sls
View File
| {% set used_googleauth = [] %} | {% set used_googleauth = [] %} | ||||
| {% set used_user_files = [] %} | {% set used_user_files = [] %} | ||||
| {% set used_polkit = [] %} | {% set used_polkit = [] %} | ||||
| {%- set create_dirs = [] %} | |||||
| {%- set created_groups = [] %} | |||||
| {% for group, setting in salt['pillar.get']('groups', {}).items() %} | {% for group, setting in salt['pillar.get']('groups', {}).items() %} | ||||
| {% if setting.absent is defined and setting.absent or setting.get('state', "present") == 'absent' %} | {% if setting.absent is defined and setting.absent or setting.get('state', "present") == 'absent' %} | ||||
| group.absent: | group.absent: | ||||
| - name: {{ group }} | - name: {{ group }} | ||||
| {% else %} | {% else %} | ||||
| {%- do created_groups.append(group) %} | |||||
| users_group_present_{{ group }}: | users_group_present_{{ group }}: | ||||
| group.present: | group.present: | ||||
| - name: {{ group }} | - name: {{ group }} | ||||
| {%- set user_group = name -%} | {%- set user_group = name -%} | ||||
| {%- endif %} | {%- endif %} | ||||
| {%- if createhome %} | |||||
| {%- set required_dir = salt['file.dirname'](home) %} | |||||
| {%- do create_dirs.append(required_dir) %} | |||||
| {%- endif %} | |||||
| {%- if not ( 'sudoonly' in user and user['sudoonly'] ) %} | {%- if not ( 'sudoonly' in user and user['sudoonly'] ) %} | ||||
| {% for group in user.get('groups', []) %} | |||||
| users_{{ name }}_{{ group }}_group: | |||||
| {#- create prime group #} | |||||
| {%- if user_group not in created_groups %} | |||||
| {%- do created_groups.append(user_group) %} | |||||
| users_group_present_{{ user_group }}: | |||||
| group.present: | |||||
| - name: {{ user_group }} | |||||
| {%- if 'prime_group' in user and 'gid' in user['prime_group'] %} | |||||
| - gid: {{ user['prime_group']['gid'] }} | |||||
| {%- elif 'uid' in user %} | |||||
| - gid: {{ user['uid'] }} | |||||
| {%- endif %} | |||||
| {% if 'system' in user and user['system'] %} | |||||
| - system: True | |||||
| {% endif %} | |||||
| {%- endif %} | |||||
| {#- create required groups #} | |||||
| {%- for group in user.get('groups', []) if group not in created_groups %} | |||||
| {%- do created_groups.append(group) %} | |||||
| users_group_present_{{ group }}: | |||||
| group.present: | group.present: | ||||
| - name: {{ group }} | - name: {{ group }} | ||||
| {% if group == 'sudo' %} | {% if group == 'sudo' %} | ||||
| {% endif %} | {% endif %} | ||||
| {% endfor %} | {% endfor %} | ||||
| {# in case home subfolder doesn't exist, create it before the user exists #} | |||||
| {% if createhome -%} | |||||
| users_{{ name }}_user_prereq: | |||||
| file.directory: | |||||
| - name: {{ salt['file.dirname'](home) }} | |||||
| - makedirs: True | |||||
| - prereq: | |||||
| - user: users_{{ name }}_user | |||||
| {%- endif %} | |||||
| users_{{ name }}_user: | users_{{ name }}_user: | ||||
| {% if createhome -%} | {% if createhome -%} | ||||
| file.directory: | file.directory: | ||||
| - user: users_{{ name }}_user | - user: users_{{ name }}_user | ||||
| - group: {{ user_group }} | - group: {{ user_group }} | ||||
| {%- endif %} | {%- endif %} | ||||
| group.present: | |||||
| - name: {{ user_group }} | |||||
| {%- if 'prime_group' in user and 'gid' in user['prime_group'] %} | |||||
| - gid: {{ user['prime_group']['gid'] }} | |||||
| {%- elif 'uid' in user %} | |||||
| - gid: {{ user['uid'] }} | |||||
| {%- endif %} | |||||
| {% if 'system' in user and user['system'] %} | |||||
| - system: True | |||||
| {% endif %} | |||||
| user.present: | user.present: | ||||
| - name: {{ name }} | - name: {{ name }} | ||||
| - home: {{ home }} | - home: {{ home }} | ||||
| {% for group in user.get('groups', []) -%} | {% for group in user.get('groups', []) -%} | ||||
| - group: {{ group }} | - group: {{ group }} | ||||
| {% endfor %} | {% endfor %} | ||||
| {%- if createhome and required_dir != '/' %} | |||||
| - file: users_prereq_dir_{{ required_dir }} | |||||
| {%- endif %} | |||||
| {% if 'ssh_keys' in user or | {% if 'ssh_keys' in user or | ||||
| {% endfor %} | {% endfor %} | ||||
| {#- create directories for homes #} | |||||
| {%- for dir in create_dirs|unique|reject('equalto', '/') %} | |||||
| users_prereq_dir_{{ dir }}: | |||||
| file.directory: | |||||
| - name: {{ dir }} | |||||
| - makedirs: True | |||||
| {%- endfor %} | |||||
| {% for name, user in pillar.get('users', {}).items() | {% for name, user in pillar.get('users', {}).items() | ||||
| if user.absent is defined and user.absent %} | if user.absent is defined and user.absent %} |
Loading…