blob: 8982001504eb3499899e27aa496261afcbc3726c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
# The user of the role MUST define the version they want to use. If
# it's not what the version of unix_users being used actually
# provides, the role will fail.
unix_users_version: null
# List of system users to create. Value a list of dicts with keys:
#
# username -- the username of the new user
# comment -- the GECOS/realname of the new user
# shell -- the shell to use (defaults to /bin/bash)
# system -- yes/no, is user a system user (default no)
# sudo -- yes/no, should user have sudo access? (without password)
# ssh_key -- install this as ~/.ssh/id_rsa
# ssh_key_pub -- install this as ~/.ssh/id_rsa.pub
# ssh_key_pub -- install this as ~/.ssh/id_rsa.pub
# authorized_keys -- install this as ~/.ssh/authorized_keys
# password -- encrypted password
#
# Create the encrypted password with something like:
# password: "{{ lookup('pipe', 'pass show foo | mkpasswd --method=sha-512 --stdin') }}"
#
unix_users: []
# Specify directory where per-user authorized_keys files are stored.
# Each user has their own file in the directory, named after their
# username. You MUST specify this variable. You may put more than one
# key in each user's file.
#
# You MUST create a file for each user in unix_users. An empty file
# will do.
#
# THIS IS NOW DEPRECATED. DO NOT USE. If you leave this empty, the old,
# deprecated way of installing authorized_keys files is skipped. If you
# still use that, then set it in your own vars. But switch to the new
# way asap: set authorized_keys field for the user, see above.
authkeys_dir:
|
