debops.users default variables

Global defaults

users__enabled

Should Ansible manage local user accounts? Set to False to disable.

users__enabled: True
users__no_log

Enable or disable Ansible task logging. By default all task logging is disabled because the variables used to define user accounts can contain passwords. This variable should not be changed apart for debugging.

users__no_log: True
users__default_system

If enabled, user groups and accounts will be considered "system" accounts by default (ie. local accounts vs. LDAP accounts) and will be created with UID and GID < 1000.

users__default_system: '{{ (True
                            if (ansible_local|d() and ansible_local.ldap|d() and
                                ansible_local.ldap.enabled | bool)
                            else False) }}'
users__default_shell

Specify absolute path of the shell which should be configured on all user accounts managed by this role, if not overriden by the user configuration. If not specified, the shell won't be changed. The shell can be specified by the user configuration files, see users__dotfiles_map for more details.

users__default_shell: ''

Lists of managed UNIX groups

These lists can be used to manage UNIX groups through Ansible inventory. See users__groups for more details.

users__groups

List of UNIX groups to manage on all hosts in Ansible inventory.

users__groups: []
users__group_groups

List of UNIX groups to manage on hosts in specific Ansible inventory group.

users__group_groups: []
users__host_groups

List of UNIX groups to manage on specific hosts in Ansible inventory.

users__host_groups: []

Lists of managed UNIX accounts

These lists can be used to manage UNIX user accounts through Ansible inventory. See users__accounts for more details.

users__accounts

List of user accounts to manage on all hosts in Ansible inventory.

users__accounts: []
users__group_accounts

List of UNIX user accounts to manage on hosts in specific Ansible inventory group.

users__group_accounts: []
users__host_accounts

List of UNIX user accounts to manage on specific hosts in Ansible inventory.

users__host_accounts: []
users__root_accounts

This is only used for configuration files and SSH keys management on the UNIX root account.

users__root_accounts:
  - name: 'root'
users__default_accounts

List of default UNIX user accounts managed by Ansible.

users__default_accounts: []
users__admin_accounts

List of UNIX administrator accounts managed by Ansible.

users__admin_accounts: '{{ lookup("template", "lookup/users__admin_accounts.j2") | from_yaml }}'

Management of user resources

Custom user resources like directories, files and symlinks can be configured in separate lists. Check the users__resources for more details.

The support for different parameters here is limited, you might want to check out the debops.resources Ansible role for more extensive resource management.

users__resources

Manage user resources on all hosts in Ansible inventory.

users__resources: []
users__group_resources

Manage user resources on hosts in specific Ansible inventory group.

users__group_resources: []
users__host_resources

Manage user resources on specific hosts in Ansible inventory.

users__host_resources: []

User configuration files (dotfiles)

These variables are used to manage the user configuration files (dotfiles).

users__dotfiles_enabled

Default state of dotfiles on all accounts managed by Ansible False - dotfiles are not configured by default True - dotfiles will be configured by default

users__dotfiles_enabled: False
users__dotfiles_dest

Path in the user's $HOME directory where dotfiles should be checked out if not specified otherwise.

users__dotfiles_dest: '~/.config/dotfiles'
users__dotfiles_update

If enabled, user configuration files repository will be updated on each Ansible run.

users__dotfiles_update: True
users__dotfiles_name

Default user configuration files dictionary to use, if none is specified.

users__dotfiles_name: 'drybjed'
users__dotfiles_default_map

A YAML dictionary with default definitions of the user configuration files. See the users__dotfiles_map for more details.

users__dotfiles_default_map:
  'drybjed':
    repo: 'https://github.com/drybjed/dotfiles.git'
    command: 'make install'
    creates: '~/.zshrc'
    shell: '/bin/zsh'
users__dotfiles_map

A YAML dictionary with definitions of the user configuration files. See the users__dotfiles_map for more details.

users__dotfiles_map: {}
users__dotfiles_combined_map

The combined YAML dictionary which holds the information about user configuration files.

users__dotfiles_combined_map: '{{ users__dotfiles_default_map
                                  | combine(users__dotfiles_map) }}'