debops.libuser default variables

Installation, Apt packages

libuser__enabled

Should Ansible use libuser library to manage UNIX accounts and groups?

libuser__enabled: True
libuser__base_packages

List of APT base packages which are required by the Libuser service.

libuser__base_packages: [ 'libuser' ]
libuser__packages

List of APT packages which are required by the Libuser service.

libuser__packages: []

Libuser configuration file

The variables below define the contents of the /etc/libuser.conf configuration file. See libuser__configuration for more details.

libuser__original_configuration

The default configuration options which should be present in the main configuration file.

libuser__original_configuration:

  - name: 'import'
    options:

      - name: 'login_defs'
        comment: |
          Data from these files is used when libuser.conf does not define a value.
          The mapping is documented in the man page.
        value: '/etc/login.defs'
        state: 'present'

      - name: 'default_useradd'
        value: '/etc/default/useradd'
        state: 'present'

  - name: 'defaults'
    options:

      - name: 'moduledir'
        comment: 'The default (/usr/lib*/libuser) is usually correct'
        value: '/your/custom/directory'
        state: 'comment'

      - name: 'skeleton'
        comment: 'The following variables are usually imported:'
        value: '/etc/skel'
        state: 'comment'
        separator: True

      - name: 'mailspooldir'
        value: '/var/mail'
        state: 'comment'

      - name: 'crypt_style'
        value: 'sha512'
        state: 'present'
        separator: True

      - name: 'modules'
        value: 'files shadow'
        state: 'present'

      - name: 'create_modules'
        value: 'files shadow'
        state: 'present'

      - name: 'modules_with_ldap'
        option: 'modules'
        value: 'files shadow ldap'
        state: 'comment'

      - name: 'create_modules_with_ldap'
        option: 'create_modules'
        value: 'ldap'
        state: 'comment'

  - name: 'userdefaults'
    options:

      - name: 'LU_USERNAME'
        value: '%n'
        state: 'present'

      - name: 'LU_UIDNUMBER'
        comment: 'This is better imported from /etc/login.defs:'
        value: '500'
        state: 'comment'

      - name: 'LU_GIDNUMBER'
        value: '%u'
        state: 'present'

      - name: 'LU_USERPASSWORD'
        value: '!!'
        state: 'comment'

      - name: 'LU_GECOS'
        value: '%n'
        state: 'comment'

      - name: 'LU_HOMEDIRECTORY'
        value: '/home/%n'
        state: 'comment'

      - name: 'LU_LOGINSHELL'
        value: '/bin/bash'
        state: 'comment'

      - name: 'LU_SHADOWNAME'
        value: '%n'
        state: 'comment'
        separator: True

      - name: 'LU_SHADOWPASSWORD'
        value: '!!'
        state: 'comment'

      - name: 'LU_SHADOWLASTCHANGE'
        value: '%d'
        state: 'comment'

      - name: 'LU_SHADOWMIN'
        value: '0'
        state: 'comment'

      - name: 'LU_SHADOWMAX'
        value: '99999'
        state: 'comment'

      - name: 'LU_SHADOWWARNING'
        value: '7'
        state: 'comment'

      - name: 'LU_SHADOWINACTIVE'
        value: '-1'
        state: 'comment'

      - name: 'LU_SHADOWEXPIRE'
        value: '-1'
        state: 'comment'

      - name: 'LU_SHADOWFLAG'
        value: '-1'
        state: 'comment'

  - name: 'groupdefaults'
    options:

      - name: 'LU_GROUPNAME'
        value: '%n'
        state: 'present'

      - name: 'LU_GIDNUMBER'
        comment: 'This is better imported from /etc/login.defs:'
        value: '500'
        state: 'comment'

      - name: 'LU_GROUPPASSWORD'
        value: '!!'
        state: 'comment'
        separator: True

      - name: 'LU_MEMBERUID'
        state: 'comment'

      - name: 'LU_ADMINISTRATORUID'
        state: 'comment'

  - name: 'files'
    options:

      - name: 'directory'
        comment: |
          This is useful for the case where some master files are used to
          populate a different NSS mechanism which this workstation uses.
        value: '/etc'
        state: 'comment'

  - name: 'shadow'
    options:

      - name: 'directory'
        comment: |
          This is useful for the case where some master files are used to
          populate a different NSS mechanism which this workstation uses.
        value: '/etc'
        state: 'comment'

  - name: 'ldap'
    options:

      - name: 'server'
        comment: 'Setting these is always necessary.'
        value: 'ldap'
        state: 'comment'

      - name: 'basedn'
        value: 'dc=example,dc=com'
        state: 'comment'

      - name: 'userBranch'
        comment: "Setting these is rarely necessary, since it's usually correct."
        value: 'ou=People'
        state: 'comment'
        separator: True

      - name: 'groupBranch'
        value: 'ou=Group'
        state: 'comment'

      - name: 'binddn'
        comment: |
          Set only if your administrative user uses simple bind operations to
          connect to the server.
        value: 'cn=Manager,dc=example,dc=com'
        state: 'comment'
        separator: True

      - name: 'user'
        comment: |
          Set this only if the default user (as determined by SASL) is incorrect
          for SASL bind operations.  Usually, it's correct, so you'll rarely need
          to set these.
        value: 'Manager'
        state: 'comment'
        separator: True

      - name: 'authuser'
        value: 'Manager'
        state: 'comment'

  - name: 'sasl'
    options:

      - name: 'appname'
        comment: |
          Set these only if your sasldb is only used by a particular application, and
          in a particular domain.  The default (all applications, all domains) is
          probably correct for most installations.
        value: 'imap'
        state: 'comment'

      - name: 'domain'
        value: 'EXAMPLE.COM'
        state: 'comment'
libuser__configuration

The configuration which should be present on all hosts in the Ansible inventory.

libuser__configuration: []
libuser__group_configuration

The configuration which should be present on hosts in a specific Ansible inventory group.

libuser__group_configuration: []
libuser__host_configuration

The configuration which should be present on specific hosts in the Ansible inventory.

libuser__host_configuration: []
libuser__combined_configuration

The variable which combines all of the other configuration variables and is used in the Ansible tasks.

libuser__combined_configuration: '{{ libuser__original_configuration
                                     + libuser__configuration
                                     + libuser__group_configuration
                                     + libuser__host_configuration }}'