I have a role that manages my users on my boxes, problem I am having is I
have two tasks that modify the "groups" properties of users. This is
obviously stupid since they keep changing each other, giving my false
change notifications when I run ansible.
I have separate global/group/host vars that are just a list of usernames
that get "sudo" access on a box which is why I currently separate it out
into a separate task.
Anyone have an idea on how to merge theses? I was thinking of using
set_fact to build the list of groups first and then running the user module
once. I couldn't figure out if set_fact supports a "when" clause though.
- name: manage user groups
user:
name: '{{ item.name }}'
state: '{{ item.state | default("present") }}'
groups: '{{ item.groups | join(",") }}'
append: '{{ item.append | default("no") }}'
with_flattened:
- users_global_list
- users_group_list
- users_host_list
when: ((item.name is defined and item.name) and (item.groups is defined
and item.groups))
- name: manage admins
user:
name: '{{ item.name }}'
state: '{{ item.state | default("present") }}'
groups: '{{ users_default_admin_group }}'
append: 'yes'
with_flattened:
- users_global_list
- users_group_list
- users_host_list
when: ((item.name is defined and item.name) and
(item.name in users_global_admins or
item.name in users_group_admins or
item.name in users_host_admins))
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/1318031f-829d-403e-ba3a-34a2182f4a20%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
