user-exists
Example:
# Create (if not already exist) user and group 'freckles', with gid/uid 1111. - user-exists: name: freckles uid: 1111 group: freckles gid: 1111
Description
Ensure a user exists on a system.
If no password argument is provided, the created user won't be able do login via ssh via
password auth, and they won't be able to do sudo if passwordless sudo is not enabled for the user.
This task allows for providing the password in plain text. It will
Optionally, you can specify UID, main group and GID of the user.
If the group var is specified, a corresponding group will be created if it doesn't exist yet.
Resources
Variables
| Name | Type | Default | Description |
|---|---|---|---|
|
string | -- | The name of the user to create. Required |
|
integer | -- | The GID of the users main group (optional). |
|
string | -- | The name of the users main group. |
|
string | -- | This sets the users password. The user input will be sha512-hashed before forwareded to the connector. If not provided, the user won't be able to login via password auth, and can't do sudo if passwordless sudo is not configured. |
|
string | /bin/bash | The users default shell. |
|
boolean | False | Whether the user to create (and potentially group) should be created as system user. |
|
integer | -- | The uid of the user to create (optional). |
Examples
Example 1
Create (if not already exist) user and group 'freckles', with gid/uid 1111.
Code
- user-exists: name: freckles uid: 1111 group: freckles gid: 1111
Description
This (obviously) assigns the 'freckles' group to be the new users main group.
Code
doc: short_help: Make sure a user exists help: | Ensure a user exists on a system. If no ``password`` argument is provided, the created user won't be able do login via ssh via password auth, and they won't be able to do sudo if passwordless sudo is not enabled for the user. This task allows for providing the password in plain text. It will Optionally, you can specify UID, main group and GID of the user. If the ``group`` var is specified, a corresponding group will be created if it doesn't exist yet. references: Creating a User in Ansible: https://serversforhackers.com/c/create-user-in-ansible examples: - title: Create (if not already exist) user and group 'freckles', with gid/uid 1111. desc: | This (obviously) assigns the 'freckles' group to be the new users main group. vars: name: freckles uid: 1111 group: freckles gid: 1111 args: name: doc: short_help: The name of the user to create. type: string required: true empty: false cli: metavar: USER_NAME param_type: argument uid: doc: short_help: The uid of the user to create (optional). type: integer required: false cli: metavar: UID group: doc: short_help: The name of the users main group. type: string required: false empty: false cli: metavar: GROUP_NAME gid: doc: short_help: The GID of the users main group (optional). type: integer required: false cli: metavar: GID system_user: doc: short_help: Whether the user to create (and potentially group) should be created as system user. type: boolean required: false default: false cli: show_default: true is_flag: true # password: # doc: # short_help: "The crypted user password." # help: | # This sets the users password. If not provided, the user won't be able to login via password auth, and can't do # sudo if passwordless sudo is not configured. # references: # - "[password encryption](https://docs.ansible.com/ansible/latest/modules/user_module.html)" # type: string # required: false # cli: # metavar: PWD password: doc: short_help: The user password in plain text. help: | This sets the users password. The user input will be sha512-hashed before forwareded to the connector. If not provided, the user won't be able to login via password auth, and can't do sudo if passwordless sudo is not configured. type: string required: false secret: true cli: metavar: PWD shell: doc: short_help: The users default shell. type: string required: false default: /bin/bash meta: tags: - user - user-management - system frecklets: - group-exists: group: '{{:: group ::}}' gid: '{{:: gid ::}}' system: '{{:: system_user ::}}' frecklet::skip: '{{:: group | true_if_empty ::}}' - frecklet: name: user type: ansible-module desc: short: "ensure user '{{:: name ::}}' exists" long: | {%:: if name == 'root' ::%}No need to do anything, user 'root' always exists. {%:: else ::%}Create user '{{:: name ::}}' on the target system{%:: if uid ::%}, using the user id '{{:: uid ::}}'{%:: endif ::%}. {%:: if group ::%}Set the users main group to be '{{:: group ::}}'.{%:: endif ::%} {%:: if system_user ::%}The new user should be a system user.{%:: endif ::%} {%:: if shell and shell != "/bin/bash" ::%}Set the users shell to be '{{:: shell ::}}'{%:: endif ::%}{%:: endif ::%} references: "'useradd' tutorial (tecmint)": https://www.tecmint.com/add-users-in-linux/ "'user' Ansible module": https://docs.ansible.com/ansible/latest/modules/user_module.html properties: idempotent: true elevated: true internet: false task: become: true vars: name: '{{:: name ::}}' state: present groups: '{{:: group ::}}' append: true uid: '{{:: uid ::}}' system: '{{:: system_user ::}}' password: '{{:: password | sha512_crypt ::}}' shell: '{{:: shell ::}}'
frecklecute user-exists --help Usage: frecklecute user-exists [OPTIONS] USER_NAME Ensure a user exists on a system. If no ``password`` argument is provided, the created user won't be able do login via ssh via password auth, and they won't be able to do sudo if passwordless sudo is not enabled for the user. This task allows for providing the password in plain text. It will Optionally, you can specify UID, main group and GID of the user. If the ``group`` var is specified, a corresponding group will be created if it doesn't exist yet. Options: --gid GID The GID of the users main group (optional). --group GROUP_NAME The name of the users main group. --password PWD The user password in plain text. --shell SHELL The users default shell. --system-user / --no-system-user Whether the user to create (and potentially group) should be created as system user. --uid UID The uid of the user to create (optional). --help Show this message and exit.
# -*- coding: utf-8 -*- # # module path: pycklets.user_exists.UserExists # from dataclasses import dataclass from pyckles import AutoPycklet from typing import * # noqa @dataclass class UserExists(AutoPycklet): """Ensure a user exists on a system. If no ``password`` argument is provided, the created user won't be able do login via ssh via password auth, and they won't be able to do sudo if passwordless sudo is not enabled for the user. This task allows for providing the password in plain text. It will Optionally, you can specify UID, main group and GID of the user. If the ``group`` var is specified, a corresponding group will be created if it doesn't exist yet. Args: gid: The GID of the users main group (optional). group: The name of the users main group. name: The name of the user to create. password: The user password in plain text. shell: The users default shell. system_user: Whether the user to create (and potentially group) should be created as system user. uid: The uid of the user to create (optional). """ FRECKLET_ID = "user-exists" gid: int = None group: str = None name: str = None password: str = None shell: str = None system_user: bool = None uid: int = None def __post_init__(self): super(UserExists, self).__init__(var_names=["gid", "group", "name", "password", "shell", "system_user", "uid"]) frecklet_class = UserExists
# -*- coding: utf-8 -*- # # module path: pycklets.user_exists.UserExists # from pyckles import AutoPycklet class UserExists(AutoPycklet): """Ensure a user exists on a system. If no ``password`` argument is provided, the created user won't be able do login via ssh via password auth, and they won't be able to do sudo if passwordless sudo is not enabled for the user. This task allows for providing the password in plain text. It will Optionally, you can specify UID, main group and GID of the user. If the ``group`` var is specified, a corresponding group will be created if it doesn't exist yet. Args: gid: The GID of the users main group (optional). group: The name of the users main group. name: The name of the user to create. password: The user password in plain text. shell: The users default shell. system_user: Whether the user to create (and potentially group) should be created as system user. uid: The uid of the user to create (optional). """ FRECKLET_ID = "user-exists" def __init__(self, gid=None, group=None, name=None, password=None, shell="/bin/bash", system_user=None, uid=None): super(UserExists, self).__init__(var_names=["gid", "group", "name", "password", "shell", "system_user", "uid"]) self._gid = gid self._group = group self._name = name self._password = password self._shell = shell self._system_user = system_user self._uid = uid @property def gid(self): return self._gid @gid.setter def gid(self, gid): self._gid = gid @property def group(self): return self._group @group.setter def group(self, group): self._group = group @property def name(self): return self._name @name.setter def name(self, name): self._name = name @property def password(self): return self._password @password.setter def password(self, password): self._password = password @property def shell(self): return self._shell @shell.setter def shell(self, shell): self._shell = shell @property def system_user(self): return self._system_user @system_user.setter def system_user(self, system_user): self._system_user = system_user @property def uid(self): return self._uid @uid.setter def uid(self, uid): self._uid = uid frecklet_class = UserExists