fix: up expiry defaults, groups if multiple execution in play (#111)

## Description * fix(defaults): up default expiry time * fix: ensure groups variable initialized correctly (if multiple role executions with different settings) and that groups exist * docs: add known bug when adding ssh key fails but appears successful ## Motivation and Context bug fixes ## How Has This Been Tested? github actions and local testing ## Types of changes - [x] Bug fix (non-breaking change which fixes an issue) ## Checklist: - [x] My code follows the code style of this project. - [ ] My change requires a change to the documentation. - [x] I have updated the documentation accordingly. - [x] I have read the **CONTRIBUTING** document. - [ ] I have added tests to cover my changes. - [x] All new and existing tests passed including pre-commit and github actions. - [x] Used in production.
juju4 · Nov 23, 2024 · af6a08d · af6a08d
2 parents 7e630a8 + 0aa94ca
commit af6a08d
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -83,6 +83,8 @@ uncomment baselist and comment mirrorlist in /etc/yum.repos.d/epel.repo
 (http://stackoverflow.com/questions/30949707/centos-6-6-errno-1-repomd-xml-does-not-match-metalink-for-updates-when-tryin)
 Centos6 might also need ansible 2.1 (not 2.2) because of ```ERROR! Unexpected Exception: 'module' object has no attribute 'HAVE_DECL_MPZ_POWM_SEC'```
 
+* Adding ssh key task still seen as successful even if failed because a key was not readable, path incorrect or else. need to review log with verbosity 1.
+
 ## License
 
 BSD 2-clause
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -16,8 +16,8 @@ adduser_password_update: on_create
 # adduser_shell: '/bin/bash'
 ## default expires account now after 6m+random up to 10d? only linux and freebsd
 # adduser_expires: "{{ ansible_date_time.epoch|int + 15552000 + 864000|random(step=86400) }}"
-# 2024/01/01 fixed time for idempotence
-adduser_expires: 1704070800
+# 2026/01/01 fixed time for idempotence
+adduser_expires: 1767272400
 # adduser_expires: ''
 ## wheel/admin group are handled directly if sudoroot true
 adduser_groups: []

diff --git a/tasks/main.yml b/tasks/main.yml
@@ -122,7 +122,19 @@
         PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
       become: yes
       when: adduser_sudoroot_nopasswd
+- name: Set
+  when:
+    - not (adduser_sudoroot is defined and adduser_sudoroot and sudoers.stat.exists)
+  block:
+    - name: Set groups
+      ansible.builtin.set_fact:
+        final_groups: "{{ adduser_groups }}"
 
+- name: Ensure groups exist
+  ansible.builtin.group:
+    name: "{{ item }}"
+    state: present
+  loop: "{{ adduser_groups }}"
 - name: Add user to groups
   ansible.builtin.user:
     name: "{{ adduser_user_name }}"