debops.users
This project adheres to Semantic Versioning and human-readable changelog.
The current role maintainer_ is drybjed.
debops.users master - unreleased
debops.users v0.2.1 - 2016-10-16
- Allow creation of user accounts with non-unique UID numbers. [kosma]
debops.users v0.2.0 - 2016-10-13
- Disable Ansible logging for all tasks in the role that work with user account lists to prevent accidental password leaks. This can be controlled by a default variable to make debugging easier. [drybjed_]
- Add support for custom resource management in user directories (files, directories, symlinks). [drybjed_]
- Updated documentation and Changelog. [drybjed_]
- All variables are renamed from
users_*tousers__*to put them in a separate namespace. [drybjed_] - Rename user account and group lists to make them more organized. [drybjed_]
- Use the list of admin users maintained by the debops.core_ Ansible facts to manage the administrator accounts. [drybjed_]
- Switch from using a template for :file:`~/.forward` file to the Ansible
lineinfilemodule. [drybjed_] - Reorganize the user configuration file management, including better control over where dotfiles are cloned, and easier way to add new dotfiles definitions via a separate YAML dictionary. Some of the variables related to dotfiles have been renamed. [drybjed_]
- A default shell can now be set for all user accounts managed by this role, by setting it in the :envvar:`users__default_shell` variable. [drybjed_]
- Update the tasks that manage SSH public keys. You can specify the
sshkeysparameter as a string or a list, set the specified keys as exclusive or entirely remove the~/.ssh/authorized_keysfile. [drybjed_]
- Remove the
users__default_groups_listandusers__default_groups_appendvariables, as well as the task that utilized these variables. [drybjed_]
- Allow removal of user groups only if
item.groupparameter is the same asitem.nameor is not specified. This fixes an issue where Ansible tried to remove a group which was a primary group for multiple users. [drybjed_]
debops.users v0.1.6 - 2016-02-06
- Enable support for SSH key management on
rootaccount. [drybjed_] - Add more useful parameters to user management. [drybjed_]
- Rename the
usersvariable tousers_enabledto avoid the issue with single-word variables. You might need to update the Ansible inventory. [drybjed_] - Change the method that role detects and uses
ansible_ssh_uservariable to set up default user account. [drybjed_] - Switch
sudo_usertobecome_user. [drybjed_] - Fix Ansible 2.1.0 deprecation warnings. [drybjed_]
debops.users v0.1.5 - 2016-01-05
- Add
users_default_systembool variable which, when enabled, will set all user groups and accounts created bydebops.usersrole as "system" accounts with UID/GID < 1000. These accounts are considered "local" accounts and should not interfere with LDAP accounts. This can still be overriden by explicitly settingitem.systemparameter in user account definition. [drybjed_] - Add dependency on debops.secret_ role which can be accessed by
debops.users, for example to retrieve SSH keys. This ensures that the requiredsecretvariable is always present. [drybjed_]
- Fix empty list of default users on Ansible v2. [drybjed_]
- Remove unneeded bracket. [sean]
debops.users v0.1.4 - 2015-08-22
- Get list of available groups even in Ansible check mode to avoid error. [ypid_]
- Request :command:`sudo` access on Travis-CI for testing. [drybjed_]
debops.users v0.1.3 - 2015-08-22
- Add
item.home_ownerparameter which allows to change the owner of the home directory if needed. [drybjed_]
- Check if
item.createhomeis specified or not for an account before doing anything within the home directory. If home creation is disabled, configuration of~/.forwardfile and dotfiles won't be performed. [drybjed_]
- Remove support for
rootaccount management; this functionality has been moved to debops.console_ role. Mmanagement of the dotfiles onrootaccount is still done from this role. [drybjed_]
debops.users v0.1.2 - 2015-08-22
- Add DebOps pre/post task hooks using
task_srclookup. [drybjed_] - Add
users-dotfilesAnsible tag for tasks related to dotfiles. [drybjed_] - Add a way to change home directory primary group and permissions using
item.home_groupanditem.home_modeparameters. [drybjed_] - Add user accounts only to groups that already exist. [drybjed_]
- Don't force certain
usermodule parameters if they are not specified by the user, like the accountsystemstate or home directory location. This should avoid problems with accounts that weren't defined with default values and are now managed by Ansible. [drybjed_] - Set user shell separately if dotfiles are enabled and it's specified in the dotfiles dict. [drybjed_]
- Don't change
rootshell if none is specified by the user. [drybjed_] - Don't manage default account if it's
root, it should fix problems whenrootaccount is used over SSH directly. [drybjed_] - Use
sudo_usertask parameter to operate on files inside user directories instead of relying on static absolute paths as default. [drybjed_] - Rename the
item.systemgroupanditem.systemuserparameters toitem.systemand omit them if not specified (system status won't be enforced by the role). [drybjed_] - Allow home group and mode modification without specifying the
item.homekey. [drybjed_] - Default user account will be added to
adminsgroup to fix an issue where if that account is added manually, it loses access to :command:`sudo` commands. [drybjed_] - Small update of the example user entry to correctly show how a separate Jinja dictionary can be passed to a list of user accounts. [drybjed_]
debops.users v0.1.1 - 2015-02-25
- Add CHANGES.rst [drybjed_]
- Role will now correctly remove user accounts when requested. You can also optionally remove user's home directory. [drybjed_]
- You can optionally disable home creation and set account expiration date. [drybjed_]
- First release. [drybjed_]