fix group and user handling

2019-08-21 09:54:57 +02:00 · 2019-08-21 09:54:57 +02:00 · 2059c109d0
commit 2059c109d0
parent 7399845dbb
4 changed files with 23 additions and 10 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -13,8 +13,9 @@ cups_selinux_fcontext: []
 #   - -R /opt/brother
 cups_selinux_restorecon: []
-cups_admin_username: cupsadm
+cups_admin_group: printadmin
-cups_admin_password: secure
+cups_admin_users:
  - { name: 'cupsadm', password: 'secure' }
 cups_bind_url:
  - localhost:631
@ -25,8 +26,8 @@ cups_log_level: warn
 cups_server_admin: admin@example.com
 cups_remote_admin_enabled: False
 cups_system_groups:
  - sys
  - root
  - "{{ cups_admin_group }}"
 cups_iptables_enabled: False
 cups_open_ports:
--- a/tasks/install.yml
+++ b/tasks/install.yml
@ -22,13 +22,6 @@
        - etc/cups/cups-files.conf
      notify: __cupsd_restart
    - name: Create user '{{ cups_admin_username }}'
      user:
        comment: Cups Admin
        name: "{{ cups_admin_username }}"
        password: "{{ cups_admin_password | password_hash('sha512', inventory_hostname) }}"
        groups: printadmin
    - name: Update pamd rule's control in /etc/pam.d/cups
      pamd:
        name: cups
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,4 +1,5 @@
 ---
 - include_tasks: prepare.yml
 - include_tasks: install.yml
 - include_tasks: selinux.yml
  when: ansible_selinux.status == "enabled"
--- a/tasks/prepare.yml
+++ b/tasks/prepare.yml
@ -0,0 +1,18 @@
 ---
 - block:
    - name: Create system groups
      group:
        name: "{{ item }}"
        state: present
      loop: "{{ cups_system_groups }}"
    - name: Create cups admin users
      user:
        comment: Cups Admin
        name: "{{ item.name }}"
        password: "{{ item.password | password_hash('sha512', inventory_hostname) }}"
        groups: "{{ cups_admin_group }}"
        state: present
      loop: "{{ cups_admin_users }}"
  become: True
  become_user: root