add tasks to setup system roles and acls

defaults/main.yml

@@ -7,3 +7,18 @@ ucs_tls_certs_dir: /etc/pki/tls/certs
 ucs_tls_key_dir: /etc/pki/tls/private
 ucs_tls_cert_path: /etc/pki/tls/certs/mycert.pem
 ucs_tls_key_path: /etc/pki/tls/private/mykey.pem
+
+# ucs_filesystem_acl:
+#   - path: /shares/mydocuments # needs to be set
+#     entity: john # needs to be set
+#     etype: user # needs to be set
+#     permissions: rw # needs to be set
+#     state: # defaults to 'query'
+#     recursive: # defaults to 'no'
+
+# ucs_system_groups:
+#   - name: fs-mydocuments-rw # needs to be set
+#     description: # defaults to not set
+#     subpath: # defaults to not set
+#     ou: # defaults to not set
+#     state: # defaults to 'present'

tasks/filesystem.yml

@@ -0,0 +1,10 @@
+---
+- name: Set acl for shares
+  acl:
+    path: "{{ item.path }}"
+    entity: "{{ item.entity }}"
+    etype: "{{ item.etype }}"
+    permissions: "{{ item.permissions }}"
+    state: "{{ item.state | default('query') }}"
+    recursive: "{{ item.recursive | default('no') }}"
+  with_items: "{{ ucs_filesystem_acl | default([]) }}"

tasks/main.yml

@@ -1,3 +1,5 @@
 ---
+- include_tasks: users_groups.yml
+- include_tasks: filesystem.yml
 - import_tasks: tls.yml
   tags: tls_renewal

tasks/users_groups.yml

@@ -0,0 +1,9 @@
+---
+- name: Create system groups
+  udm_group:
+    name: "{{ item.name }}"
+    description: "{{ item.description | default(omit) }}"
+    subpath: "{{ item.subpath | default(omit) }}"
+    ou: "{{ item.ou | default(omit) }}"
+    state: "{{ item.state | default('present') }}"
+  with_items: "{{ ucs_system_groups | default([]) }}"