add tasks to setup system roles and acls

This commit is contained in:
Robert Kaussow 2018-11-20 23:33:24 +01:00
parent 5b439922f8
commit d43e99a7f3
4 changed files with 36 additions and 0 deletions

View File

@ -7,3 +7,18 @@ ucs_tls_certs_dir: /etc/pki/tls/certs
ucs_tls_key_dir: /etc/pki/tls/private
ucs_tls_cert_path: /etc/pki/tls/certs/mycert.pem
ucs_tls_key_path: /etc/pki/tls/private/mykey.pem
# ucs_filesystem_acl:
# - path: /shares/mydocuments # needs to be set
# entity: john # needs to be set
# etype: user # needs to be set
# permissions: rw # needs to be set
# state: # defaults to 'query'
# recursive: # defaults to 'no'
# ucs_system_groups:
# - name: fs-mydocuments-rw # needs to be set
# description: # defaults to not set
# subpath: # defaults to not set
# ou: # defaults to not set
# state: # defaults to 'present'

10
tasks/filesystem.yml Normal file
View File

@ -0,0 +1,10 @@
---
- name: Set acl for shares
acl:
path: "{{ item.path }}"
entity: "{{ item.entity }}"
etype: "{{ item.etype }}"
permissions: "{{ item.permissions }}"
state: "{{ item.state | default('query') }}"
recursive: "{{ item.recursive | default('no') }}"
with_items: "{{ ucs_filesystem_acl | default([]) }}"

View File

@ -1,3 +1,5 @@
---
- include_tasks: users_groups.yml
- include_tasks: filesystem.yml
- import_tasks: tls.yml
tags: tls_renewal

9
tasks/users_groups.yml Normal file
View File

@ -0,0 +1,9 @@
---
- name: Create system groups
udm_group:
name: "{{ item.name }}"
description: "{{ item.description | default(omit) }}"
subpath: "{{ item.subpath | default(omit) }}"
ou: "{{ item.ou | default(omit) }}"
state: "{{ item.state | default('present') }}"
with_items: "{{ ucs_system_groups | default([]) }}"