{"id":15140803,"url":"https://github.com/robertdebock/ansible-role-users","last_synced_at":"2025-04-09T14:14:05.655Z","repository":{"id":38746825,"uuid":"146475559","full_name":"robertdebock/ansible-role-users","owner":"robertdebock","description":"The purpose of this role is to add users and groups on your system.","archived":false,"fork":false,"pushed_at":"2025-03-06T16:27:30.000Z","size":359,"stargazers_count":42,"open_issues_count":5,"forks_count":26,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-04-02T12:13:19.913Z","etag":null,"topics":["ansible","molecule","playbook","server","sudo","system","tox","users"],"latest_commit_sha":null,"homepage":"https://robertdebock.nl/","language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/robertdebock.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"robertdebock"}},"created_at":"2018-08-28T16:26:14.000Z","updated_at":"2025-03-06T16:11:31.000Z","dependencies_parsed_at":"2023-02-15T08:01:41.104Z","dependency_job_id":"5769c932-0a87-47ca-a0f9-7c233d2fdb92","html_url":"https://github.com/robertdebock/ansible-role-users","commit_stats":{"total_commits":458,"total_committers":13,"mean_commits":35.23076923076923,"dds":"0.20305676855895194","last_synced_commit":"8265fa9fe297a1600dfbd567c721e55dca53a1d6"},"previous_names":[],"tags_count":87,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robertdebock%2Fansible-role-users","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robertdebock%2Fansible-role-users/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robertdebock%2Fansible-role-users/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robertdebock%2Fansible-role-users/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/robertdebock","download_url":"https://codeload.github.com/robertdebock/ansible-role-users/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248054193,"owners_count":21039952,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","molecule","playbook","server","sudo","system","tox","users"],"created_at":"2024-09-26T08:41:26.288Z","updated_at":"2025-04-09T14:14:05.633Z","avatar_url":"https://github.com/robertdebock.png","language":"Jinja","funding_links":["https://github.com/sponsors/robertdebock"],"categories":[],"sub_categories":[],"readme":"# [Ansible role users](#users)\n\nThe purpose of this role is to add users and groups on your system.\n\n|GitHub|GitLab|Downloads|Version|\n|------|------|---------|-------|\n|[![github](https://github.com/robertdebock/ansible-role-users/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-users/actions)|[![gitlab](https://gitlab.com/robertdebock-iac/ansible-role-users/badges/master/pipeline.svg)](https://gitlab.com/robertdebock-iac/ansible-role-users)|[![downloads](https://img.shields.io/ansible/role/d/robertdebock/users)](https://galaxy.ansible.com/robertdebock/users)|[![Version](https://img.shields.io/github/release/robertdebock/ansible-role-users.svg)](https://github.com/robertdebock/ansible-role-users/releases/)|\n\n## [Example Playbook](#example-playbook)\n\nThis example is taken from [`molecule/default/converge.yml`](https://github.com/robertdebock/ansible-role-users/blob/master/molecule/default/converge.yml) and is tested on each push, pull request and release.\n\n```yaml\n---\n- name: Converge\n  hosts: all\n  become: true\n  gather_facts: true\n\n  roles:\n    - role: robertdebock.users\n      # You can create groups:\n      users_groups:\n        - name: robertdb\n          gid: 1024\n        - name: users\n          # You can also remove groups.\n        - name: notgroup\n          state: absent\n          # A system group is also possible.\n        - name: systemgroup\n          system: true\n          # A group with sudo options.\n        - name: mywheel\n          sudo_options: \"ALL=(ALL) NOPASSWD: ALL\"\n\n      # You can create users.\n      users:\n        - name: root\n          cron_allow: true\n          # You can remove authorized keys.\n          unauthorized_keys:\n            - \"ssh-rsa XYZYX54321\"\n        - name: robertdb\n          comment: Robert de Bock\n          uid: 1024\n          # The `group` and `groups` listed here should exist.\n          group: robertdb\n          # groups: A list of groups\n          # groups:\n          #   - users\n          #   - wheel\n          groups:\n            - users\n          cron_allow: true\n          sudo_options: \"ALL=(ALL) NOPASSWD: ALL\"\n          # Adding an authorized key.\n          authorized_keys:\n            - \"ssh-rsa ABC123\"\n          # EPOCH timestamp when an account should expire.\n          # Typically a positive value like: `1641971487`.\n          # The value `-1` removes the expiry time.\n          expires: -1\n          password_validity_days: 9\n          # Test username with dots\n        - name: robert.d.b\n          comment: Robert de Bock with dots in username\n          uid: 1025\n          # The `group` and `groups` listed here should exist.\n          group: robertdb\n          # groups: A list of groups\n          # groups:\n          #   - users\n          #   - wheel\n          groups:\n            - users\n          cron_allow: true\n          # Allow sudo, but require a password.\n          sudo_options: \"ALL=(ALL) ALL\"\n          # Adding an authorized key.\n          authorized_keys:\n            - \"ssh-rsa ABC123\"\n          # EPOCH timestamp when an account should expire.\n          # Typically a positive value like: `1641971487`.\n          # The value `-1` removes the expiry time.\n          expires: -1\n          password_validity_days: 9\n        # Here a user is removed.\n        - name: notuser\n          state: absent\n        - name: keyuser\n          manage_ssh_key: true\n        - name: privkeyuser\n          # This user will have ssh-keys generated.\n          manage_ssh_key: true\n          copy_private_key: true\n        - name: multiplekeys\n          authorized_keys:\n            - \"ssh-rsa ABC1234\"\n            - \"ssh-rsa ABC12345\"\n        - name: passuser\n          # You can set a password. (Hashed and salted.)\n          password: \"$6$mysecretsalt$qJbapG68nyRab3gxvKWPUcs2g3t0oMHSHMnSKecYNpSi3CuZm.GbBqXO8BE6EI6P1JUefhA0qvD7b5LSh./PU1\"\n          update_password: on_create\n        - name: remotekey\n          authorized_keys:\n            # You can also download a public key from a URL.\n            - \"https://raw.githubusercontent.com/shaanr/smdb/master/file.pub\"\n        - name: systemuser\n          system: true\n        - name: multisudo\n          # An account that can run just a few commands without a password.\n          sudo_options:\n            - \"ALL= NOPASSWD: /usr/bin/systemctl restart httpd\"\n            - \"ALL= NOPASSWD: /usr/bin/systemctl start httpd\"\n            - \"ALL= NOPASSWD: /usr/bin/systemctl stop httpd\"\n        - name: myprivkeyuser\n          private_keys:\n            - name: id_rsa\n              content: |\n                -----BEGIN OPENSSH PRIVATE KEY-----\n                b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn\n                NhAAAAAwEAAQAAAYEA4CaHuEpYaSJOwVBU2vW+KVebLv33hGcRqGJrzHCcwlLAf4u+Eigm\n                mtqD5qosHONAs07G3QyrViR1jTWrJh/1ShTyZ/Fv7AUM/4fFyWYEmt2Rd+ZprojzZ1HUe4\n                Hlp4GV9cC28Ic7g1pglt4a4xHjhlt+J63xz+hOHbPWNfeB0Fl6+s7LB/JHbsti0qullhaf\n                L2PYyH21FrCLVouOyQpHpAAjCGC264Dvke/LSReE7z7CrFc7pBZAd9McFIEVXNJPVRWOjZ\n                IePXnDLclIYceqDJV1elP6bCb8l9m3K4k/pbHjVgjIRCLXsD+yCgPvnfUBRaK7IWZWqSc0\n                EDJAt7+THeksVf4kamxzZlnWfmsJ323gvktlMjBhSfKdB6YXmD8MQGOPqATAbwed/1ZDAX\n                L90GyzYNBwx+jUxCOOItGEMwXQEImaVO6nfiG5Zgn6MwjP2gQ3lDVZgjhaXJM6B3PZQU4t\n                MLDl8jZeCmjbltppKQ6OJx8QwImrSWcXr+lFKh7FAAAFoP+Ytw7/mLcOAAAAB3NzaC1yc2\n                EAAAGBAOAmh7hKWGkiTsFQVNr1vilXmy7994RnEahia8xwnMJSwH+LvhIoJprag+aqLBzj\n                QLNOxt0Mq1YkdY01qyYf9UoU8mfxb+wFDP+HxclmBJrdkXfmaa6I82dR1HuB5aeBlfXAtv\n                CHO4NaYJbeGuMR44Zbfiet8c/oTh2z1jX3gdBZevrOywfyR27LYtKrpZYWny9j2Mh9tRaw\n                i1aLjskKR6QAIwhgtuuA75Hvy0kXhO8+wqxXO6QWQHfTHBSBFVzST1UVjo2SHj15wy3JSG\n                HHqgyVdXpT+mwm/JfZtyuJP6Wx41YIyEQi17A/sgoD7531AUWiuyFmVqknNBAyQLe/kx3p\n                LFX+JGpsc2ZZ1n5rCd9t4L5LZTIwYUnynQemF5g/DEBjj6gEwG8Hnf9WQwFy/dBss2DQcM\n                fo1MQjjiLRhDMF0BCJmlTup34huWYJ+jMIz9oEN5Q1WYI4WlyTOgdz2UFOLTCw5fI2Xgpo\n                25baaSkOjicfEMCJq0lnF6/pRSoexQAAAAMBAAEAAAGAVBC/R/PCErQGO2QoXvJZPmIX1l\n                jzcpnBOpim+0ak1BB7F5rOTzr1t5AKdgEOiEsGofkChjbRL35/A9XD+Yl00jLm8urO4gLG\n                7DL8j9sOERLWEtS8f/Pm7bH38dY2zkrAdimvsqfVPx8vKIXmKZE09tfriXAoR6RFX8hpp1\n                XLPtvATr4t0S4hckEfMAmmEZMsYnadABx9RSQzLeMrSuTrF2vht6umDs8NinsXj7MdbSjp\n                k/8nZBPgW9A2MM50t5o76LNGa2UwIlAtEQRTGcSyEqMTZ9TOndiNUT9vtx1/ddq6YwH8S3\n                mF5CqLW92nOr8dE6lUwSmGgHquMKGNjjIWtJO9vdV6/m4SOo6Sxiq14w+NSlJpkGAssJlb\n                lyxbRiKK3tEpLOLQMS4i0SK++MsDgyxfBgDKCpBlfQRs3/RJzWO82abTMuyJj3XkN3DkiN\n                fppX4S7nVjtYV1TD4e5kMHgfKHHckvMgwzxrtyLB1r7D+qDcH3D7wUWJS4cs3ECuCFAAAA\n                wC+Hw6tg38zIFBF4h2nqbYRy7ifGUT3Wo0I5V6rJtEwSMXx71ZocLH/synywdITu8koZD7\n                JIYze4Zey9kdsgc8ZKTwSAsZoYqx8YKaICM61yQ9JaoyA9oFIFtaJ/+XLjAgoYr4VN3/T3\n                Jv57DjEzl5FAAuWGkmSWDEEJiE1BcBH+QuodWIhdZrUdbbb26XjVBea3N2THckkavjj4eD\n                m0tzzDO0VeTxM0bB+gG/bi07I8vs1EcDCAism29PdSEL6D8AAAAMEA+7N2Q9DK9MihH0+J\n                TYcaucrPN6U09FKjo/2wbitO2/IbTsmHcilJUcCdXDMFPg6bSPl1MRzxBKnkfZO8xW9NRq\n                lg4NL6SwaBj3stV/WqQpdCzrvu9mMPbu6dY6O8qvbv6GKknBlYiLjbeW+Ov43GYWKC3QNU\n                w7d7Yx2wEfMmVACp4vsjhxgI6KEKAG6dlf25CbTvxRWYcaprrmMn0h9m8UOCRNPdPyOQ/t\n                aIjGBEPHzOf/dxGCZXGQEKk9ABMsDXAAAAwQDj+psz4GORg10kHVxRwdkKRIUBTZSk8nzo\n                ml45KYDkTnLtRxJvh8jy0/NLGU0xFEew3+MfZIMGOcU7cezXtLhMkEVtKCgCXq2kqMHzta\n                rLGVWU0xcXVygKQmUva3kdscEHO1voRIzn1dZPOZQMIZoQysdOF0mUflbVVSE1why8lMkM\n                wwWPYUZK7yTOYnZ08HusE9M0A77Th2SzTCDz2Vlw4YwJU0+4PD7i2wEGNgbzt/WnAj6kOG\n                ql74i8K7EiPcMAAAAlcm9iZXJ0ZGJATWFjQm9vay1Qcm8tdmFuLVJvYmVydC5sb2NhbAEC\n                AwQFBg==\n                -----END OPENSSH PRIVATE KEY-----\n```\n\nThe machine needs to be prepared. In CI this is done using [`molecule/default/prepare.yml`](https://github.com/robertdebock/ansible-role-users/blob/master/molecule/default/prepare.yml):\n\n```yaml\n---\n- name: Prepare\n  hosts: all\n  become: true\n  gather_facts: false\n\n  roles:\n    - role: robertdebock.bootstrap\n    - role: robertdebock.core_dependencies\n\n  tasks:\n    - name: Set authorized keys for root\n      ansible.posix.authorized_key:\n        user: root\n        state: present\n        key: \"ssh-rsa XYZYX54321\"\n```\n\nAlso see a [full explanation and example](https://robertdebock.nl/how-to-use-these-roles.html) on how to use these roles.\n\n## [Role Variables](#role-variables)\n\nThe default values for the variables are set in [`defaults/main.yml`](https://github.com/robertdebock/ansible-role-users/blob/master/defaults/main.yml):\n\n```yaml\n---\n# defaults file for users\n\n# The location to store ssh keys for user\nusers_ssh_key_directory: ssh_keys\n\n# The default shell if not overwritten.\nusers_shell: /bin/bash\n\n# manage cron permissions via /etc/cron.allow\nusers_cron_allow: true\n\n# should homedirectories be created?\nusers_create_home: true\n```\n\n## [Requirements](#requirements)\n\n- pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-users/blob/master/requirements.txt).\n\n## [State of used roles](#state-of-used-roles)\n\nThe following roles are used to prepare a system. You can prepare your system in another way.\n\n| Requirement | GitHub | GitLab |\n|-------------|--------|--------|\n|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab](https://gitlab.com/robertdebock-iac/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock-iac/ansible-role-bootstrap)|\n|[robertdebock.core_dependencies](https://galaxy.ansible.com/robertdebock/core_dependencies)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-core_dependencies/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-core_dependencies/actions)|[![Build Status GitLab](https://gitlab.com/robertdebock-iac/ansible-role-core_dependencies/badges/master/pipeline.svg)](https://gitlab.com/robertdebock-iac/ansible-role-core_dependencies)|\n\n## [Context](#context)\n\nThis role is a part of many compatible roles. Have a look at [the documentation of these roles](https://robertdebock.nl/) for further information.\n\nHere is an overview of related roles:\n![dependencies](https://raw.githubusercontent.com/robertdebock/ansible-role-users/png/requirements.png \"Dependencies\")\n\n## [Compatibility](#compatibility)\n\nThis role has been tested on these [container images](https://hub.docker.com/u/robertdebock):\n\n|container|tags|\n|---------|----|\n|[Alpine](https://hub.docker.com/r/robertdebock/alpine)|all|\n|[Amazon](https://hub.docker.com/r/robertdebock/amazonlinux)|Candidate|\n|[EL](https://hub.docker.com/r/robertdebock/enterpriselinux)|9|\n|[Debian](https://hub.docker.com/r/robertdebock/debian)|all|\n|[Fedora](https://hub.docker.com/r/robertdebock/fedora)|39, 40|\n|[Ubuntu](https://hub.docker.com/r/robertdebock/ubuntu)|all|\n\nThe minimum version of Ansible required is 2.12, tests have been done to:\n\n- The previous version.\n- The current version.\n- The development version.\n\nIf you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-users/issues).\n\n## [License](#license)\n\n[Apache-2.0](https://github.com/robertdebock/ansible-role-users/blob/master/LICENSE).\n\n## [Author Information](#author-information)\n\n[robertdebock](https://robertdebock.nl/)\n\nPlease consider [sponsoring me](https://github.com/sponsors/robertdebock).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frobertdebock%2Fansible-role-users","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frobertdebock%2Fansible-role-users","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frobertdebock%2Fansible-role-users/lists"}