{"id":48229631,"url":"https://github.com/route1337/ansible-role-linuxusers","last_synced_at":"2026-04-04T19:29:38.638Z","repository":{"id":37889651,"uuid":"245937980","full_name":"route1337/ansible-role-linuxusers","owner":"route1337","description":"Extremely basic user account management for Ubuntu and CentOS servers","archived":false,"fork":false,"pushed_at":"2024-07-14T01:53:56.000Z","size":60,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-09T06:51:29.875Z","etag":null,"topics":["ansible","ansible-role","centos","ubuntu"],"latest_commit_sha":null,"homepage":"https://galaxy.ansible.com/route1337/linux_users","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/route1337.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null},"funding":{"github":"route1337"}},"created_at":"2020-03-09T03:44:45.000Z","updated_at":"2024-07-14T01:53:16.000Z","dependencies_parsed_at":"2022-08-27T22:31:14.533Z","dependency_job_id":null,"html_url":"https://github.com/route1337/ansible-role-linuxusers","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":"route1337/TEMPLATE-ansible-repo","purl":"pkg:github/route1337/ansible-role-linuxusers","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/route1337%2Fansible-role-linuxusers","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/route1337%2Fansible-role-linuxusers/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/route1337%2Fansible-role-linuxusers/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/route1337%2Fansible-role-linuxusers/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/route1337","download_url":"https://codeload.github.com/route1337/ansible-role-linuxusers/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/route1337%2Fansible-role-linuxusers/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31410704,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-04T10:20:44.708Z","status":"ssl_error","status_checked_at":"2026-04-04T10:20:06.846Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-role","centos","ubuntu"],"created_at":"2026-04-04T19:29:38.038Z","updated_at":"2026-04-04T19:29:38.624Z","avatar_url":"https://github.com/route1337.png","language":"Ruby","funding_links":["https://github.com/sponsors/route1337"],"categories":[],"sub_categories":[],"readme":"Ansible Role - Linux Users\n==========================\nThis repo contains the Linux Users (linux_users) Ansible role.\n\nWhat this role does\n-------------------\nThis Ansible role will create, update, and delete Linux users along with their SSH keys using the inventory.\n\nChanges performed:\n\n1. Create management groups for the users\n    1. Create a `sysadmins` group for password-less sudo users\n    2. Create a `sysusers` group for non-sudo users\n    3. Create a `svcaccounts` group for password-less sudo for service accounts\n2. Manage root user\n    1. Manage root's password and SSH keys\n3. Manage non-root users\n    1. Create, Update, Delete user accounts\n    2. Create, Update, Delete user home directories\n    3. Manage user SSH keys \n    4. Manage user group membership (It's expected to use one of the above groups)\n\nCaveats\n-------\nThere are a few caveats to this role to be aware of:\n\n1. root's password should be pre-encrypted\n2. Using multiple SSH keys can be done in one of two ways due to the use of `exclusive: yes`:\n    1. a single string with newline characters between keys\n    2. Pointing to a GitHub keys URL\n3. All non-root users will not have a password set as sudo will be password-less and they aren't expected to have local\nlogin privileges\n4. Users with a home directory in `/home/` that aren't defined in `linux_users.users` will be deleted\n    1. This is not the best way to manage unapproved users, and is intended to be improved upon in the future\n\nVariables\n---------\nThe following variables are required:\n\n1. `linux_users.root_password` - The pre-encrypted password for root\n\nThe following variables are optional:\n\n1. `linux_users.root_key` - The SSH key(s) used by root. If left undefined then root's authorized_keys file is deleted\n2. `linux_users.users` - User objects with the following variables. If left undefined then users are not managed\n    ```\n    users:\n      - username: pgibbons\n        key: \"ssh-rsa BLAH BLAH BLAH\"\n        comment: Peter Gibbons\n        group: sysadmins\n      - username: mbolton\n        key: https://github.com/notthatmichaelbolton.keys\n        comment: Michael Bolton\n        group: sysusers\n      - username: svc-ghactions\n        key: ssh-rsa BLAH BLAH BLAH\\nssh-rsa BLEH BLEH BLEH\"\n        comment: ServiceAccount-GitHub Actions\n        group: svcaccounts\n    ```\n\nThe following variables should only be used in testing:\n\n1. `is_kitchen` - If this variable is defined the role(s) in `tests/roles` create sample users for testing unapproved user\ndeletion against. Additionally the `user_cleanup.yml` play will exempt the `vagrant` user from deletion \n\nTesting\n-------\nThis role is fully tested via Test Kitchen using sample inventory data contained in this repo.  \n[TESTING.md](TESTING.md) contains details and instructions for testing. \n\nDonate To Support This Ansible Role\n-----------------------------------\nRoute 1337 LLC's open source code heavily relies on donations. If you find this Ansible role useful, please consider using the GitHub Sponsors button to show your continued support.\n\nThank you for your support!\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Froute1337%2Fansible-role-linuxusers","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Froute1337%2Fansible-role-linuxusers","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Froute1337%2Fansible-role-linuxusers/lists"}