DO1JLR · DO1JLR · Apr 10, 2024 · Apr 10, 2024
diff --git a/.gitmodules b/.gitmodules
@@ -71,3 +71,6 @@
 [submodule "collections/ansible_collections/l3d/time"]
 	path = collections/ansible_collections/l3d/time
 	url = https://github.com/roles-ansible/ansible_collection_time.git
+[submodule "collections/ansible_collections/l3d/users"]
+	path = collections/ansible_collections/l3d/users
+	url = https://github.com/roles-ansible/ansible_collection_users.git
diff --git a/collections/ansible_collections/community/general b/collections/ansible_collections/community/general
diff --git a/collections/ansible_collections/l3d/avahi b/collections/ansible_collections/l3d/avahi
diff --git a/collections/ansible_collections/l3d/time b/collections/ansible_collections/l3d/time
diff --git a/collections/ansible_collections/l3d/users b/collections/ansible_collections/l3d/users
diff --git a/group_vars/all.yml b/group_vars/all.yml
@@ -1,9 +1,27 @@
 ---
 #
-# roles/dotfiles
+# l3d.users
+# l3d.users.user
+# -> define users
+l3d_users__default_users:
+ - name: 'l3d'
+   state: 'present'
+   shell: '/bin/bash'
+   create_home: true
+   pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
+   exklusive_pubkeys: true
+   admin: true
+   admin_commands: 'ALL'
+   admin_nopassword: false
+   admin_ansible_login: true
+ - name: 'alice'
+   state: 'absent'
+
 #
-# enable keychain as ssh agent
-dotfiles__additional_user_bashrc_lines:
+# l3d.users
+# l3d.users.user
+# -> enable keychain as ssh agent
+l3d_users__dotfiles__additional_user_bashrc_lines:
  - '[[ $- == *i* ]] && eval $(keychain --eval --quiet id_ed25519)'
  - '_gopass_bash_autocomplete() {'
  - '   local cur opts base'

diff --git a/group_vars/work.yml b/group_vars/work.yml
@@ -0,0 +1,15 @@
+---
+#
+# l3d.users
+# l3d.users.user
+l3d_users__local_users:
+  - name: 'lilian'
+    state: 'present'
+    shell: '/bin/bash'
+    create_home: true
+    pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}"
+    exklusive_pubkeys: true
+    admin: true
+    admin_commands: 'ALL'
+    admin_nopassword: false
+    admin_ansible_login: true
diff --git a/roles/akku-warning b/roles/akku-warning
diff --git a/roles/amdgpu_firmware b/roles/amdgpu_firmware
diff --git a/roles/do1jlr.htop b/roles/do1jlr.htop
diff --git a/roles/do1jlr.i3wm b/roles/do1jlr.i3wm
diff --git a/roles/dotfiles b/roles/dotfiles
diff --git a/roles/gantsign.bat b/roles/gantsign.bat
diff --git a/roles/l3d.etesync_dav b/roles/l3d.etesync_dav
diff --git a/roles/l3d.gopass b/roles/l3d.gopass
diff --git a/roles/l3d.ntp b/roles/l3d.ntp
diff --git a/roles/l3d.packages b/roles/l3d.packages
diff --git a/roles/no-sleep b/roles/no-sleep
diff --git a/site.yml b/site.yml
@@ -4,6 +4,14 @@
   roles:
     - {role: ansible_version, tags: always}
 
+- name: Generic Workstation Preperation
+  hosts: all
+  roles:
+    - {role: l3d.users.user, tags: user}
+    - {role: l3d.users.admin, tags: admin}
+    - {role: l3d.users.sshd, tags: sshd}
+    - {role: l3d.users.dotfiles, tags: dotfiles}
+
 - name: Generic Workstation Preperation
   hosts: all
   roles:
@@ -21,10 +29,6 @@
 # - name: user specific setup
 #   hosts: private
 #   roles:
-#     - {role: dotfiles, tags: [default, dotfiles, fancy]}
-#     - {role: manage_users, tags: [ssh, manage, manage_users]}
-#     - {role: authorized_keys, tags: [ssh, auth, authorized_keys]}
-#     - {role: sshd, tags: [ssh, sshd]}
 #     - {role: akku-warning, tags: [akku, akku_warning, akku-warning]}
 #     - {role: no-sleep, tags: no_sleep}