--- - name: "ensure {{ item.name }} user exists and is configured properly" user: name: "{{ item.name }}" uid: "{{ item.uid }}" group: operator groups: "adm,sudo,{{ item.add_groups|join(',') }}" shell: "{{ item.shell }}" home: "/var/home/{{ item.name }}" createhome: yes move_home: yes append: yes state: present - name: "set ownership of {{ item.name }} home directory" file: dest: "/var/home/{{ item.name }}" state: directory owner: "{{ item.name }}" group: operator mode: 0700 - name: "create {{ item.name }} .ssh configuration directory" file: dest: "/var/home/{{ item.name }}/.ssh" state: directory owner: "{{ item.name }}" group: operator mode: 0700 - name: "write {{ item.name }} ssh authorized_keys configuration file" template: src: var/home/user/ssh/authorized_keys.j2 dest: "/var/home/{{ item.name }}/.ssh/authorized_keys" owner: "{{ item.name }}" group: operator mode: 0640 - name: "write {{ item.name }} profile configuration file" template: src: var/home/user/profile.j2 dest: "/var/home/{{ item.name }}/.profile" owner: "{{ item.name }}" group: operator mode: 0750 - name: "write {{ item.name }} bashrc configuration file" template: src: var/home/user/bashrc.j2 dest: "/var/home/{{ item.name }}/.bashrc" owner: "{{ item.name }}" group: operator mode: 0750 - name: "write {{ item.name }} bash_logout configuration file" template: src: var/home/user/bash_logout.j2 dest: "/var/home/{{ item.name }}/.bash_logout" owner: "{{ item.name }}" group: operator mode: 0750 - name: "create {{ item.name }} vim state directory" file: dest: "/var/home/{{ item.name }}/.vim" state: directory owner: "{{ item.name }}" group: operator mode: 0700 - name: "write {{ item.name }} vimrc configuration file" template: src: var/home/user/vimrc.j2 dest: "/var/home/{{ item.name }}/.vimrc" owner: "{{ item.name }}" group: operator mode: 0600