From: Andrew Schoen <aschoen@redhat.com>
Date: Wed, 6 May 2015 20:18:00 +0000 (-0500)
Subject: users: creates users with sudo access and users without.
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F23%2Fhead;p=ceph-cm-ansible.git

users: creates users with sudo access and users without.

Introduces a new list of users, managed_admin_users, which are given
sudo access.  The existing list, managed_users, are not not given sudo
access.

Signed-off-by: Andrew Schoen <aschoen@redhat.com>
---

diff --git a/roles/users/defaults/main.yml b/roles/users/defaults/main.yml
index 09aa806f..545fd5ab 100644
--- a/roles/users/defaults/main.yml
+++ b/roles/users/defaults/main.yml
@@ -8,4 +8,7 @@
 #     - name: user2
 #       key: <url to an ssh key>
 
+# not given sudo access
 managed_users: []
+# are given sudo access
+managed_admin_users: []
diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml
index 2c02f2bc..c1aa85b4 100644
--- a/roles/users/tasks/main.yml
+++ b/roles/users/tasks/main.yml
@@ -1,9 +1,17 @@
 ---
-- name: Create all users.
+- name: Create all admin users with sudo access.
   user:
     name: "{{ item.name }}"
     group: sudo
     state: present
+  with_items: managed_admin_users
+  tags:
+    - users
+
+- name: Create all users without sudo access.
+  user:
+    name: "{{ item.name }}"
+    state: present
   with_items: managed_users
   tags:
     - users
@@ -12,6 +20,6 @@
   authorized_key:
     user: "{{ item.name }}"
     key: "{{ item.key }}"
-  with_items: managed_users
+  with_items: managed_users|list + managed_admin_users|list
   tags:
     - pubkeys