From: nicoo Date: Wed, 16 May 2018 19:36:44 +0000 (+0200) Subject: roles/openwrt-image: Support creating users/groups X-Git-Url: https://git.realraum.at/?a=commitdiff_plain;h=a1020efad422807a245a3c6d27a81afd7e870103;p=noc.git roles/openwrt-image: Support creating users/groups --- diff --git a/ansible/roles/openwrt-image/group.j2 b/ansible/roles/openwrt-image/group.j2 new file mode 100644 index 0000000..850e5da --- /dev/null +++ b/ansible/roles/openwrt-image/group.j2 @@ -0,0 +1,19 @@ +{{ ansible_managed | comment }} +root:x:0: +daemon:x:1: +adm:x:4: +mail:x:8: +audio:x:29: +www-data:x:33: +ftp:x:55: +users:x:100: +network:x:101: +{% for name, opt in openwrt_users.items() %} +{% if 'group_id' not in opt %} +{{ name }}:x:{{ opt.id | default(loop.index + 110) }}: +{% endif %} +{% endfor %} +{% for name, opt in openwrt_groups.items() %} +{{ name }}:x:{{ opt.id | default(loop.index + 200) }}: +{% endfor %} +nogroup:x:65534: diff --git a/ansible/roles/openwrt-image/passwd.j2 b/ansible/roles/openwrt-image/passwd.j2 new file mode 100644 index 0000000..5a24840 --- /dev/null +++ b/ansible/roles/openwrt-image/passwd.j2 @@ -0,0 +1,9 @@ +{{ ansible_managed | comment }} +root:x:0:0:root:/root:/bin/ash +daemon:*:1:1:daemon:/var:/bin/false +ftp:*:55:55:ftp:/home/ftp:/bin/false +network:*:101:101:network:/var:/bin/false +{% for user in openwrt_users %} +{{ user.name }}:*:{{ user.id | default(loop.index + 110) }}:{{ user.gid | default(loop.index + 110) }}:{{ user.name }}:{{ user.home | default('/nonexistent') }}:{{ user.shell | default('/bin/false') }} +{% endfor %} +nobody:*:65534:65534:nobody:/var:/bin/false diff --git a/ansible/roles/openwrt-image/tasks/prepare.yml b/ansible/roles/openwrt-image/tasks/prepare.yml index 4fcf8c1..34ef456 100644 --- a/ansible/roles/openwrt-image/tasks/prepare.yml +++ b/ansible/roles/openwrt-image/tasks/prepare.yml @@ -58,6 +58,21 @@ loop_control: label: "{{ item.key }}" +- name: Create /etc/passwd + template: + src: passwd.j2 + dest: "{{ openwrt_imgbuilder_files }}/etc/passwd" + mode: 0644 + trim_blocks: yes + when: openwrt_users is defined + +- name: Create /etc/group + template: + src: group.j2 + dest: "{{ openwrt_imgbuilder_files }}/etc/group" + mode: 0644 + trim_blocks: yes + when: openwrt_groups or openwrt_users is defined ### TODO: this just hangs? # - unarchive: diff --git a/ansible/tuer.yml b/ansible/tuer.yml index 1a1e52e..004804d 100644 --- a/ansible/tuer.yml +++ b/ansible/tuer.yml @@ -119,3 +119,11 @@ src: none fstype: tmpfs opts: nosuid,nodev,noexec,noatime + + openwrt_users: + tuerd: {} + tuergit: + home: /var/tuer + shell: /usr/bin/git-shell + tuerctl: + shell: /bin/false # TODO fixme