From 9a468a62ec70c15d81dcd72fb452a64cf0193dc7 Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Tue, 28 Jul 2015 19:17:48 +0200
Subject: [PATCH] #1 Work out sftp role

---
 defaults/main.yml |  2 ++
 meta/main.yml     |  4 +++
 tasks/main.yml    | 62 ++++++++++++++++++++++++++++++-----------------
 tasks/mount.yml   | 24 ++++++++++++++++++
 4 files changed, 70 insertions(+), 22 deletions(-)
 create mode 100644 defaults/main.yml
 create mode 100644 meta/main.yml
 create mode 100644 tasks/mount.yml

diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..c9fc1b2
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,2 @@
+sftp_user: []
+sftp_devpath: false
diff --git a/meta/main.yml b/meta/main.yml
new file mode 100644
index 0000000..4eb972f
--- /dev/null
+++ b/meta/main.yml
@@ -0,0 +1,4 @@
+---
+
+dependencies:
+  - { role: common }
diff --git a/tasks/main.yml b/tasks/main.yml
index 7fc47c0..eaed88f 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,22 +1,40 @@
-    - name: "Ensure Group"
-      group: name=sftp state=present
-    - name: "Create User"
-      user: name={{username}} group=sftp home=/home/{{username}} shell=/bin/false
-    - name: "Install Certificate"
-      authorized_key: user={{username}} key="{{lookup('file', certificate)}}"
-    - name: "Ensure SFTP Directory"
-      file: dest=/var/sftp owner=root group=root state=directory mode=755
-    - name: "Create Data Directory"
-      file: dest=/var/sftp/data owner=root group=sftp state=directory mode=775
-    - name: "Create Mount Point"
-      mount: fstype=none opts=bind name=/var/sftp/data/dev src={{devpath}} state=mounted
-    - name: "Set ownership"
-      command: chown -R root:sftp {{devpath}}
-    - name: "Set permissions"
-      command: chmod -R g+w {{devpath}}
-    - name: "Collect SVN Directories"
-      command: find {{devpath}} -type d -name .svn
-      register: svnpaths
-    - name: "Set ownership on SVN Directories"
-      command: chown -R root:root {{item}}
-      with_items: svnpaths.stdout_lines
+---
+# file: roles/sftp/tasks/main.yml
+
+- name: "SFTP | Ensure Group"
+  group:
+    name=sftp
+    state=present
+
+- name: "SFTP | Ensure SFTP Directory"
+  file:
+    dest=/var/sftp
+    owner=root
+    group=root
+    state=directory
+    mode=755
+
+- name: "SFTP | Create User"
+  user:
+    name={{ item.username }}
+    group=sftp
+    home=/home/{{ item.username }}
+    shell=/bin/false
+  with_items: sftp_user
+
+- name: "SFTP | Install Key"
+  authorized_key:
+    user={{ item.username }}
+    key={{ item.key }}
+  with_items: sftp_user
+
+- name: "SFTP | Create Data Directory"
+  file:
+    dest=/var/sftp/data
+    owner=root
+    group=sftp
+    state=directory
+    mode=775
+
+- include: mount.yml
+  when: sftp_devpath
diff --git a/tasks/mount.yml b/tasks/mount.yml
new file mode 100644
index 0000000..7a01c31
--- /dev/null
+++ b/tasks/mount.yml
@@ -0,0 +1,24 @@
+---
+# file: roles/sftp/tasks/mount.yml
+
+- name: "SFTP | Create Mount Point"
+  mount:
+    fstype=none
+    opts=bind
+    name=/var/sftp/data/dev
+    src={{ sftp_devpath }}
+    state=mounted
+
+- name: "SFTP | Set ownership"
+  command: chown -R root:sftp {{ sftp_devpath }}
+
+- name: "SFTP | Set permissions"
+  command: chmod -R g+w {{ sftp_devpath }}
+
+- name: "SFTP | Collect SVN Directories"
+  command: find {{ sftp_devpath }} -type d -name .svn
+  register: svnpaths
+
+- name: "SFTP | Set ownership on SVN Directories"
+  command: chown -R root:root {{ item }}
+  with_items: svnpaths.stdout_lines
-- 
GitLab