#1 Work out sftp role

9a468a62 · jurgenhaas · 890a1688 · 9a468a62 · 9a468a62 · 9a468a62
Commit 9a468a62 authored 9 years ago by jurgenhaas
--- a/defaults/main.yml
+++ b/defaults/main.yml
+sftp_user: []
+sftp_devpath: false
--- a/meta/main.yml
+++ b/meta/main.yml
+---
+dependencies:
+  - { role: common }
--- a/tasks/main.yml
+++ b/tasks/main.yml
-    - name: "Ensure Group"
+---
-      group: name=sftp state=present
+# file: roles/sftp/tasks/main.yml
-    - name: "Create User"
-      user: name={{username}} group=sftp home=/home/{{username}} shell=/bin/false
+- name: "SFTP | Ensure Group"
-    - name: "Install Certificate"
+  group:
-      authorized_key: user={{username}} key="{{lookup('file', certificate)}}"
+    name=sftp
-    - name: "Ensure SFTP Directory"
+    state=present
-      file: dest=/var/sftp owner=root group=root state=directory mode=755
-    - name: "Create Data Directory"
+- name: "SFTP | Ensure SFTP Directory"
-      file: dest=/var/sftp/data owner=root group=sftp state=directory mode=775
+  file:
-    - name: "Create Mount Point"
+    dest=/var/sftp
-      mount: fstype=none opts=bind name=/var/sftp/data/dev src={{devpath}} state=mounted
+    owner=root
-    - name: "Set ownership"
+    group=root
-      command: chown -R root:sftp {{devpath}}
+    state=directory
-    - name: "Set permissions"
+    mode=755
-      command: chmod -R g+w {{devpath}}
-    - name: "Collect SVN Directories"
+- name: "SFTP | Create User"
-      command: find {{devpath}} -type d -name .svn
+  user:
-      register: svnpaths
+    name={{ item.username }}
-    - name: "Set ownership on SVN Directories"
+    group=sftp
-      command: chown -R root:root {{item}}
+    home=/home/{{ item.username }}
-      with_items: svnpaths.stdout_lines
+    shell=/bin/false
+  with_items: sftp_user
+- name: "SFTP | Install Key"
+  authorized_key:
+    user={{ item.username }}
+    key={{ item.key }}
+  with_items: sftp_user
+- name: "SFTP | Create Data Directory"
+  file:
+    dest=/var/sftp/data
+    owner=root
+    group=sftp
+    state=directory
+    mode=775
+- include: mount.yml
+  when: sftp_devpath
--- a/tasks/mount.yml
+++ b/tasks/mount.yml
+---
+# file: roles/sftp/tasks/mount.yml
+- name: "SFTP | Create Mount Point"
+  mount:
+    fstype=none
+    opts=bind
+    name=/var/sftp/data/dev
+    src={{ sftp_devpath }}
+    state=mounted
+- name: "SFTP | Set ownership"
+  command: chown -R root:sftp {{ sftp_devpath }}
+- name: "SFTP | Set permissions"
+  command: chmod -R g+w {{ sftp_devpath }}
+- name: "SFTP | Collect SVN Directories"
+  command: find {{ sftp_devpath }} -type d -name .svn
+  register: svnpaths
+- name: "SFTP | Set ownership on SVN Directories"
+  command: chown -R root:root {{ item }}
+  with_items: svnpaths.stdout_lines