--- /dev/null
+- name: Ajout de l'utilisateur site_SIGLE_SITE
+ ansible.builtin.user:
+ name: "site_{{ SIGLE }}_{{ SITE }}"
+ home: "/home/sites/log/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}"
+ shell: /bin/false
+ groups: www-data
+ system: true
+ append: true
+ create_home: false
+ password: '!'
+
+- name: Boucle d'ajout d'user dans le groupe site_SIGLE_SITE
+ ansible.builtin.user:
+ name: "{{ item }}"
+ groups: "site_{{ SIGLE }}_{{ SITE }}"
+ append: true
+ loop:
+ - 'www-data'
+ - 'backup' # pour borgmatic
+
+- name: Boucle création ou modifications des répertoires home du site
+ ansible.builtin.file:
+ path: "{{ item.path }}"
+ state: "{{ item.state }}"
+ owner: "{{ item.owner }}"
+ group: "{{ item.group }}"
+ mode: "{{ item.mode }}"
+ loop_control:
+ label: "{{ item.path }}"
+ loop:
+ - path: "/home/sites/data/{{ TLD }}"
+ state: directory
+ owner: 'root'
+ group: 'www-data'
+ mode: '3751'
+ - path: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}"
+ state: directory
+ owner: 'root'
+ group: 'www-data'
+ mode: '2751'
+ - path: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}"
+ state: directory
+ owner: 'root'
+ group: "site_{{ SIGLE }}_{{ SITE }}"
+ mode: '2750'
dépôts / lhc / ansible.git / blobdiff