ansible-machine-setup/roles/user-account/tasks/main.yaml

---
- name: setup user account
  user:
      name: "{{ username }}"
      password: "{{ password }}"
      create_home: yes
      state: present
      update_password: always
  register: account

- name: ensure .ssh exists
  become_user: "{{ account.name }}"
  file:
      path: "/home/{{ account.name }}/.ssh"
      state: directory
      mode: "0700"

- name: copy ssh key
  become_user: "{{ account.name }}"
  copy:
      src: "ssh/"
      dest: "/home/{{ account.name }}/.ssh/"
      mode: "0600"

- name: ensure .gnupg exists
  become_user: "{{ account.name }}"
  file:
      path: "/home/{{ account.name }}/.gnupg"
      state: directory
      mode: "0700"

- name: copy gpg keys
  become_user: "{{ account.name }}"
  copy:
      src: "gnupg/"
      dest: "/home/{{ account.name }}/.gnupg/"
      mode: "0600"

- name: set gpg-agent pinentry-program
  become_user: "{{ account.name }}"
  lineinfile:
      path: "/home/{{ account.name }}/.gnupg/gpg-agent.conf"
      regexp: "^pinentry-program "
      line: "pinentry-program /usr/bin/pinentry-gtk-2"
      mode: 0644
      create: yes

- name: set gpg-agent max-cache-ttl
  become_user: "{{ account.name }}"
  lineinfile:
      path: "/home/{{ account.name }}/.gnupg/gpg-agent.conf"
      regexp: "^max-cache-ttl "
      line: "max-cache-ttl 60480000"

- name: set gpg-agent default-cache-ttl
  become_user: "{{ account.name }}"
  lineinfile:
      path: "/home/{{ account.name }}/.gnupg/gpg-agent.conf"
      regexp: "^default-cache-ttl "
      line: "default-cache-ttl 60480000"

- name: setup xprofile
  become_user: "{{ account.name }}"
  lineinfile:
      path: "/home/{{ account.name }}/.xprofile"
      regexp: "^xsetroot "
      line: "xsetroot -solid \"#000000\""
      mode: 0644
      create: yes

- name: install user icon
  become_user: "{{ account.name }}"
  copy:
      src: face.icon
      dest: "/home/{{ account.name }}/.face.icon"
      mode: "0644"

- name: grant sddm read permission to home
  acl:
      path: "/home/{{ account.name }}/"
      entity: sddm
      etype: user
      permissions: x
      state: present

- name: grant sddm read permission user icon
  acl:
      path: "/home/{{ account.name }}/.face.icon"
      entity: sddm
      etype: user
      permissions: r
      state: present

- name: ensure i3status config-dir exists
  become_user: "{{ account.name }}"
  file:
      path: "/home/{{ account.name }}/.config/i3status"
      state: directory
      mode: "0700"

- name: install i3status config
  become_user: "{{ account.name }}"
  copy:
      src: i3status/config
      dest: "/home/{{ account.name }}/.config/i3status/config"
      mode: "0644"
Started to split tasks into roles 2020-05-31 10:17:10 +00:00			`---`
			`- name: setup user account`
			`user:`
			`name: "{{ username }}"`
			`password: "{{ password }}"`
			`create_home: yes`
			`state: present`
			`update_password: always`
			`register: account`
Copy ssh key from windows user 2020-11-11 13:39:50 +00:00
			`- name: ensure .ssh exists`
			`become_user: "{{ account.name }}"`
			`file:`
			`path: "/home/{{ account.name }}/.ssh"`
			`state: directory`
			`mode: "0700"`

			`- name: copy ssh key`
			`become_user: "{{ account.name }}"`
			`copy:`
Updated arch config 2021-01-28 13:27:05 +00:00			`src: "ssh/"`
Copy ssh key from windows user 2020-11-11 13:39:50 +00:00			`dest: "/home/{{ account.name }}/.ssh/"`
			`mode: "0600"`
Updated arch config 2021-01-28 13:27:05 +00:00
			`- name: ensure .gnupg exists`
			`become_user: "{{ account.name }}"`
			`file:`
			`path: "/home/{{ account.name }}/.gnupg"`
			`state: directory`
			`mode: "0700"`

			`- name: copy gpg keys`
			`become_user: "{{ account.name }}"`
			`copy:`
			`src: "gnupg/"`
			`dest: "/home/{{ account.name }}/.gnupg/"`
			`mode: "0600"`
Setup gpg-agent 2021-02-07 13:08:17 +00:00
			`- name: set gpg-agent pinentry-program`
			`become_user: "{{ account.name }}"`
			`lineinfile:`
			`path: "/home/{{ account.name }}/.gnupg/gpg-agent.conf"`
			`regexp: "^pinentry-program "`
			`line: "pinentry-program /usr/bin/pinentry-gtk-2"`
			`mode: 0644`
			`create: yes`

			`- name: set gpg-agent max-cache-ttl`
			`become_user: "{{ account.name }}"`
			`lineinfile:`
			`path: "/home/{{ account.name }}/.gnupg/gpg-agent.conf"`
			`regexp: "^max-cache-ttl "`
			`line: "max-cache-ttl 60480000"`

			`- name: set gpg-agent default-cache-ttl`
			`become_user: "{{ account.name }}"`
			`lineinfile:`
			`path: "/home/{{ account.name }}/.gnupg/gpg-agent.conf"`
			`regexp: "^default-cache-ttl "`
			`line: "default-cache-ttl 60480000"`

Set black background in X 2021-02-07 13:16:12 +00:00			`- name: setup xprofile`
			`become_user: "{{ account.name }}"`
			`lineinfile:`
			`path: "/home/{{ account.name }}/.xprofile"`
			`regexp: "^xsetroot "`
			`line: "xsetroot -solid \"#000000\""`
			`mode: 0644`
			`create: yes`

Added sddm face icon 2021-02-15 15:54:09 +00:00			`- name: install user icon`
			`become_user: "{{ account.name }}"`
			`copy:`
			`src: face.icon`
			`dest: "/home/{{ account.name }}/.face.icon"`
			`mode: "0644"`
Set black background in X 2021-02-07 13:16:12 +00:00
Added sddm face icon 2021-02-15 15:54:09 +00:00			`- name: grant sddm read permission to home`
			`acl:`
			`path: "/home/{{ account.name }}/"`
			`entity: sddm`
			`etype: user`
			`permissions: x`
			`state: present`

			`- name: grant sddm read permission user icon`
			`acl:`
			`path: "/home/{{ account.name }}/.face.icon"`
			`entity: sddm`
			`etype: user`
			`permissions: r`
			`state: present`
Install i3status config 2021-02-15 16:03:40 +00:00
			`- name: ensure i3status config-dir exists`
			`become_user: "{{ account.name }}"`
			`file:`
			`path: "/home/{{ account.name }}/.config/i3status"`
			`state: directory`
			`mode: "0700"`

			`- name: install i3status config`
			`become_user: "{{ account.name }}"`
			`copy:`
			`src: i3status/config`
			`dest: "/home/{{ account.name }}/.config/i3status/config"`
			`mode: "0644"`