66 lines
1.7 KiB
YAML
66 lines
1.7 KiB
YAML
---
|
|
- name: Ensure the desktop user exists
|
|
ansible.builtin.user:
|
|
name: "{{ xfce_user }}"
|
|
shell: "{{ xfce_user_shell }}"
|
|
create_home: true
|
|
state: present
|
|
password_lock: false
|
|
become: true
|
|
when: xfce_manage_user | bool
|
|
|
|
- name: Fail when the desktop user password is not provided
|
|
ansible.builtin.assert:
|
|
that:
|
|
- xfce_user_password_plaintext | length > 0
|
|
fail_msg: >-
|
|
xfce_user_password_plaintext must be set so XRDP can authenticate the
|
|
desktop user.
|
|
when: xfce_manage_user | bool
|
|
|
|
- name: Set desktop user password for XRDP login
|
|
ansible.builtin.user:
|
|
name: "{{ xfce_user }}"
|
|
password: "{{ xfce_user_password_plaintext | password_hash('sha512') }}"
|
|
update_password: "{{ xfce_user_update_password }}"
|
|
password_lock: false
|
|
become: true
|
|
no_log: true
|
|
when:
|
|
- xfce_manage_user | bool
|
|
- not ansible_check_mode
|
|
|
|
- name: Ensure the desktop user can sudo
|
|
ansible.builtin.user:
|
|
name: "{{ xfce_user }}"
|
|
groups: "{{ xfce_user_groups }}"
|
|
append: true
|
|
state: present
|
|
become: true
|
|
when:
|
|
- xfce_manage_user | bool
|
|
- xfce_user_groups | length > 0
|
|
|
|
- name: Ensure XFCE session file is present
|
|
ansible.builtin.template:
|
|
src: xsession.j2
|
|
dest: "{{ xfce_xsession_file }}"
|
|
owner: "{{ xfce_user }}"
|
|
group: "{{ xfce_user }}"
|
|
mode: "0644"
|
|
become: true
|
|
when: xfce_manage_user | bool
|
|
notify:
|
|
- Restart xrdp
|
|
- Restart xrdp sesman
|
|
|
|
- name: Ensure XFCE config directory exists
|
|
ansible.builtin.file:
|
|
path: "{{ xfce_xfconf_dir }}"
|
|
state: directory
|
|
owner: "{{ xfce_user }}"
|
|
group: "{{ xfce_user }}"
|
|
mode: "0755"
|
|
become: true
|
|
when: xfce_manage_user | bool
|