/
/
/
1# my\_user Role
2
3A generic Ansible role to create a single user with SSH access, optional keypair generation, dotfiles installation, and optional passwordless sudo.
4
5## Features
6
7* Creates user and primary group
8* Adds user to extra groups
9* Sets home perms and `.hushlogin`
10* SSH setup:
11
12 * Edge devices: only import provided public key
13 * Non-edge: generate keypair if missing
14 * Import key from string or GitHub username
15* Clone and install dotfiles (repo + install command)
16* Optional passwordless sudo
17
18## Variables
19
20* `my_user_username`: username (default `yannick`)
21* `my_user_groups`: list of extra groups
22* `my_user_password`: optional password (sha512 hashed on create)
23* `edge_device`: `true` = import public key only, `false` = generate keypair if missing
24* `my_user_ssh_public_key`: explicit public key
25* `my_user_github_username`: fetch `.keys` from GitHub
26* `dotfiles_repo`: repo URL
27* `dotfiles_install_cmd`: command to run inside repo
28* `my_user_passwordless_sudo`: if true, grant NOPASSWD sudo
29
30## Examples
31
32Non-edge device:
33
34```yaml
35- hosts: servers
36 vars:
37 my_user_username: yannick
38 my_user_groups: ['docker']
39 edge_device: false
40 my_user_github_username: yourname
41 dotfiles_repo: "https://github.com/yourname/dotfiles.git"
42 dotfiles_install_cmd: "./install.sh"
43 roles:
44 - my_user
45```
46
47Edge device:
48
49```yaml
50- hosts: edge
51 vars:
52 my_user_username: yannick
53 edge_device: true
54 my_user_ssh_public_key: "ssh-ed25519 AAAAC..."
55 roles:
56 - my_user
57```
58
59## Notes
60
61* Requires `community.crypto` collection for keypair generation.
62* Idempotent: wonât overwrite existing passwords or keys.
63* Use HTTPS tokens for private dotfiles repos on edge devices.
64
65## License
66
67MIT
68
69