Merge pull request #486 from FanchTheSystem/avoid_fixed_uid_and_gid

Remove default UID/GID
2020-05-06 09:46:49 +03:00 · 2020-05-06 09:46:49 +03:00 · 6032affc20
commit 6032affc20
parent 7b8d0cd1ab 8fea6f5130
4 changed files with 29 additions and 16 deletions
--- a/roles/matrix-base/defaults/main.yml
+++ b/roles/matrix-base/defaults/main.yml
@ -22,8 +22,6 @@ matrix_server_fqn_dimension: "dimension.{{ matrix_domain }}"
 matrix_server_fqn_jitsi: "jitsi.{{ matrix_domain }}"

 matrix_user_username: "matrix"
-matrix_user_uid: 991
-matrix_user_gid: 991

 matrix_base_data_path: "/matrix"
 matrix_base_data_path_mode: "750"
--- a/roles/matrix-base/tasks/main.yml
+++ b/roles/matrix-base/tasks/main.yml
@ -12,6 +12,13 @@
  tags:
    - setup-all

+# This needs to always run, because it populates `matrix_user_uid` and `matrix_user_gid`,
+# which are required by many other roles.
+- import_tasks: "{{ role_path }}/tasks/setup_matrix_user.yml"
+  when: run_setup|bool
+  tags:
+    - always
+
 - import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml"
  when: run_setup|bool
  tags:
--- a/roles/matrix-base/tasks/setup_matrix_base.yml
+++ b/roles/matrix-base/tasks/setup_matrix_base.yml
@ -1,18 +1,5 @@
 ---

- name: Ensure Matrix group is created
-  group:
-    name: "{{ matrix_user_username }}"
-    gid: "{{ matrix_user_gid }}"
-    state: present
-
- name: Ensure Matrix user is created
-  user:
-    name: "{{ matrix_user_username }}"
-    uid: "{{ matrix_user_uid }}"
-    state: present
-    group: "{{ matrix_user_username }}"
-
 - name: Ensure Matrix base path exists
  file:
    path: "{{ item }}"
@ -54,4 +41,3 @@
    src: "{{ role_path }}/templates/usr-local-bin/matrix-remove-all.j2"
    dest: "{{ matrix_local_bin_path }}/matrix-remove-all"
    mode: 0750
-
--- a/roles/matrix-base/tasks/setup_matrix_user.yml
+++ b/roles/matrix-base/tasks/setup_matrix_user.yml
@ -0,0 +1,22 @@
+---
+
+- name: Ensure Matrix group is created
+  group:
+    name: "{{ matrix_user_username }}"
+    state: present
+  register: matrix_group
+
+- name: Set Matrix Group GID Variable
+  set_fact:
+    matrix_user_gid: "{{ matrix_group.gid }}"
+
+- name: Ensure Matrix user is created
+  user:
+    name: "{{ matrix_user_username }}"
+    state: present
+    group: "{{ matrix_user_username }}"
+  register: matrix_user
+
+- name: Set Matrix Group UID Variable
+  set_fact:
+    matrix_user_uid: "{{ matrix_user.uid }}"