From b2b84d37d6a2044e551e25307b7e5f0da6bb52dd Mon Sep 17 00:00:00 2001 From: Pierre Poulain Date: Wed, 5 Jan 2022 21:05:24 +0100 Subject: [PATCH 1/5] Create and delete multiple student users --- ansible/students-create.yml | 42 +++++++++++++++++++++++++++++++++++++ ansible/students-remove.yml | 29 +++++++++++++++++++++++++ 2 files changed, 71 insertions(+) create mode 100644 ansible/students-create.yml create mode 100644 ansible/students-remove.yml diff --git a/ansible/students-create.yml b/ansible/students-create.yml new file mode 100644 index 0000000..7e9947b --- /dev/null +++ b/ansible/students-create.yml @@ -0,0 +1,42 @@ +--- + +- hosts: all + become: yes + + vars: + default_user_group: plasma-users + + tasks: + # Read a CSV file with users + - name: Read users from CSV file and return a list + read_csv: + path: "{{ studentdef }}" + register: users + delegate_to: localhost + become: no + + - debug: + msg: "Read user {{ item.login }} with password {{ item.password }} in group {{ item.group }}" + loop: "{{ users.list }}" + delegate_to: localhost + become: no + + - name: Add users + user: + name: "{{ item.login }}" + groups: "{{ item.group if item.group is defined else default_user_group }}" + password: "{{ item.password | password_hash('sha512') }}" + shell: /bin/bash + home: "{{ home_path if home_path is defined else '/home' }}/{{ item.login }}" + loop: "{{ users.list }}" + + - name: Set user quota + shell: | + setquota -u {{ item.login }} \ + {{ item.quota.soft if item.quota.soft is defined else quota.soft }} \ + {{ item.quota.hard if item.quota.hard is defined else quota.hard }} \ + 0 0 {{ quota_device_path }} + when: quota is defined or item.quota is defined + loop: "{{ users.list }}" + + diff --git a/ansible/students-remove.yml b/ansible/students-remove.yml new file mode 100644 index 0000000..29b013d --- /dev/null +++ b/ansible/students-remove.yml @@ -0,0 +1,29 @@ +--- + +- hosts: all + become: yes + + vars: + default_user_group: plasma-users + + tasks: + # Read a CSV file with users + - name: Read users from CSV file and return a list + read_csv: + path: "{{ studentdef }}" + register: users + delegate_to: localhost + become: no + + - debug: + msg: "Read user {{ item.login }} in group {{ item.group }}" + loop: "{{ users.list }}" + delegate_to: localhost + become: no + + - name: Remove users + user: + name: "{{ item.login }}" + state: absent + remove: yes + loop: "{{ users.list }}" From a3dacadc5c773b24cf5ac8273868371d260e31d6 Mon Sep 17 00:00:00 2001 From: Jeremy Tuloup Date: Fri, 25 Mar 2022 10:40:05 +0100 Subject: [PATCH 2/5] Add docs about creating users in batches --- ansible/students-create.yml | 8 +++--- ansible/students-remove.yml | 4 +-- docs/configuration/batch-users.md | 44 +++++++++++++++++++++++++++++++ docs/configuration/index.md | 1 + docs/install/users.md | 4 +++ 5 files changed, 55 insertions(+), 6 deletions(-) create mode 100644 docs/configuration/batch-users.md diff --git a/ansible/students-create.yml b/ansible/students-create.yml index 7e9947b..80f8497 100644 --- a/ansible/students-create.yml +++ b/ansible/students-create.yml @@ -16,23 +16,23 @@ become: no - debug: - msg: "Read user {{ item.login }} with password {{ item.password }} in group {{ item.group }}" + msg: "Read user {{ item.username }} with password {{ item.password }} in group {{ item.group }}" loop: "{{ users.list }}" delegate_to: localhost become: no - name: Add users user: - name: "{{ item.login }}" + name: "{{ item.username }}" groups: "{{ item.group if item.group is defined else default_user_group }}" password: "{{ item.password | password_hash('sha512') }}" shell: /bin/bash - home: "{{ home_path if home_path is defined else '/home' }}/{{ item.login }}" + home: "{{ home_path if home_path is defined else '/home' }}/{{ item.username }}" loop: "{{ users.list }}" - name: Set user quota shell: | - setquota -u {{ item.login }} \ + setquota -u {{ item.username }} \ {{ item.quota.soft if item.quota.soft is defined else quota.soft }} \ {{ item.quota.hard if item.quota.hard is defined else quota.hard }} \ 0 0 {{ quota_device_path }} diff --git a/ansible/students-remove.yml b/ansible/students-remove.yml index 29b013d..c978753 100644 --- a/ansible/students-remove.yml +++ b/ansible/students-remove.yml @@ -16,14 +16,14 @@ become: no - debug: - msg: "Read user {{ item.login }} in group {{ item.group }}" + msg: "Read user {{ item.username }} in group {{ item.group }}" loop: "{{ users.list }}" delegate_to: localhost become: no - name: Remove users user: - name: "{{ item.login }}" + name: "{{ item.username }}" state: absent remove: yes loop: "{{ users.list }}" diff --git a/docs/configuration/batch-users.md b/docs/configuration/batch-users.md new file mode 100644 index 0000000..7118a98 --- /dev/null +++ b/docs/configuration/batch-users.md @@ -0,0 +1,44 @@ +(batch-users)= + +# Creating users in batches + +The {ref}`install-users` section details how to create the initial list of users. + +However in some cases it is useful to have a more automated way to create (and delete) users +in batches. For example when preparing and cleaning up a group of students at the beginning and end of a semester. + +This section details how to create users defined in a CSV file using Ansible Playbooks. + +## Creating the CSV File + +Create the `student.csv` file which should contain the `username`, `password` and `group` columns. + +Here is an example of such file: + +```text +username,password,group +stu-megm1-01,bn3r7RjtOyg15X,megm1 +stu-megm1-02,2shgP3xK7aTuMN,megm1 +stu-megm1-03,Kh5jn4GuEIFIzY,megm1 +stu-megm1-04,g9gBHQjJ4VqQG1,megm1 +stu-megm1-05,73O88oFb6B1TB0,megm1 +stu-megm1-06,laZubrmgKBNg1x,megm1 +stu-megm1-07,gAONEMsgdz28si,megm1 +stu-megm1-08,tjlGadyELWj59M,megm1 +stu-megm1-09,soIb4txJDPjo1d,megm1 +stu-megm1-10,QjhalcW9Uq5wxo,megm1 +``` + +## Running the playbooks + +To create the users, go to the `ansible/` folder and run the `student-create.yml` playbook with: + +```sh +ansible-playbook student-create.yml -u ubuntu -e "studentdef=students.csv" +``` + +It is also possible to delete the users from the same CSV definition, using the `student-remove.yml` playbook: + +```sh +ansible-playbook student-remove.yml -u ubuntu -e "studentdef=students.csv" +``` diff --git a/docs/configuration/index.md b/docs/configuration/index.md index 7040d9c..d1aa793 100644 --- a/docs/configuration/index.md +++ b/docs/configuration/index.md @@ -5,6 +5,7 @@ monitoring persistence +batch-users resources cull namedservers diff --git a/docs/install/users.md b/docs/install/users.md index 0a53b03..cb8b9b0 100644 --- a/docs/install/users.md +++ b/docs/install/users.md @@ -231,3 +231,7 @@ foo -- 16K 5120M 10240M 4 0 0 bar -- 16K 10240M 12288M 4 0 0 #62583 -- 4K 0K 0K 2 0 0 ``` + +### Creating user in batches + +The {ref}`batch-users` section details another way to create users in batches. From 2e66ea7ff923a5ca855a16511e90379c7a7ffbff Mon Sep 17 00:00:00 2001 From: Jeremy Tuloup Date: Fri, 25 Mar 2022 10:42:57 +0100 Subject: [PATCH 3/5] Add note about , in the passwords --- docs/configuration/batch-users.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/configuration/batch-users.md b/docs/configuration/batch-users.md index 7118a98..32243d5 100644 --- a/docs/configuration/batch-users.md +++ b/docs/configuration/batch-users.md @@ -29,6 +29,10 @@ stu-megm1-09,soIb4txJDPjo1d,megm1 stu-megm1-10,QjhalcW9Uq5wxo,megm1 ``` +````{warning} +Since the fields in the CSV file are delimited by commas, passwords should not contain any `,` character. +```` + ## Running the playbooks To create the users, go to the `ansible/` folder and run the `student-create.yml` playbook with: From 7812372c812d41982ab3a92461b504f80043eb37 Mon Sep 17 00:00:00 2001 From: Jeremy Tuloup Date: Fri, 25 Mar 2022 14:25:21 +0100 Subject: [PATCH 4/5] Add note about extra parameters --- docs/configuration/batch-users.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/docs/configuration/batch-users.md b/docs/configuration/batch-users.md index 32243d5..20228a3 100644 --- a/docs/configuration/batch-users.md +++ b/docs/configuration/batch-users.md @@ -46,3 +46,22 @@ It is also possible to delete the users from the same CSV definition, using the ```sh ansible-playbook student-remove.yml -u ubuntu -e "studentdef=students.csv" ``` + +````{note} +It is possible to pass additional parameters when creating users in batches. + +For example if you have a file defining disk quotas for a group of students: + +```yaml +# default quotas for students +quota: + soft: 200G + hard: 250G +``` + +You can run the playbook to reference that extra file: + +```bash +ansible-playbook student-create.yml -u ubuntu -e "studentdef=students.csv" -e @students-config.yml +``` +```` \ No newline at end of file From 433921fee2226d4d4456a3965e6fc6df9e302318 Mon Sep 17 00:00:00 2001 From: Jeremy Tuloup Date: Fri, 25 Mar 2022 14:26:29 +0100 Subject: [PATCH 5/5] Minor wording fix --- docs/configuration/batch-users.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuration/batch-users.md b/docs/configuration/batch-users.md index 20228a3..3437df1 100644 --- a/docs/configuration/batch-users.md +++ b/docs/configuration/batch-users.md @@ -59,7 +59,7 @@ quota: hard: 250G ``` -You can run the playbook to reference that extra file: +You can run the playbook and reference that extra file: ```bash ansible-playbook student-create.yml -u ubuntu -e "studentdef=students.csv" -e @students-config.yml