proxmox ci api user

2025-06-08 20:11:50 +02:00 · 2025-06-08 20:11:50 +02:00 · c05c863fda
commit c05c863fda
parent bdf3bc6b02
8 changed files with 147 additions and 52 deletions
--- a/roles/ci_user/tasks/main.yml
+++ b/roles/ci_user/tasks/main.yml
@ -1,20 +1,34 @@
+- name: Create CI group
+  ansible.builtin.group:
+    name: ci
+    state: present
+
 - name: Create CI user
  ansible.builtin.user:
-    name: "{{ ci_user.name }}"
-    groups: "{{ ci_user.groups }}"
-    shell: "{{ ci_user.shell }}"
+    name: "{{ proxmox_ci_user_name }}"
+    group: ci
+    groups: "{{ proxmox_ci_user_groups }}"
+    shell: "{{ proxmox_ci_user_shell }}"
    state: present
    create_home: yes
-  when: ci_user.name is defined and ci_user.name | length > 0
+  when: proxmox_ci_user_name is defined and proxmox_ci_user_name | length > 0

 - name: Add SSH keys for CI user
  ansible.posix.authorized_key:
-    user: "{{ ci_user.name }}"
+    user: "{{ proxmox_ci_user_name }}"
    state: present
    key: "{{ item }}"
-  loop: "{{ ci_user.ssh_keys }}"
+  loop: "{{ proxmox_ci_user_ssh_keys }}"
  when:
-    - ci_user.name is defined
-    - ci_user.name | length > 0
-    - ci_user.ssh_keys is defined
-    - ci_user.ssh_keys | length > 0
+    - proxmox_ci_user_name is defined
+    - proxmox_ci_user_name | length > 0
+    - proxmox_ci_user_ssh_keys is defined
+    - proxmox_ci_user_ssh_keys | length > 0
+
+- name: Ensure image directory exists with correct permissions
+  ansible.builtin.file:
+    path: /var/lib/vz/dump
+    state: directory
+    owner: root
+    group: ci
+    mode: "0775" # rwxrwxr-x so 'ci' can write, others can read/execute