mirror/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2025-04-30 08:06:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add matrix_user_shell and default it to /sbin/nologin

Browse Source 
This is a backward-incompatible change. By default, Ansible creates
users with (e.g.) `/bin/sh` on Linux, so changing to a no shell
leads to different behavior.

That said, it appears that using a shell-less user works OK with regard
to Ansible execution and starting the systemd services/containers later on.
This commit is contained in:
Slavi Pantaleev 2025-04-29 10:37:57 +03:00
parent 3ee7deb2d7
commit 51e961ce9f
2 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
roles/custom/matrix-base/defaults/main.yml
View File

@ -177,6 +177,8 @@ matrix_container_global_registry_prefix_override: ""
matrix_user_name: "matrix" matrix_user_name: "matrix"
matrix_user_system: true matrix_user_system: true
matrix_user_shell: /sbin/nologin
matrix_group_name: "matrix" matrix_group_name: "matrix"
matrix_group_system: true matrix_group_system: true

1
roles/custom/matrix-base/tasks/setup_matrix_user.yml
View File

@ -22,6 +22,7 @@
home: "{{ matrix_base_data_path }}" home: "{{ matrix_base_data_path }}"
create_home: false create_home: false
system: "{{ matrix_user_system }}" system: "{{ matrix_user_system }}"
shell: "{{ matrix_user_shell }}"
register: matrix_user register: matrix_user
- name: Initialize matrix_user_uid and matrix_user_gid - name: Initialize matrix_user_uid and matrix_user_gid