Yacine/oracle_19_install
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve idempotency for user/group creation in preinstall: add existence checks before creating

Browse Source
This commit is contained in:
Yacine31
2025-12-02 12:32:51 +01:00
parent 49abe2e012
commit 4cad16c2a5
1 changed files with 23 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
roles/oracle-db-preinstall/tasks/users_configuration.yml
View File

@@ -1,13 +1,21 @@
--- ---
# --------------------------------------------------- # ---------------------------------------------------
# CRéation des groupes # CRéation des groupes
# --------------------------------------------------- # ---------------------------------------------------
- name: Création des groupes - name: Vérifier si les groupes existent
ansible.builtin.getent:
database: group
register: group_facts
ignore_errors: true
when: full_configuration |bool
tags: group
- name: Création des groupes (seulement si absents)
ansible.builtin.group: ansible.builtin.group:
name: "{{ item.group }}" name: "{{ item.group }}"
gid: "{{ item.gid }}" gid: "{{ item.gid }}"
state: present state: present
loop: loop:
- { group: oinstall, gid: 1001} - { group: oinstall, gid: 1001}
- { group: dba, gid: 1002 } - { group: dba, gid: 1002 }
- { group: oper, gid: 1003 } - { group: oper, gid: 1003 }
@@ -18,14 +26,21 @@
- { group: asmadmin, gid: 1008 } - { group: asmadmin, gid: 1008 }
- { group: asmdba, gid: 1009 } - { group: asmdba, gid: 1009 }
- { group: asmoper, gid: 1010 } - { group: asmoper, gid: 1010 }
ignore_errors: true when: full_configuration |bool and item.group not in (group_facts.ansible_facts.getent_group | default({}))
when: full_configuration |bool
tags: group tags: group
# --------------------------------------------------- # ---------------------------------------------------
# Création des utilisateurs : password Oracle123 => full configuration # Création des utilisateurs : password Oracle123 => full configuration
# --------------------------------------------------- # ---------------------------------------------------
- name: Création du compte Oracle et grid - name: Vérifier si les utilisateurs existent
ansible.builtin.getent:
database: passwd
register: user_facts
ignore_errors: true
when: full_configuration |bool
tags: user
- name: Création du compte Oracle et grid (seulement si absents)
ansible.builtin.user: ansible.builtin.user:
name: "{{ item.username }}" name: "{{ item.username }}"
group: "{{ item.primgroup }}" group: "{{ item.primgroup }}"
@@ -39,8 +54,7 @@
loop: loop:
- { username: oracle, uid: 1001, primgroup: oinstall, othergroups: "dba,asmdba,backupdba,dgdba,kmdba,racdba,oper", passwd: "$6$0xHoAXXF$K75HKb64Hcb/CEcr3YEj2LGERi/U2moJgsCK.ztGxLsKoaXc4UBiNZPL0hlxB5ng6GL.gyipfQOOXplzcdgvD0"} - { username: oracle, uid: 1001, primgroup: oinstall, othergroups: "dba,asmdba,backupdba,dgdba,kmdba,racdba,oper", passwd: "$6$0xHoAXXF$K75HKb64Hcb/CEcr3YEj2LGERi/U2moJgsCK.ztGxLsKoaXc4UBiNZPL0hlxB5ng6GL.gyipfQOOXplzcdgvD0"}
- { username: grid, uid: 1002, primgroup: oinstall, othergroups: "dba,asmdba,backupdba,dgdba,kmdba,racdba,asmoper,asmadmin", passwd: "$6$0xHoAXXF$K75HKb64Hcb/CEcr3YEj2LGERi/U2moJgsCK.ztGxLsKoaXc4UBiNZPL0hlxB5ng6GL.gyipfQOOXplzcdgvD0"} - { username: grid, uid: 1002, primgroup: oinstall, othergroups: "dba,asmdba,backupdba,dgdba,kmdba,racdba,asmoper,asmadmin", passwd: "$6$0xHoAXXF$K75HKb64Hcb/CEcr3YEj2LGERi/U2moJgsCK.ztGxLsKoaXc4UBiNZPL0hlxB5ng6GL.gyipfQOOXplzcdgvD0"}
ignore_errors: true when: full_configuration |bool and item.username not in (user_facts.ansible_facts.getent_passwd | default({}))
when: full_configuration |bool
tags: user tags: user