Merge pull request #69 from jeroen-continuum/main

Add support of users not managed in the passwd file (LDAP)

tasks/configure-user.yml

@@ -0,0 +1,30 @@
+---
+# https://eengstrom.github.io/musings/generate-non-contiguous-subuid-subgid-maps-for-rootless-podman
+
+- name: Get user infos
+  getent:
+    database: passwd
+    key: "{{ subid_user }}"
+
+- name: Set subuids
+  ansible.builtin.lineinfile:
+    path: "/etc/subuid"
+    regexp: "{{ subid_user }}"
+    line: "{{ subid_user }}:{{ getent_passwd[subid_user].1 | int | bitwise_shift_left(subuid_bitshift) }}:65536"
+    backup: true
+    create: true
+    mode: 0644
+    owner: root
+    group: root
+
+
+- name: Set subgids
+  ansible.builtin.lineinfile:
+    path: "/etc/subgid"
+    regexp: "{{ subid_user }}"
+    line: "{{ subid_user }}:{{ getent_passwd[subid_user].2 | int | bitwise_shift_left(subgid_bitshift) }}:65536"
+    backup: true
+    create: true
+    mode: 0644
+    owner: root
+    group: root

tasks/main.yml

@@ -1,34 +1,5 @@
----
-# https://eengstrom.github.io/musings/generate-non-contiguous-subuid-subgid-maps-for-rootless-podman
-
-- name: Get user infos
-  getent:
-    database: passwd
-
-- name: Set subuids
-  ansible.builtin.lineinfile:
-    path: "/etc/subuid"
-    regexp: "{{ user }}"
-    line: "{{ user }}:{{ getent_passwd[user].1 | int | bitwise_shift_left(subuid_bitshift) }}:65536"
-    backup: true
-    create: true
-    mode: 0644
-    owner: root
-    group: root
+- name: Configure each user
+  include_tasks: configure-user.yml
   loop: "{{ subid_users }}"
   loop_control:
-    loop_var: "user"
-
-- name: Set subgids
-  ansible.builtin.lineinfile:
-    path: "/etc/subgid"
-    regexp: "{{ user }}"
-    line: "{{ user }}:{{ getent_passwd[user].2 | int | bitwise_shift_left(subgid_bitshift) }}:65536"
-    backup: true
-    create: true
-    mode: 0644
-    owner: root
-    group: root
-  loop: "{{ subid_users }}"
-  loop_control:
-    loop_var: "user"
+    loop_var: "subid_user"