Feature request: add multiple groups to users

[juanluisbaptiste]

Hi,

What do you think about adding multiple additional groups to the users instead of a single one with sftp_group_name ? in my case, the users being added with this role must have write access to different existing directories owned by different groups. Making this role add multiple groups would be better than modifying the added users after the role is run to add the extra groups, like this:

  tasks:
    - name: Modify users and add them to additional groups
      user: name={{ item }}
            groups=www-data,systemd-journal,systemd-network
            append=yes
      with_items:
        - sftp_users

A task similar to that one could be used, and maybe renaming sftp_group_name to sftp_group_names, WDYT ?

[johanmeiring]

@juanluisbaptiste I'm not opposed to the idea, but I am a little concerned about the backwards compatibility implications of renaming sftp_group_name, mostly because it's used to define the block in sshd config that controls how this whole thing works. I'd prefer a new variable (perhaps sftp_additional_groups?) on user-dict-level, with a new task that will conditionally add the groups to each respective user if they've actually been set.

Will that help?

[juanluisbaptiste]

@johanmeiring ,I didn't thought on the backwards compatibility, you are right, another variable name should be used, sftp_additional_groups can work.

Thanks !!