From 5c3df56bc8d948e82df8d2a01ee1a5c9765cfa38 Mon Sep 17 00:00:00 2001
From: Santiago Lo Coco <santilococo.01@gmail.com>
Date: Mon, 15 Apr 2024 16:18:19 +0200
Subject: [PATCH] Add molecule and fix bugs

---
 .../playground/molecule/default/converge.yml  | 30 +++++++++++++++++++
 .../playground/molecule/default/molecule.yml  | 23 ++++++++++++++
 .../roles/local_accounts/tasks/main.yml       |  3 ++
 .../roles/local_accounts/tests/test.yml       |  2 +-
 4 files changed, 57 insertions(+), 1 deletion(-)
 create mode 100644 slococo/playground/molecule/default/converge.yml
 create mode 100644 slococo/playground/molecule/default/molecule.yml

diff --git a/slococo/playground/molecule/default/converge.yml b/slococo/playground/molecule/default/converge.yml
new file mode 100644
index 0000000..eb815c7
--- /dev/null
+++ b/slococo/playground/molecule/default/converge.yml
@@ -0,0 +1,30 @@
+---
+- name: Converge
+  hosts: all
+  become: true
+
+  pre_tasks:
+    - name: Update the apt cache
+      ansible.builtin.dnf:
+        name:
+          - openssh
+          - openssh-server
+
+    - name: Stop and Start ssh
+      ansible.builtin.service:
+        name: sshd
+        state: restarted
+
+  roles:
+    - role: slococo.playground.ssh_config
+    - role: slococo.playground.local_accounts
+      vars:
+        local_accounts_list:
+          - name: local_adm
+            shell: /bin/bash
+            userid: 38000087
+          - name: local_log
+            shell: /bin/sh
+            userid: 38000088
+            expiry_date: '2024-12-31'
+            passwordless: true
diff --git a/slococo/playground/molecule/default/molecule.yml b/slococo/playground/molecule/default/molecule.yml
new file mode 100644
index 0000000..e78f285
--- /dev/null
+++ b/slococo/playground/molecule/default/molecule.yml
@@ -0,0 +1,23 @@
+---
+dependency:
+  name: galaxy
+  ooptions:
+    ignore-errors: true
+driver:
+  name: docker
+platforms:
+  - name: instance
+    image: "docker.io/geerlingguy/docker-rockylinux8-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
+    privileged: true
+    pre_build_image: true
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      remote_tmp: /tmp
+  playbooks:
+    converge: ${MOLECULE_PLAYBOOK:-converge.yml}
diff --git a/slococo/playground/roles/local_accounts/tasks/main.yml b/slococo/playground/roles/local_accounts/tasks/main.yml
index 182c6d1..ba75fb3 100644
--- a/slococo/playground/roles/local_accounts/tasks/main.yml
+++ b/slococo/playground/roles/local_accounts/tasks/main.yml
@@ -21,6 +21,7 @@
 - name: Generate SSH key pairs for local users
   community.crypto.openssh_keypair:
     path: "{{ key_path }}_{{ item.name }}"
+    type: ed25519
   loop: "{{ accounts_with_home }}"
   when: item.passwordless | default(false) | bool
   delegate_to: localhost
@@ -31,6 +32,8 @@
   ansible.builtin.file:
     path: "{{ item.home }}/.ssh"
     state: directory
+    owner: "{{ item.name }}"
+    group: "{{ item.name }}"
     mode: '0700'
   loop: "{{ accounts_with_home }}"
   when: item.passwordless | default(false) | bool
diff --git a/slococo/playground/roles/local_accounts/tests/test.yml b/slococo/playground/roles/local_accounts/tests/test.yml
index 6bd9d57..64ed9f1 100644
--- a/slococo/playground/roles/local_accounts/tests/test.yml
+++ b/slococo/playground/roles/local_accounts/tests/test.yml
@@ -15,7 +15,7 @@
         userid: 1002
         expiry_date: '2024-12-31'
         home: /home/test_user2_another
-        groups: docker
+        groups: ['docker', 'root']
 
   roles:
     - role: slococo.playground.local_accounts