Allow for additional users and groups to be defined.

README.md

@@ -28,6 +28,11 @@ addition to the [username] group) by adding them as a comma-separated list in gr
 added using the authorized_keys options with a list of keys. Specify a github username to fetch authorised keys from
 GitHub.
 
+     ssh_config_groups_additional: []
+
+Additional system users that can be assigned to specific inventories or roles, useful when using `ssh_config_users` as a common default user list.
+
+
     ssh_config_users_absent: []
       # You can specify an object with 'name' (required):
       # - name: example
@@ -44,6 +49,10 @@ A list of users who should not be present on the server and should be removed.
 System groups that should be created. These can be assigned to users defined in `ssh_config_users`. If the group should
 be allowed passwordless_sudo, optionally set that here.
 
+    ssh_config_groups_additional: []
+
+Additional system groups that can be assigned to specific inventories or roles, useful when using `ssh_config_groups` as a common default group list.
+
     ssh_config_groups_absent: []
       # You can specify an object with 'name' (required):
       # - name: example

defaults/main.yml

@@ -1,14 +1,16 @@
 ---
 ssh_config_groups: []
   # - name: example
-  #   passwordless_sudo: True
+#   passwordless_sudo: True
+
+ssh_config_groups_additional: []
 
 ssh_config_groups_absent: []
   # You can specify an object with 'name' (required):
   # - name: example
 
   # Or you can specify a group directly:
-  # - example
+# - example
 
 ssh_config_users: []
   # You can specify an object with 'name' (required) and 'groups' (optional):
@@ -18,14 +20,16 @@ ssh_config_users: []
   #     - "ssh-rsa ..."
 
   # Or you can specify a GitHub username:
-  # - github: memiah
+# - github: memiah
+
+ssh_config_users_additional: []
 
 ssh_config_users_absent: []
   # You can specify an object with 'name' (required):
   # - name: example
 
   # Or you can specify a username directly:
-  # - example
+# - example
 
 ssh_config_github_url: https://github.com
 

tasks/main.yml

@@ -1,9 +1,14 @@
 ---
+- name: Combine core groups and users with any additional values.
+  set_fact:
+    ssh_config_groups_combined: "{{ ssh_config_groups + ssh_config_groups_additional }}"
+    ssh_config_users_combined: "{{ ssh_config_users + ssh_config_users_additional }}"
+
 - name: Ensure system groups are present.
   group:
     name: "{{ item.name }}"
     state: present
-  with_items: "{{ ssh_config_groups }}"
+  with_items: "{{ ssh_config_groups_combined }}"
 
 - name: Remove unwanted system groups.
   group:
@@ -19,25 +24,25 @@
     groups: "{{ item.groups | default(omit) }}"
     home: /home/{{ item.name | default(item.github) }}
     state: present
-  with_items: "{{ ssh_config_users }}"
+  with_items: "{{ ssh_config_users_combined }}"
 
 - name: Ensure authorized_keys for GitHub user accounts are present.
   authorized_key:
     user: "{{ item.name | default(item.github) }}"
     key: "{{ ssh_config_github_url }}/{{ item.github }}.keys"
     manage_dir: yes
-  with_items: "{{ ssh_config_users }}"
+  with_items: "{{ ssh_config_users_combined }}"
   when: item.github is defined
 
 - name: Set authorized_keys for user accounts
   authorized_key:
     user: "{{ item.0.name | default(item.0.github) }}"
     key: "{{ item.1 }}"
   with_subelements:
-    - "{{ ssh_config_users }}"
-    - authorized_keys
-    - flags:
-      skip_missing: True
+  - "{{ ssh_config_users_combined }}"
+  - authorized_keys
+  - flags:
+    skip_missing: True
 
 - name: Ensure user accounts in ssh_config_users_absent are absent.
   user:
@@ -61,10 +66,10 @@
     group: root
     mode: 0440
     validate: "visudo -cf %s"
-  with_items: "{{ ssh_config_groups }}"
+  with_items: "{{ ssh_config_groups_combined }}"
   when:
-    - item.passwordless_sudo is defined
-    - item.passwordless_sudo == True
+  - item.passwordless_sudo is defined
+  - item.passwordless_sudo == True
 
 - name: Copy /etc/sudoers.d/ssh_auth_sock into place.
   copy: