anubis: add group/user

Normally the fedora anubis package uses systemd's DynamicUser, which is fine, but we need to setup a env file only readable by anubis because it contains a private key. So, just add group/user here and the unit will use those instead. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2026-03-20 03:57:02 +08:00 · 2025-09-18 15:43:23 -07:00
parent 7f37ed4a54
commit fd4ebff347
1 changed files with 17 additions and 0 deletions
--- a/roles/anubis/tasks/main.yml
+++ b/roles/anubis/tasks/main.yml
@@ -6,6 +6,23 @@
  tags:
    - anubis

+- name: Add anubis group
+  ansible.builtin.group:
+    name: anubis
+    state: present
+  tags:
+  - config
+  - anubis
+
+- name: Add anubis user
+  ansible.builtin.user:
+    name: anubis
+    group: anubis
+    system: yes
+  tags:
+  - config
+  - anubis
+
 - name: Install httpd config for backend listener
  ansible.builtin.copy:
    src: "httpd/{{ item }}"