From fa6fad4069cb8bec9e69bb0741486b22bc8a75b4 Mon Sep 17 00:00:00 2001
From: Matthew Ahrenstein <matt@ahrenstein.com>
Date: Fri, 17 Jul 2020 13:58:35 -0400
Subject: [PATCH 1/2] Starting the move to zsh

---
 CHANGELOG.md                                 |  6 ++++++
 tasks/main.yml                               |  4 ++++
 tasks/prereqs.yml                            | 17 +++++++++++++++++
 tasks/root.yml                               |  1 +
 tasks/users.yml                              |  2 +-
 tests/smoke/repo-role/standard/users_test.rb | 16 +++++++++++++---
 vars/CentOS.yml                              | 14 ++++++++++++++
 vars/Ubuntu.yml                              | 14 ++++++++++++++
 8 files changed, 70 insertions(+), 4 deletions(-)
 create mode 100644 vars/CentOS.yml
 create mode 100644 vars/Ubuntu.yml

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 54a3811..e4f08ec 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,12 @@ Ansible Role - Linux Users: Changelog
 =====================================
 A list of all the changes made to this repo and the role it contains
 
+Version 1.2.2
+-------------
+
+1. Install zsh if it's missing
+2. Users now use zsh as their default shell
+
 Version 1.2.1
 -------------
 
diff --git a/tasks/main.yml b/tasks/main.yml
index 8ed2c4b..b46ac07 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -12,6 +12,10 @@
 
 # Manage user accounts and sudo privileges across Linux servers
 
+- name: Set distribution specific variables
+  include_vars: '{{ item }}'
+  with_first_found:
+    - '{{ ansible_distribution }}.yml'
 - import_tasks: prereqs.yml
   when: ansible_distribution == 'Ubuntu' or ansible_distribution == 'CentOS'
 - import_tasks: root.yml
diff --git a/tasks/prereqs.yml b/tasks/prereqs.yml
index 7a5e6be..ed59a9d 100644
--- a/tasks/prereqs.yml
+++ b/tasks/prereqs.yml
@@ -12,6 +12,23 @@
 
 # Configure the prerequisites for user management
 
+- name: (Ubuntu) Refresh apt cache
+  apt:
+    update_cache: yes
+  when: ansible_distribution == "Ubuntu"
+
+- name: (Ubuntu) Install the zsh package
+  apt:
+    name: zsh
+    state: present
+  when: ansible_distribution == "Ubuntu"
+
+- name: (CentOS) Install the zsh package
+  yum:
+    name: zsh
+    state: present
+  when: ansible_distribution == "Ubuntu"
+
 - name: Create an admin group for password-less sudo options
   group:
     gid: 1337
diff --git a/tasks/root.yml b/tasks/root.yml
index 9ece321..ff56439 100644
--- a/tasks/root.yml
+++ b/tasks/root.yml
@@ -16,6 +16,7 @@
   user:
     name: root
     password: '{{ linux_users.root_password }}'
+    shell: '{{ zsh_path }}'
     update_password: always
 
 - name: Configure root's SSH keys
diff --git a/tasks/users.yml b/tasks/users.yml
index 24e56a7..7f64475 100644
--- a/tasks/users.yml
+++ b/tasks/users.yml
@@ -15,7 +15,7 @@
 - name: Add/update all specified users
   user:
     name: '{{ item.username }}'
-    shell: '/bin/bash'
+    shell: '{{ zsh_path }}'
     comment: '{{ item.comment }}'
     create_home: yes
     group: '{{ item.group }}'
diff --git a/tests/smoke/repo-role/standard/users_test.rb b/tests/smoke/repo-role/standard/users_test.rb
index f0ae4b8..f48797b 100644
--- a/tests/smoke/repo-role/standard/users_test.rb
+++ b/tests/smoke/repo-role/standard/users_test.rb
@@ -11,6 +11,16 @@
 
 # Test the creation and updating of users
 
+if os[:name] == 'ubuntu'
+  zsh_path = '/usr/bin/zsh'
+
+elsif os[:name] == 'centos'
+  zsh_path = '/bin/zsh'
+
+else
+  # Do nothing
+end
+
 if ['ubuntu', 'centos'].include?(os[:name])
 
   # Verify the sample user "pgibbons" was created
@@ -19,7 +29,7 @@
     its('gid') { should eq 8737 }
     its('group') { should eq 'sysusers' }
     its('home') { should eq '/home/pgibbons' }
-    its('shell') { should eq '/bin/bash' }
+    its('shell') { should eq "#{zsh_path}" }
   end
 
   # Verify the sample user "pgibbons" has the correct SSH key(s)
@@ -37,7 +47,7 @@
     its('gid') { should eq 1337 }
     its('group') { should eq 'sysadmins' }
     its('home') { should eq '/home/ahrenstein' }
-    its('shell') { should eq '/bin/bash' }
+    its('shell') { should eq "#{zsh_path}" }
   end
 
   # Verify the sample user "ahrenstein" has the correct SSH key(s)
@@ -55,7 +65,7 @@
     its('gid') { should eq 7782 }
     its('group') { should eq 'svcaccounts' }
     its('home') { should eq '/home/svc-ghactions' }
-    its('shell') { should eq '/bin/bash' }
+    its('shell') { should eq "#{zsh_path}" }
   end
 
   # Verify the sample user "svc-ghactions" has the correct SSH key(s)
diff --git a/vars/CentOS.yml b/vars/CentOS.yml
new file mode 100644
index 0000000..1accf5b
--- /dev/null
+++ b/vars/CentOS.yml
@@ -0,0 +1,14 @@
+#
+# Project:: Ansible Role - Linux Users
+#
+# Copyright 2020, Route 1337, LLC, All Rights Reserved.
+#
+# Maintainers:
+# - Matthew Ahrenstein: matthew@route1337.com
+#
+# See LICENSE
+#
+
+# Variables specific to CentOS
+
+zsh_path: "/bin/zsh"
diff --git a/vars/Ubuntu.yml b/vars/Ubuntu.yml
new file mode 100644
index 0000000..80aa5fa
--- /dev/null
+++ b/vars/Ubuntu.yml
@@ -0,0 +1,14 @@
+#
+# Project:: Ansible Role - Linux Users
+#
+# Copyright 2020, Route 1337, LLC, All Rights Reserved.
+#
+# Maintainers:
+# - Matthew Ahrenstein: matthew@route1337.com
+#
+# See LICENSE
+#
+
+# Variables specific to Ubuntu
+
+zsh_path: "/usr/bin/zsh"

From 940c34e117f0799933b7a54ca297b51712e0ce34 Mon Sep 17 00:00:00 2001
From: Matthew Ahrenstein <matt@ahrenstein.com>
Date: Fri, 17 Jul 2020 14:51:05 -0400
Subject: [PATCH 2/2] Fixing CentOS zsh install and testing for it

---
 tasks/prereqs.yml                                        | 2 +-
 tests/smoke/repo-role/no-user-management/prereqs_test.rb | 5 +++++
 tests/smoke/repo-role/standard/prereqs_test.rb           | 5 +++++
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/tasks/prereqs.yml b/tasks/prereqs.yml
index ed59a9d..dc3ab17 100644
--- a/tasks/prereqs.yml
+++ b/tasks/prereqs.yml
@@ -27,7 +27,7 @@
   yum:
     name: zsh
     state: present
-  when: ansible_distribution == "Ubuntu"
+  when: ansible_distribution == "CentOS"
 
 - name: Create an admin group for password-less sudo options
   group:
diff --git a/tests/smoke/repo-role/no-user-management/prereqs_test.rb b/tests/smoke/repo-role/no-user-management/prereqs_test.rb
index c1b42cb..1a672c4 100644
--- a/tests/smoke/repo-role/no-user-management/prereqs_test.rb
+++ b/tests/smoke/repo-role/no-user-management/prereqs_test.rb
@@ -13,6 +13,11 @@
 
 if ['ubuntu', 'centos'].include?(os[:name])
 
+  # Verify zsh is installed
+  describe package('zsh') do
+    it { should be_installed }
+  end
+
   # Verify the sysadmins group exists
   describe group('sysadmins') do
     it { should exist }
diff --git a/tests/smoke/repo-role/standard/prereqs_test.rb b/tests/smoke/repo-role/standard/prereqs_test.rb
index f15da68..b5aa1e6 100644
--- a/tests/smoke/repo-role/standard/prereqs_test.rb
+++ b/tests/smoke/repo-role/standard/prereqs_test.rb
@@ -13,6 +13,11 @@
 
 if ['ubuntu', 'centos'].include?(os[:name])
 
+  # Verify zsh is installed
+  describe package('zsh') do
+    it { should be_installed }
+  end
+
   # Verify the sysadmins group exists
   describe group('sysadmins') do
     it { should exist }