Explicitly Defined uid and gid for service_user

[JoelProminic]

While testing the Moonshine-dev 1.5.0 release, we ran into an problem where the fileshares were owned by the wrong user. The GCR configuration defined the expected user and group by ID using mountOptions:

     volumes:
     - name: local
       csi:
         driver: gcsfuse.run.googleapis.com
         volumeAttributes:
           bucketName: moonshine.dev
           mountOptions: uid=994,gid=994,rename-dir-limit=4096

It looks like the provisioners are not enforcing a static user or group ID, so this is going to depend on the order of the actions:

startcloud_roles/roles/service_user/tasks/main.yml

Lines 21 to 56 in eb47679

	-
	name: "Block to Allow Loading of Variables without running task"
	when: run_tasks
	block:
	-
	name: "Creating the group {{ service_group }}"
	ansible.builtin.group:
	name: "{{ service_group }}"
	state: present
	-
	name: "Adding user to groups: {{ service_user }}"
	ansible.builtin.user:
	name: "{{ service_user }}"
	shell: /bin/bash
	home: "{{ service_home_dir }}"
	groups:
	- "{{ service_group }}"
	- sudo
	append: yes
	createhome: no
	system: yes
	-
	name: "Adding startcloud to groups: {{ service_group }}"
	ansible.builtin.user:
	name: "{{ settings.vagrant_user }}"
	groups: "{{ service_group }}"
	append: true
	-
	name: "Adding user to sudoers: {{ service_user }}"
	ansible.builtin.lineinfile:
	path: "/etc/sudoers.d/{{ service_user }}"
	line: "{{ service_user }} ALL=(ALL:ALL) NOPASSWD:ALL"
	mode: '0644'
	create: true

I see parameters to set the uid and gid so that we can enforce this. I think service_user is the only external case where the uid and gid matter, but we may want to set the others to avoid collisions. The uid and gid should be set as vars so that they can be overwritten in the moonshine-dev configuration if needed.