Sun, 20 Mar 2016 11:07:35 -0400
don't use 'all' hostgroup
17 | 1 | --- |
2 | ||
3 | # Create/update my user, don't clobber my extra groups. | |
4 | - name: User setup | |
5 | user: | |
6 | name: "{{user.name}}" | |
7 | comment: "{{user.comment}}" | |
8 | shell: /bin/zsh | |
9 | groups: sudo | |
10 | append: true | |
11 | register: user | |
12 | tags: user | |
13 | ||
14 | - name: ssh | Pubkey for user | |
15 | authorized_key: | |
16 | manage_dir: true | |
17 | user: "{{user.name}}" | |
18 | key: "{{item}}" | |
19 | with_file: | |
20 | - public_keys/{{user.name}} | |
21 | tags: user, ssh | |
22 | ||
23 | - name: ssh | Ensure known_hosts keys | |
24 | become: true | |
25 | become_user: "{{user.name}}" | |
26 | lineinfile: | |
27 | dest: "{{user.home}}/.ssh/known_hosts" | |
28 | state: present | |
29 | line: "{{item.value}}" | |
30 | create: true | |
31 | mode: 0600 | |
32 | with_dict: "{{hostkeys}}" | |
33 | tags: user, ssh | |
34 | ||
35 | - name: ssh | Purge invalid known_hosts keys | |
36 | become: true | |
37 | become_user: "{{user.name}}" | |
38 | lineinfile: | |
39 | dest: "{{user.home}}/.ssh/known_hosts" | |
40 | state: absent | |
41 | line: "{{item.value}}" | |
42 | with_dict: "{{hostkeys_removed}}" | |
43 | tags: user, ssh | |
44 | ||
45 | ||
46 | # I like to make my ~ my dotfiles working directory (some folks symlink | |
47 | # everything) Here that means I clone, move hg, then checkout, clobbering any | |
48 | # conflicts with /etc/skel stuff. | |
49 | - name: Check for dotfiles checkout in homedir | |
50 | stat: path={{user.home}}/.hg | |
51 | register: dotfiles | |
52 | tags: user, dotfiles | |
53 | ||
54 | - name: Clone dotfiles | |
55 | when: dotfiles.stat.exists == false | |
56 | shell: > | |
57 | hg clone -U {{dotfiles_repository}} {{user.home}}/_dotfiles_ | |
58 | && mv {{user.home}}/_dotfiles_/.hg {{user.home}} | |
59 | && rmdir {{user.home}}/_dotfiles_ | |
60 | && chown -R {{user.name}}:{{user.group}} {{user.home}}/.hg | |
61 | && sudo -u {{user.name}} hg -R {{user.home}} update -C | |
62 | tags: user, dotfiles | |
63 | ||
64 | ||
65 | # This is an existing script that clones/updates zgen, rbenv, and plenv. | |
66 | # My dotfiles use each if the right directory exists. | |
67 | - name: Run homedir-setup | |
68 | become: true | |
69 | become_user: "{{user.name}}" | |
70 | shell: bin/homedir-setup chdir={{user.home}} | |
71 | register: homedir_setup | |
72 | changed_when: homedir_setup.stdout | match("Updating|Cloning") | |
73 | failed_when: homedir_setup.rc != 0 | |
74 | tags: user, install | |
75 |