roles/user/tasks/main.yml

Sun, 20 Mar 2016 11:07:35 -0400

author
Meredith Howard <mhoward@roomag.org>
date
Sun, 20 Mar 2016 11:07:35 -0400
changeset 22
154779435639
parent 17
d0d9fdf1f9d3
child 28
6f7483dfe742
permissions
-rw-r--r--

don't use 'all' hostgroup

17
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
1 ---
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
2
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
3 # Create/update my user, don't clobber my extra groups.
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
4 - name: User setup
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
5 user:
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
6 name: "{{user.name}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
7 comment: "{{user.comment}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
8 shell: /bin/zsh
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
9 groups: sudo
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
10 append: true
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
11 register: user
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
12 tags: user
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
13
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
14 - name: ssh | Pubkey for user
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
15 authorized_key:
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
16 manage_dir: true
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
17 user: "{{user.name}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
18 key: "{{item}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
19 with_file:
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
20 - public_keys/{{user.name}}
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
21 tags: user, ssh
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
22
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
23 - name: ssh | Ensure known_hosts keys
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
24 become: true
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
25 become_user: "{{user.name}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
26 lineinfile:
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
27 dest: "{{user.home}}/.ssh/known_hosts"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
28 state: present
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
29 line: "{{item.value}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
30 create: true
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
31 mode: 0600
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
32 with_dict: "{{hostkeys}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
33 tags: user, ssh
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
34
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
35 - name: ssh | Purge invalid known_hosts keys
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
36 become: true
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
37 become_user: "{{user.name}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
38 lineinfile:
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
39 dest: "{{user.home}}/.ssh/known_hosts"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
40 state: absent
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
41 line: "{{item.value}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
42 with_dict: "{{hostkeys_removed}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
43 tags: user, ssh
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
44
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
45
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
46 # I like to make my ~ my dotfiles working directory (some folks symlink
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
47 # everything) Here that means I clone, move hg, then checkout, clobbering any
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
48 # conflicts with /etc/skel stuff.
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
49 - name: Check for dotfiles checkout in homedir
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
50 stat: path={{user.home}}/.hg
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
51 register: dotfiles
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
52 tags: user, dotfiles
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
53
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
54 - name: Clone dotfiles
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
55 when: dotfiles.stat.exists == false
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
56 shell: >
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
57 hg clone -U {{dotfiles_repository}} {{user.home}}/_dotfiles_
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
58 && mv {{user.home}}/_dotfiles_/.hg {{user.home}}
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
59 && rmdir {{user.home}}/_dotfiles_
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
60 && chown -R {{user.name}}:{{user.group}} {{user.home}}/.hg
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
61 && sudo -u {{user.name}} hg -R {{user.home}} update -C
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
62 tags: user, dotfiles
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
63
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
64
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
65 # This is an existing script that clones/updates zgen, rbenv, and plenv.
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
66 # My dotfiles use each if the right directory exists.
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
67 - name: Run homedir-setup
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
68 become: true
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
69 become_user: "{{user.name}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
70 shell: bin/homedir-setup chdir={{user.home}}
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
71 register: homedir_setup
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
72 changed_when: homedir_setup.stdout | match("Updating|Cloning")
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
73 failed_when: homedir_setup.rc != 0
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
74 tags: user, install
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
75

mercurial