roles/user/tasks/main.yml

Wed, 13 Apr 2016 12:20:22 -0400

author
Meredith Howard <mhoward@roomag.org>
date
Wed, 13 Apr 2016 12:20:22 -0400
changeset 30
f468e5f566d1
parent 29
9b3befb1c773
child 36
745c6a77bf68
permissions
-rw-r--r--

break out dotfiles playbook and enable agent forwarding

17
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
1 ---
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
2 # Create/update my user, don't clobber my extra groups.
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
3 - name: User setup
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
4 user:
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
5 name: "{{user.name}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
6 comment: "{{user.comment}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
7 shell: /bin/zsh
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
8 groups: sudo
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
9 append: true
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
10 register: user
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
11 tags: user
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
12
29
9b3befb1c773 Fix YAML
Meredith Howard <mhoward@roomag.org>
parents: 28
diff changeset
13 - name: "ssh : Pubkey for user"
17
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
14 authorized_key:
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
15 manage_dir: true
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
16 user: "{{user.name}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
17 key: "{{item}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
18 with_file:
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
19 - public_keys/{{user.name}}
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
20 tags: user, ssh
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
21
29
9b3befb1c773 Fix YAML
Meredith Howard <mhoward@roomag.org>
parents: 28
diff changeset
22 - name: "ssh : Ensure known_hosts keys"
17
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
23 become: true
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
24 become_user: "{{user.name}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
25 lineinfile:
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
26 dest: "{{user.home}}/.ssh/known_hosts"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
27 state: present
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
28 line: "{{item.value}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
29 create: true
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
30 mode: 0600
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
31 with_dict: "{{hostkeys}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
32 tags: user, ssh
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
33
29
9b3befb1c773 Fix YAML
Meredith Howard <mhoward@roomag.org>
parents: 28
diff changeset
34 - name: "ssh : Purge invalid known_hosts keys"
17
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
35 become: true
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
36 become_user: "{{user.name}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
37 lineinfile:
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
38 dest: "{{user.home}}/.ssh/known_hosts"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
39 state: absent
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
40 line: "{{item.value}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
41 with_dict: "{{hostkeys_removed}}"
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
42 tags: user, ssh
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
43
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
44
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
45 # I like to make my ~ my dotfiles working directory (some folks symlink
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
46 # everything) Here that means I clone, move hg, then checkout, clobbering any
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
47 # conflicts with /etc/skel stuff.
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
48 - name: Clone dotfiles
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
49 shell: >
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
50 hg clone -U {{dotfiles_repository}} {{user.home}}/_dotfiles_
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
51 && mv {{user.home}}/_dotfiles_/.hg {{user.home}}
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
52 && rmdir {{user.home}}/_dotfiles_
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
53 && chown -R {{user.name}}:{{user.group}} {{user.home}}/.hg
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
54 && sudo -u {{user.name}} hg -R {{user.home}} update -C
28
6f7483dfe742 Don't need separate check
Meredith Howard <mhoward@roomag.org>
parents: 17
diff changeset
55 args:
6f7483dfe742 Don't need separate check
Meredith Howard <mhoward@roomag.org>
parents: 17
diff changeset
56 create: "{{user.home}}/.hg"
17
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
57 tags: user, dotfiles
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
58
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
59
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
60 # This is an existing script that clones/updates zgen, rbenv, and plenv.
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
61 # My dotfiles use each if the right directory exists.
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
62 - name: Run homedir-setup
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
63 become: true
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
64 become_user: "{{user.name}}"
28
6f7483dfe742 Don't need separate check
Meredith Howard <mhoward@roomag.org>
parents: 17
diff changeset
65 shell: bin/homedir-setup
6f7483dfe742 Don't need separate check
Meredith Howard <mhoward@roomag.org>
parents: 17
diff changeset
66 args:
6f7483dfe742 Don't need separate check
Meredith Howard <mhoward@roomag.org>
parents: 17
diff changeset
67 chdir: "{{user.home}}"
17
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
68 register: homedir_setup
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
69 changed_when: homedir_setup.stdout | match("Updating|Cloning")
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
70 failed_when: homedir_setup.rc != 0
d0d9fdf1f9d3 start breaking roles out
Meredith Howard <mhoward@roomag.org>
parents:
diff changeset
71 tags: user, install

mercurial