Mercurial > hg > mhoward > devbox-ansible / file comparison
comparison: roles/devbox/tasks/main.yml
roles/devbox/tasks/main.yml
- changeset 1
- 18da47fe753c
- parent 0
- f834f140ebad
- child 6
- 0fe74156183f
equal
deleted
inserted
replaced
| 0:f834f140ebad | 1:18da47fe753c |
|---|---|
| 1 --- | 1 --- |
| 2 | |
| 3 # - repos ? | |
| 4 # - backports | |
| 5 # - pgdg | |
| 6 # x update | |
| 7 # x upgrade | |
| 8 # x packages: build-essentials, git, hg, vim-gtk, i3, ffx, ag, ctags, zsh, tmux, ruby, fonts? | |
| 9 # - vbox exts? | |
| 10 # - default x session | |
| 11 # - user | |
| 12 # - dotfiles | |
| 13 # - authorized keys? | |
| 14 # - ssh ids from vault? pgp? | |
| 15 # - homedir-setup | |
| 16 # - sudo group | |
| 17 # - plenv - rbenv build? | |
| 18 | 2 |
| 19 - include: debian.yml | 3 - include: debian.yml |
| 20 when: ansible_distribution == 'Debian' | 4 when: ansible_distribution == 'Debian' |
| 21 | 5 |
| 6 | |
| 7 # sudo may not be everywhere. wheel is a common alternative | |
| 22 - name: Enable sudo for sudo group | 8 - name: Enable sudo for sudo group |
| 23 lineinfile: | 9 lineinfile: |
| 24 dest: /etc/sudoers | 10 dest: /etc/sudoers |
| 25 state: present | 11 state: present |
| 26 regexp: '^%sudo' | 12 regexp: '^%sudo' |
| 27 line: '%sudo ALL=(ALL:ALL) ALL' | 13 line: '%sudo ALL=(ALL:ALL) ALL' |
| 28 | 14 |
| 15 | |
| 16 # Create/update my user, don't clobber my extra groups. | |
| 29 - name: User setup | 17 - name: User setup |
| 30 user: | 18 user: |
| 31 name: "{{user.name}}" | 19 name: "{{user.name}}" |
| 32 comment: "{{user.comment}}" | 20 comment: "{{user.comment}}" |
| 33 shell: /bin/zsh | 21 shell: /bin/zsh |
| 34 groups: sudo | 22 groups: sudo |
| 35 append: true | 23 append: true |
| 36 register: user | 24 register: user |
| 37 | 25 |
| 38 - name: Pubkey for user | 26 |
| 27 - name: ssh | Pubkey for user | |
| 39 authorized_key: | 28 authorized_key: |
| 40 manage_dir: true | 29 manage_dir: true |
| 41 user: "{{user.name}}" | 30 user: "{{user.name}}" |
| 42 key: "{{item}}" | 31 key: "{{item}}" |
| 43 with_file: | 32 with_file: |
| 44 - public_keys/{{user.name}} | 33 - public_keys/{{user.name}} |
| 45 | 34 |
| 46 - name: Ensure hostkeys | 35 - name: ssh | Ensure known_hosts keys |
| 47 sudo: true | 36 sudo: true |
| 48 sudo_user: "{{user.name}}" | 37 sudo_user: "{{user.name}}" |
| 49 lineinfile: | 38 lineinfile: |
| 50 dest: "{{user.home}}/.ssh/known_hosts" | 39 dest: "{{user.home}}/.ssh/known_hosts" |
| 51 state: present | 40 state: present |
| 52 line: "{{item.value}}" | 41 line: "{{item.value}}" |
| 53 create: true | 42 create: true |
| 54 mode: 0600 | 43 mode: 0600 |
| 55 with_dict: hostkeys | 44 with_dict: hostkeys |
| 56 | 45 |
| 57 - name: Purge hostkeys | 46 - name: ssh | Purge invalid known_hosts keys |
| 58 sudo: true | 47 sudo: true |
| 59 sudo_user: "{{user.name}}" | 48 sudo_user: "{{user.name}}" |
| 60 lineinfile: | 49 lineinfile: |
| 61 dest: "{{user.home}}/.ssh/known_hosts" | 50 dest: "{{user.home}}/.ssh/known_hosts" |
| 62 state: absent | 51 state: absent |
| 63 line: "{{item.value}}" | 52 line: "{{item.value}}" |
| 64 with_dict: hostkeys_removed | 53 with_dict: hostkeys_removed |
| 65 | 54 |
| 55 | |
| 56 # I like to make my ~ my dotfiles working directory (some folks symlink | |
| 57 # everything) Here that means I clone, move hg, then checkout, clobbering any | |
| 58 # conflicts with /etc/skel stuff. | |
| 66 - name: Check for dotfiles checkout in homedir | 59 - name: Check for dotfiles checkout in homedir |
| 67 stat: path={{user.home}}/.hg | 60 stat: path={{user.home}}/.hg |
| 68 register: dotfiles | 61 register: dotfiles |
| 69 | 62 |
| 70 - name: Clone dotfiles | 63 - name: Clone dotfiles |
| 74 && mv {{user.home}}/_dotfiles_/.hg {{user.home}} | 67 && mv {{user.home}}/_dotfiles_/.hg {{user.home}} |
| 75 && rmdir {{user.home}}/_dotfiles_ | 68 && rmdir {{user.home}}/_dotfiles_ |
| 76 && chown -R {{user.name}}:{{user.group}} {{user.home}}/.hg | 69 && chown -R {{user.name}}:{{user.group}} {{user.home}}/.hg |
| 77 && sudo -u {{user.name}} hg -R {{user.home}} update -C | 70 && sudo -u {{user.name}} hg -R {{user.home}} update -C |
| 78 | 71 |
| 72 | |
| 73 # This is an existing script that clones/updates oh-my-zsh, rbenv, and plenv. | |
| 74 # My dotfiles use each if the right directory exists. | |
| 79 - name: Run homedir-setup | 75 - name: Run homedir-setup |
| 80 sudo: true | 76 sudo: true |
| 81 sudo_user: "{{user.name}}" | 77 sudo_user: "{{user.name}}" |
| 82 shell: ./.homedir-setup.rb -su chdir={{user.home}} | 78 shell: ./.homedir-setup.rb -su chdir={{user.home}} |
| 83 register: homedir_setup | 79 register: homedir_setup |
