# HG changeset patch # User Meredith Howard # Date 1432972861 14400 # Node ID f834f140ebadf1c90dea917d01fb277fdec65456 Initial commit of devbox-ansible diff --git a/group_vars/all.yml b/group_vars/all.yml new file mode 100644 --- /dev/null +++ b/group_vars/all.yml @@ -0,0 +1,13 @@ +--- + +user: + name: mhoward + comment: Meredith Howard + +with_gui: true + +dotfiles_repository: ssh://mhoward@roomag.org/proj/dotfiles + +hostkeys: + roomag.org: "|1|9luVS5b1COPzsVIoHy3SZyFO7+w=|ofEQRdPBaHKq635vwgADi4+o8cM= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIlCnrGFQ7LiR4HPUv11Qp9d4vhctwqihA4+TBnYORm088OZMyC9WcqcsD5uOKrLSjireBmxEDMat0W7rKgJnpo=" + diff --git a/inventory b/inventory new file mode 100644 --- /dev/null +++ b/inventory @@ -0,0 +1,3 @@ +[localhost] +localhost ansible_connection=local + diff --git a/playbook.yml b/playbook.yml new file mode 100644 --- /dev/null +++ b/playbook.yml @@ -0,0 +1,5 @@ +--- +- hosts: all + roles: + - devbox + diff --git a/public_keys/mhoward b/public_keys/mhoward new file mode 100644 --- /dev/null +++ b/public_keys/mhoward @@ -0,0 +1,1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDMMRoqySOtXfWA4rM3D+BTTwn4w4AtHNglB/5qg99L/xkyu4GGK6Jj19kdW7pwTYZ0KWBKw/p2V7xjqE9N66fB0ZlLStf9jXsEWpArD3NupbEMiXMTM0WOvYby9CWqI9UcblNoOVWiM8AsUx1oFM2cYZlOwROJAiXbXHvUBO+LBLHO9Rc1feCSZaYXIxEkeNGaN0fX7M/Ap6XoEWiWyhIDxemJydEdjfixAFK+9hpmZ7mSkODcediRYTSY8dBR0nZsfYZ9mvpbxWWvcZq/tEVzOjo9L0ZsGDk0zUNy2naxgytzcwQfHklVwVjb0MZ3hQHjPHV2MiqogrBqX3ym1BUjH3TPxktp2r2cBQCdoa6rfX+a2TVlahIqYMgMFWoDMhw0QT59rY3z7R+Z1k68vANE+H6LQ5OjjBZUfwIixxFlvsMNuRuAX904TUJ2/3Ev9E58PryBDtwJHjy+Hn30xL6S2XFe996jRZ10OyUwnxEktoN/Bc9bO7KesJJAohkNm/h5FeDn+gqGZWFrr1VSTZocBf7CKL9RBKCeD9adEmFpkrWVwiHcdcfZb4Tc+ruN18S0pbkHf/4ati/Xt78AcncoB1pIIdBZ/KCjjgpuUYDqvmL5jF3YIb0pecJMzkCSJZDUizJL8GcoAqtEPXfOqvpYunDYcm5NMd5WH7dYT5bWJw== mhoward@roomag.org-20150307 diff --git a/roles/devbox/defaults/main.yml b/roles/devbox/defaults/main.yml new file mode 100644 --- /dev/null +++ b/roles/devbox/defaults/main.yml @@ -0,0 +1,12 @@ +--- + +with_gui: false + +extra_packages: [] + +#dotfiles_repository +dotfiles_checkout: default + +hostkeys: {} +hostkeys_removed: {} + diff --git a/roles/devbox/handlers/main.yml b/roles/devbox/handlers/main.yml new file mode 100644 --- /dev/null +++ b/roles/devbox/handlers/main.yml @@ -0,0 +1,5 @@ +--- + +- name: restart lightdm + service: name=lightdm state=restarted + diff --git a/roles/devbox/tasks/debian.yml b/roles/devbox/tasks/debian.yml new file mode 100644 --- /dev/null +++ b/roles/devbox/tasks/debian.yml @@ -0,0 +1,59 @@ +--- + +- name: add backports + apt_repository: + repo: "deb http://http.debian.net/debian {{ansible_distribution_release}}-backports main" + +- name: apt upgrade + apt: upgrade=yes update_cache=yes cache_valid_time=3600 + tags: packages, upgrade + +- name: Install base packages + apt: name={{item}} state=installed + with_items: + - sudo + - build-essential + - git + - mercurial + - vim + - exuberant-ctags + - silversearcher-ag + - zsh + - tmux + - ruby + tags: packages, install + +- name: Install GUI packages + when: with_gui + apt: name={{item}} state=installed + with_items: + - i3 + - vim-gtk + - iceweasel + - fonts-dejavu-extra + - fonts-opensymbol + tags: packages, install + +- name: Install Extra packages + apt: name={{item}} state=installed + with_items: extra_packages + tags: packages, install + + +- name: Check for lightdm.conf + when: with_gui + stat: + path: /etc/lightdm/lightdm.conf + register: lightdmconf + +- name: Set default X session to i3 + when: with_gui and lightdmconf.stat.exists + ini_file: + dest: /etc/lightdm/lightdm.conf + section: SeatDefaults + option: user-session + value: i3 + backup: true + notify: + - restart lightdm + diff --git a/roles/devbox/tasks/main.yml b/roles/devbox/tasks/main.yml new file mode 100644 --- /dev/null +++ b/roles/devbox/tasks/main.yml @@ -0,0 +1,87 @@ +--- + +# - repos ? +# - backports +# - pgdg +# x update +# x upgrade +# x packages: build-essentials, git, hg, vim-gtk, i3, ffx, ag, ctags, zsh, tmux, ruby, fonts? +# - vbox exts? +# - default x session +# - user +# - dotfiles +# - authorized keys? +# - ssh ids from vault? pgp? +# - homedir-setup +# - sudo group +# - plenv - rbenv build? + +- include: debian.yml + when: ansible_distribution == 'Debian' + +- name: Enable sudo for sudo group + lineinfile: + dest: /etc/sudoers + state: present + regexp: '^%sudo' + line: '%sudo ALL=(ALL:ALL) ALL' + +- name: User setup + user: + name: "{{user.name}}" + comment: "{{user.comment}}" + shell: /bin/zsh + groups: sudo + append: true + register: user + +- name: Pubkey for user + authorized_key: + manage_dir: true + user: "{{user.name}}" + key: "{{item}}" + with_file: + - public_keys/{{user.name}} + +- name: Ensure hostkeys + sudo: true + sudo_user: "{{user.name}}" + lineinfile: + dest: "{{user.home}}/.ssh/known_hosts" + state: present + line: "{{item.value}}" + create: true + mode: 0600 + with_dict: hostkeys + +- name: Purge hostkeys + sudo: true + sudo_user: "{{user.name}}" + lineinfile: + dest: "{{user.home}}/.ssh/known_hosts" + state: absent + line: "{{item.value}}" + with_dict: hostkeys_removed + +- name: Check for dotfiles checkout in homedir + stat: path={{user.home}}/.hg + register: dotfiles + +- name: Clone dotfiles + when: dotfiles.stat.exists == false + shell: > + hg clone -U {{dotfiles_repository}} {{user.home}}/_dotfiles_ + && mv {{user.home}}/_dotfiles_/.hg {{user.home}} + && rmdir {{user.home}}/_dotfiles_ + && chown -R {{user.name}}:{{user.group}} {{user.home}}/.hg + && sudo -u {{user.name}} hg -R {{user.home}} update -C + +- name: Run homedir-setup + sudo: true + sudo_user: "{{user.name}}" + shell: ./.homedir-setup.rb -su chdir={{user.home}} + register: homedir_setup + changed_when: homedir_setup.stdout | match("Updating|Installing") + failed_when: homedir_setup.rc != 0 + +