Mercurial > hg > mhoward > devbox-ansible / changeset

changeset

add bootstrap role

Fri, 23 Jun 2017 20:04:51 -0400

author
Meredith Howard <mhoward@roomag.org>
date
Fri, 23 Jun 2017 20:04:51 -0400
changeset 73
8b0c09efbb5b
parent 72
33181d87b149
child 74
87a637974823

add bootstrap role

public_keys/ansible file | annotate | diff | comparison | revisions
roles/bootstrap/defaults/main.yml file | annotate | diff | comparison | revisions
roles/bootstrap/tasks/disable-stock.yml file | annotate | diff | comparison | revisions
roles/bootstrap/tasks/main.yml file | annotate | diff | comparison | revisions
roles/devbox/meta/main.yml file | annotate | diff | comparison | revisions
roles/user/defaults/main.yml file | annotate | diff | comparison | revisions
roles/user/tasks/disable-stock.yml file | annotate | diff | comparison | revisions
roles/user/tasks/main.yml file | annotate | diff | comparison | revisions 
new file mode 100644
--- /dev/null
+++ b/public_keys/ansible
@@ -0,0 +1,1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABkACoN3BYAJHB1DYvHRWC/JNPiqXW/mQnu6pZfbBKLEwyYwYqaFk1t9AH3e4fzoiE2YQ2CCQRz8u6KSEEyTjyJvbcrxCBMSgpZxyOP/dCKvDuIz1rx5hrOVAB6NxFaJgBzNdAxnwny0iPf7DEkeNKvSoiGLTWB5kOz3eoOtwBLHTVPF3OFpiYOyAbI+3biRqPGn8wwBeeY658UktFIInee7okHt0bIyA7y6p0AKVyTjybm7BEZsUOkfZLjRH6dmJ3WX30umS/q2ToHI9aKmGsh9xi0TkrCYN0t08PnNu/f7708dCj5LjClhhvcXNiAGyO2EMdYzLVY4RMoVtB3tXVlW+TsjZvvsCl9uHnMGEk2W7WzGziXC9ftgQWr8+y3QBgoRB3TBUmpDHWbSUXVwg7f7ll8JXpA1dDYXFBdoGG7yC2/Nv9gyiSbxYjo0ypXi9wZ0fmhVI0gaYJSUmwcF+EyaYltrHFWCc77hQR+tIIEpl8z5c/7GG3QqWL2WklrmSXno6aHMbpyx6XGuhOFBNAmus= control_id@20170623
rename from roles/user/defaults/main.yml
rename to roles/bootstrap/defaults/main.yml
rename from roles/user/tasks/disable-stock.yml
rename to roles/bootstrap/tasks/disable-stock.yml
--- a/roles/user/tasks/disable-stock.yml
+++ b/roles/bootstrap/tasks/disable-stock.yml
@@ -1,6 +1,5 @@
 ---
-
-- name: Disable stock users
+- name: "Bootstrap: Disable stock users"
   shell: usermod -e 1 {{item}}
   ignore_errors: true
   with_items:
new file mode 100644
--- /dev/null
+++ b/roles/bootstrap/tasks/main.yml
@@ -0,0 +1,29 @@
+---
+- name: "Bootstrap: Ansible control user"
+  user:
+    name: ansible
+    comment: "Ansible Controller"
+    home: /var/lib/ansible
+    createhome: true
+    append: true
+    system: true
+    state: present
+
+- name: "Bootstrap : ansible pubkeys"
+  authorized_key:
+    manage_dir: true
+    user: ansible
+    key: "{{item}}"
+  with_file:
+    - 'public_keys/ansible'
+
+- name: "Bootstrap : ansible sudo"
+  lineinfile:
+    dest: /etc/sudoers
+    state: present
+    regexp: '^ansible'
+    line: 'ansible ALL=(ALL) NOPASSWD: ALL'
+    validate: 'visudo -cf "%s"'
+
+- include: disable-stock.yml
+  when: disable_stock_users
--- a/roles/devbox/meta/main.yml
+++ b/roles/devbox/meta/main.yml
@@ -1,4 +1,5 @@
 ---
 dependencies:
+  - bootstrap
   - repositories
   - sudo
--- a/roles/user/tasks/main.yml
+++ b/roles/user/tasks/main.yml
@@ -68,6 +68,3 @@
   changed_when: homedir_setup.stdout | match("Updating|Cloning")
   failed_when: homedir_setup.rc != 0
   tags: user, dotfiles
-
-- include: disable-stock.yml
-  when: disable_stock_users

Mercurial Repository: mhoward/devbox-ansible

mercurial