Mercurial > hg > mhoward > devbox-ansible / changeset

new file mode 100644
--- /dev/null
+++ b/group_vars/all.yml
@@ -0,0 +1,13 @@
+---
+
+user:
+  name:    mhoward
+  comment: Meredith Howard
+
+with_gui: true
+
+dotfiles_repository: ssh://mhoward@roomag.org/proj/dotfiles
+
+hostkeys:
+  roomag.org: "|1|9luVS5b1COPzsVIoHy3SZyFO7+w=|ofEQRdPBaHKq635vwgADi4+o8cM= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIlCnrGFQ7LiR4HPUv11Qp9d4vhctwqihA4+TBnYORm088OZMyC9WcqcsD5uOKrLSjireBmxEDMat0W7rKgJnpo="
+

new file mode 100644
--- /dev/null
+++ b/inventory
@@ -0,0 +1,3 @@
+[localhost]
+localhost	ansible_connection=local
+

new file mode 100644
--- /dev/null
+++ b/playbook.yml
@@ -0,0 +1,5 @@
+---
+- hosts: all
+  roles:
+    - devbox
+

new file mode 100644
--- /dev/null
+++ b/public_keys/mhoward
@@ -0,0 +1,1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDMMRoqySOtXfWA4rM3D+BTTwn4w4AtHNglB/5qg99L/xkyu4GGK6Jj19kdW7pwTYZ0KWBKw/p2V7xjqE9N66fB0ZlLStf9jXsEWpArD3NupbEMiXMTM0WOvYby9CWqI9UcblNoOVWiM8AsUx1oFM2cYZlOwROJAiXbXHvUBO+LBLHO9Rc1feCSZaYXIxEkeNGaN0fX7M/Ap6XoEWiWyhIDxemJydEdjfixAFK+9hpmZ7mSkODcediRYTSY8dBR0nZsfYZ9mvpbxWWvcZq/tEVzOjo9L0ZsGDk0zUNy2naxgytzcwQfHklVwVjb0MZ3hQHjPHV2MiqogrBqX3ym1BUjH3TPxktp2r2cBQCdoa6rfX+a2TVlahIqYMgMFWoDMhw0QT59rY3z7R+Z1k68vANE+H6LQ5OjjBZUfwIixxFlvsMNuRuAX904TUJ2/3Ev9E58PryBDtwJHjy+Hn30xL6S2XFe996jRZ10OyUwnxEktoN/Bc9bO7KesJJAohkNm/h5FeDn+gqGZWFrr1VSTZocBf7CKL9RBKCeD9adEmFpkrWVwiHcdcfZb4Tc+ruN18S0pbkHf/4ati/Xt78AcncoB1pIIdBZ/KCjjgpuUYDqvmL5jF3YIb0pecJMzkCSJZDUizJL8GcoAqtEPXfOqvpYunDYcm5NMd5WH7dYT5bWJw== mhoward@roomag.org-20150307

new file mode 100644
--- /dev/null
+++ b/roles/devbox/defaults/main.yml
@@ -0,0 +1,12 @@
+---
+
+with_gui: false
+
+extra_packages: []
+
+#dotfiles_repository
+dotfiles_checkout: default
+
+hostkeys: {}
+hostkeys_removed: {}
+

new file mode 100644
--- /dev/null
+++ b/roles/devbox/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+
+- name: restart lightdm
+  service: name=lightdm state=restarted
+

new file mode 100644
--- /dev/null
+++ b/roles/devbox/tasks/debian.yml
@@ -0,0 +1,59 @@
+---
+
+- name: add backports
+  apt_repository:
+    repo: "deb http://http.debian.net/debian {{ansible_distribution_release}}-backports main"
+
+- name: apt upgrade
+  apt: upgrade=yes update_cache=yes cache_valid_time=3600 
+  tags: packages, upgrade
+
+- name: Install base packages
+  apt: name={{item}} state=installed
+  with_items:
+    - sudo
+    - build-essential
+    - git
+    - mercurial
+    - vim
+    - exuberant-ctags
+    - silversearcher-ag
+    - zsh
+    - tmux
+    - ruby
+  tags: packages, install
+
+- name: Install GUI packages
+  when: with_gui
+  apt: name={{item}} state=installed
+  with_items:
+    - i3
+    - vim-gtk
+    - iceweasel
+    - fonts-dejavu-extra
+    - fonts-opensymbol
+  tags: packages, install
+
+- name: Install Extra packages
+  apt: name={{item}} state=installed
+  with_items: extra_packages
+  tags: packages, install
+
+
+- name: Check for lightdm.conf
+  when: with_gui
+  stat:
+    path: /etc/lightdm/lightdm.conf
+  register: lightdmconf
+
+- name: Set default X session to i3
+  when: with_gui and lightdmconf.stat.exists
+  ini_file:
+    dest: /etc/lightdm/lightdm.conf
+    section: SeatDefaults
+    option: user-session
+    value: i3
+    backup: true
+  notify:
+  - restart lightdm
+

new file mode 100644
--- /dev/null
+++ b/roles/devbox/tasks/main.yml
@@ -0,0 +1,87 @@
+---
+
+# - repos ?
+#  - backports
+#  - pgdg
+# x update
+# x upgrade
+# x packages: build-essentials, git, hg, vim-gtk, i3, ffx, ag, ctags, zsh, tmux, ruby, fonts?
+# - vbox exts?
+# - default x session
+# - user
+#  - dotfiles
+#  - authorized keys?
+#  - ssh ids from vault? pgp?
+#  - homedir-setup
+#  - sudo group
+#  - plenv - rbenv build?
+
+- include: debian.yml
+  when: ansible_distribution == 'Debian'
+
+- name: Enable sudo for sudo group
+  lineinfile:
+    dest: /etc/sudoers
+    state: present
+    regexp: '^%sudo'
+    line: '%sudo ALL=(ALL:ALL) ALL'
+
+- name: User setup
+  user:
+    name: "{{user.name}}"
+    comment: "{{user.comment}}"
+    shell: /bin/zsh
+    groups: sudo
+    append: true
+  register: user
+
+- name: Pubkey for user
+  authorized_key:
+    manage_dir: true
+    user: "{{user.name}}"
+    key: "{{item}}"
+  with_file:
+    - public_keys/{{user.name}}
+
+- name: Ensure hostkeys
+  sudo: true
+  sudo_user: "{{user.name}}"
+  lineinfile:
+    dest: "{{user.home}}/.ssh/known_hosts"
+    state: present
+    line: "{{item.value}}"
+    create: true
+    mode: 0600
+  with_dict: hostkeys
+
+- name: Purge hostkeys
+  sudo: true
+  sudo_user: "{{user.name}}"
+  lineinfile:
+    dest: "{{user.home}}/.ssh/known_hosts"
+    state: absent
+    line: "{{item.value}}"
+  with_dict: hostkeys_removed
+
+- name: Check for dotfiles checkout in homedir
+  stat: path={{user.home}}/.hg
+  register: dotfiles
+
+- name: Clone dotfiles
+  when: dotfiles.stat.exists == false
+  shell: >
+    hg clone -U {{dotfiles_repository}} {{user.home}}/_dotfiles_
+    && mv {{user.home}}/_dotfiles_/.hg {{user.home}}
+    && rmdir {{user.home}}/_dotfiles_
+    && chown -R {{user.name}}:{{user.group}} {{user.home}}/.hg
+    && sudo -u {{user.name}} hg -R {{user.home}} update -C
+
+- name: Run homedir-setup
+  sudo: true
+  sudo_user: "{{user.name}}"
+  shell: ./.homedir-setup.rb -su chdir={{user.home}}
+  register: homedir_setup
+  changed_when: homedir_setup.stdout | match("Updating|Installing")
+  failed_when: homedir_setup.rc != 0
+
+