diff --git a/ansible.cfg b/ansible.cfg index 70e9924..c12c7bd 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,5 +1,6 @@ [defaults] inventory = hosts -remote_user = root +remote_user = ubuntu private_key_file = ~/.ssh/ansible +ssh_extra_args =-o ForwardAgent=yes -o StrictHostKeyChecking=no deprecation_warnings = false diff --git a/hosts b/hosts index 06562dd..42f729a 100644 --- a/hosts +++ b/hosts @@ -1,11 +1,8 @@ all: hosts: children: - vms: + aws: hosts: - 192.168.122.134 - workstations: - hosts: - 192.168.1.8 - 192.168.1.21 + ec2-3-15-44-30.us-east-2.compute.amazonaws.com: + ec2-18-224-139-59.us-east-2.compute.amazonaws.com: # vim:ft=ansible: diff --git a/master.yml b/provision.yml similarity index 52% rename from master.yml rename to provision.yml index ea6584b..dc181d3 100644 --- a/master.yml +++ b/provision.yml @@ -1,4 +1,7 @@ #!/usr/bin/ansible-playbook # vim:ft=ansible: --- -- import-playbook: roles/workstations.yml +- hosts: aws + roles: + - user + - common diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml new file mode 100644 index 0000000..8a1ab01 --- /dev/null +++ b/roles/common/tasks/main.yml @@ -0,0 +1,17 @@ +#!/usr/bin/ansible-playbook +# vim:ft=ansible: +--- +- name: Update and upgrade apt packages + apt: + upgrade: yes + update_cache: yes + # One day + cache_valid_time: 86400 + become: true +- name: Install basic packages + apt: + name: "{{ packages }}" + vars: + packages: + - vim + become: true diff --git a/roles/workstations.yml b/roles/template.yml similarity index 100% rename from roles/workstations.yml rename to roles/template.yml diff --git a/roles/user/tasks/main.yml b/roles/user/tasks/main.yml new file mode 100644 index 0000000..d7421fd --- /dev/null +++ b/roles/user/tasks/main.yml @@ -0,0 +1,56 @@ +#!/usr/bin/ansible-playbook +# vim:ft=ansible: +--- +- name: Initialize user salt + user: + name: salt + shell: /bin/bash + password: "***REMOVED***" + groups: sudo + append: yes + become: yes +- name: Authorize dsk-cstm-0 for user salt + authorized_key: + user: salt + state: present + manage_dir: yes + key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDc03Q21k7rDuIbZ91dIMOSAM7EpT75YFzOoYL6CfHLZbRDsYTVgUSHYL9lfgGiW9CYL9Gp8QT9eLzIdfgn4e8OMMuoW1jayM9nj6iY3tmWlinuzs535j04Us/aY1Gka+f0qf/vJfRAwO0VN92xmLxW4pQMD/r5DKQ3yppvohnAAPeOhoFeLbEPiBgb1ktNxtQF9GdIOdDIEE+dV0UA07dJskTdJGG9Zbff7VEcQXknhaLdclye+BHlNkRv+MvFu4jPnBNttPiM4TSBgOD88U68M6MsYBJ+2e+7cTiO2DWy9bTtAnhWHD468fdS3S9h62l2lsrGBa5dRpc8RCpPXFo/ Salt@tungsten-qemu" + become: yes + become_user: salt +- name: Authorize lap-th-e560-0 for user salt + authorized_key: + user: salt + state: present + manage_dir: yes + key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDyOzdOFNONNhr++/2L3iSN04JsLwYHkapslDMEImI0x4chvdfdA9OkEOZHP5EoMUG6uWL3xZZdQ9Egp931oHDc4W5ylPQ1VtqQ2vcyffCfBTOEaUeEgw2tHBDngMqBgTajMSFvTbaC7JNSIdcGP1KTCCYZ3f8DPjVmG8FAKq1kDnCyI4sXHQswi/AbIBrOsWSW+qjrQdD/jU7T2LPQbU9FB+afinDizhGXUzkmbRkOD5z/YsyrWDfaKhGS4EwJpZbEwT7ocnCaQSa74xYLwUlBONhg3u2wq00mrh7vc2WbeGB7VoCsojPIj5r6KoCKzRBVog2HLQ4W7QqfSW/nXR21 salt@iridium" + become: yes + become_user: salt +- name: Configure git SSH substitute for GitHub + git_config: + name: url."https://github.com/".insteadOf + value: "git@github.com:" + scope: global + become: yes + become_user: salt +- name: Configure git SSH substitute for GitLab + git_config: + name: url."https://gitlab.com/".insteadOf + value: "git@gitlab.com:" + scope: global + become: yes + become_user: salt +- name: Check for dotfile initialization + stat: path=$HOME/.dotfiles + register: p + become: yes + become_user: salt +- name: Clone bootstrap script + git: + accept_hostkey: yes + repo: git@gitlab.com:rehashedsalt/bootstrap + dest: $HOME/bootstrap + depth: 1 + force: yes + when: not p.stat.exists + become: yes + become_user: salt