Make some tweaks, actually add our Ansible user

This commit is contained in:
Salt 2020-06-16 10:04:54 -05:00
parent fe7b962ad7
commit 8f15bf4f2b
3 changed files with 14 additions and 3 deletions

View File

@ -1,6 +1,7 @@
#! /bin/sh
#! /bin/bash
#
# deploy.sh
# localhost-deploy.sh
# Deploys configs for local machine and only local machine
# Copyright (C) 2020 Vintage Salt <rehashedsalt@cock.li>
#
# Distributed under terms of the MIT license.
@ -11,5 +12,5 @@ if ! command -v ansible > /dev/null 2>&1; then
sudo apt-get install python3-pip python3-setuptools -y
sudo pip3 install ansible
fi
ansible-playbook home.yml --ask-vault-pass --ask-become-pass "$@"
ansible-playbook site.yml -l "$HOSTNAME" -e "ansible_user=$USER" --ask-become-pass --ask-vault-pass "$@"

View File

@ -8,8 +8,15 @@
groups: sudo
password_lock: yes
system: yes
become: yes
- name: Add Ansible key to user
authorized_key:
user: ansible
manage_dir: yes
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8pjK7Z6V9IjxRtLB9Xwt5Rujj0iMQqOVExRkmkIzjEcblV/cqtwx4fOijoN9eQlmrjQg05rBWoHJoUiLH5LimU2HPQt9vSDSt/tTXNafhvi3St3nz+GA9yCwAkJfvz2QL/vnU7sfveYC2xmWZC0xjcG4bl8pL2GJgfyh4OnfS9vNRTpn1kAJ/Fl4vRLtRaFx1WzF3/RJUOkesYLegawSRJsaIamJFI5YxHe5VeTnFefVtssgbGrOj19uRDIZkBW/5uWsnNPVwbGUT089qioS11QFJaVOQCgU/E+4lxCHlRfLQ+gnXvaQV3j0JFk/I1bZNlCcNLHc0ZasXIqV+BUaR4au35QkDBjh38DCxesZ775tudXUp7KP6OHCC9i9ncIkum3mE+4K+0KAlS0oevUQdfguXkRQ6q3vydxEgWbBOx3jHi7i5AwvOnJqZRmUnfFp0qfhGfcS2pLEZhUcd0bOM6qAyK1XD5XRzXoVLS9bdHNUwCaIWie0tOYMLLmNooTU= ansible"
- name: Add Ansible user sudoers rule
template:
src: 90-ansible.cfg
dest: "/etc/sudoers.d/90-ansible.cfg
mode: "0440"
become: yes

View File

@ -0,0 +1,3 @@
# Managed by Ansible
ansible ALL=(ALL) NOPASSWD:ALL