Make some tweaks, actually add our Ansible user
This commit is contained in:
parent
fe7b962ad7
commit
8f15bf4f2b
@ -1,6 +1,7 @@
|
||||
#! /bin/sh
|
||||
#! /bin/bash
|
||||
#
|
||||
# deploy.sh
|
||||
# localhost-deploy.sh
|
||||
# Deploys configs for local machine and only local machine
|
||||
# Copyright (C) 2020 Vintage Salt <rehashedsalt@cock.li>
|
||||
#
|
||||
# Distributed under terms of the MIT license.
|
||||
@ -11,5 +12,5 @@ if ! command -v ansible > /dev/null 2>&1; then
|
||||
sudo apt-get install python3-pip python3-setuptools -y
|
||||
sudo pip3 install ansible
|
||||
fi
|
||||
ansible-playbook home.yml --ask-vault-pass --ask-become-pass "$@"
|
||||
ansible-playbook site.yml -l "$HOSTNAME" -e "ansible_user=$USER" --ask-become-pass --ask-vault-pass "$@"
|
||||
|
||||
|
@ -8,8 +8,15 @@
|
||||
groups: sudo
|
||||
password_lock: yes
|
||||
system: yes
|
||||
become: yes
|
||||
- name: Add Ansible key to user
|
||||
authorized_key:
|
||||
user: ansible
|
||||
manage_dir: yes
|
||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8pjK7Z6V9IjxRtLB9Xwt5Rujj0iMQqOVExRkmkIzjEcblV/cqtwx4fOijoN9eQlmrjQg05rBWoHJoUiLH5LimU2HPQt9vSDSt/tTXNafhvi3St3nz+GA9yCwAkJfvz2QL/vnU7sfveYC2xmWZC0xjcG4bl8pL2GJgfyh4OnfS9vNRTpn1kAJ/Fl4vRLtRaFx1WzF3/RJUOkesYLegawSRJsaIamJFI5YxHe5VeTnFefVtssgbGrOj19uRDIZkBW/5uWsnNPVwbGUT089qioS11QFJaVOQCgU/E+4lxCHlRfLQ+gnXvaQV3j0JFk/I1bZNlCcNLHc0ZasXIqV+BUaR4au35QkDBjh38DCxesZ775tudXUp7KP6OHCC9i9ncIkum3mE+4K+0KAlS0oevUQdfguXkRQ6q3vydxEgWbBOx3jHi7i5AwvOnJqZRmUnfFp0qfhGfcS2pLEZhUcd0bOM6qAyK1XD5XRzXoVLS9bdHNUwCaIWie0tOYMLLmNooTU= ansible"
|
||||
- name: Add Ansible user sudoers rule
|
||||
template:
|
||||
src: 90-ansible.cfg
|
||||
dest: "/etc/sudoers.d/90-ansible.cfg
|
||||
mode: "0440"
|
||||
become: yes
|
||||
|
3
roles/common/templates/90-ansible.cfg
Normal file
3
roles/common/templates/90-ansible.cfg
Normal file
@ -0,0 +1,3 @@
|
||||
# Managed by Ansible
|
||||
|
||||
ansible ALL=(ALL) NOPASSWD:ALL
|
Loading…
Reference in New Issue
Block a user