Make some tweaks, actually add our Ansible user
This commit is contained in:
parent
fe7b962ad7
commit
8f15bf4f2b
@ -1,6 +1,7 @@
|
|||||||
#! /bin/sh
|
#! /bin/bash
|
||||||
#
|
#
|
||||||
# deploy.sh
|
# localhost-deploy.sh
|
||||||
|
# Deploys configs for local machine and only local machine
|
||||||
# Copyright (C) 2020 Vintage Salt <rehashedsalt@cock.li>
|
# Copyright (C) 2020 Vintage Salt <rehashedsalt@cock.li>
|
||||||
#
|
#
|
||||||
# Distributed under terms of the MIT license.
|
# Distributed under terms of the MIT license.
|
||||||
@ -11,5 +12,5 @@ if ! command -v ansible > /dev/null 2>&1; then
|
|||||||
sudo apt-get install python3-pip python3-setuptools -y
|
sudo apt-get install python3-pip python3-setuptools -y
|
||||||
sudo pip3 install ansible
|
sudo pip3 install ansible
|
||||||
fi
|
fi
|
||||||
ansible-playbook home.yml --ask-vault-pass --ask-become-pass "$@"
|
ansible-playbook site.yml -l "$HOSTNAME" -e "ansible_user=$USER" --ask-become-pass --ask-vault-pass "$@"
|
||||||
|
|
||||||
|
@ -8,8 +8,15 @@
|
|||||||
groups: sudo
|
groups: sudo
|
||||||
password_lock: yes
|
password_lock: yes
|
||||||
system: yes
|
system: yes
|
||||||
|
become: yes
|
||||||
- name: Add Ansible key to user
|
- name: Add Ansible key to user
|
||||||
authorized_key:
|
authorized_key:
|
||||||
user: ansible
|
user: ansible
|
||||||
manage_dir: yes
|
manage_dir: yes
|
||||||
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8pjK7Z6V9IjxRtLB9Xwt5Rujj0iMQqOVExRkmkIzjEcblV/cqtwx4fOijoN9eQlmrjQg05rBWoHJoUiLH5LimU2HPQt9vSDSt/tTXNafhvi3St3nz+GA9yCwAkJfvz2QL/vnU7sfveYC2xmWZC0xjcG4bl8pL2GJgfyh4OnfS9vNRTpn1kAJ/Fl4vRLtRaFx1WzF3/RJUOkesYLegawSRJsaIamJFI5YxHe5VeTnFefVtssgbGrOj19uRDIZkBW/5uWsnNPVwbGUT089qioS11QFJaVOQCgU/E+4lxCHlRfLQ+gnXvaQV3j0JFk/I1bZNlCcNLHc0ZasXIqV+BUaR4au35QkDBjh38DCxesZ775tudXUp7KP6OHCC9i9ncIkum3mE+4K+0KAlS0oevUQdfguXkRQ6q3vydxEgWbBOx3jHi7i5AwvOnJqZRmUnfFp0qfhGfcS2pLEZhUcd0bOM6qAyK1XD5XRzXoVLS9bdHNUwCaIWie0tOYMLLmNooTU= ansible"
|
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8pjK7Z6V9IjxRtLB9Xwt5Rujj0iMQqOVExRkmkIzjEcblV/cqtwx4fOijoN9eQlmrjQg05rBWoHJoUiLH5LimU2HPQt9vSDSt/tTXNafhvi3St3nz+GA9yCwAkJfvz2QL/vnU7sfveYC2xmWZC0xjcG4bl8pL2GJgfyh4OnfS9vNRTpn1kAJ/Fl4vRLtRaFx1WzF3/RJUOkesYLegawSRJsaIamJFI5YxHe5VeTnFefVtssgbGrOj19uRDIZkBW/5uWsnNPVwbGUT089qioS11QFJaVOQCgU/E+4lxCHlRfLQ+gnXvaQV3j0JFk/I1bZNlCcNLHc0ZasXIqV+BUaR4au35QkDBjh38DCxesZ775tudXUp7KP6OHCC9i9ncIkum3mE+4K+0KAlS0oevUQdfguXkRQ6q3vydxEgWbBOx3jHi7i5AwvOnJqZRmUnfFp0qfhGfcS2pLEZhUcd0bOM6qAyK1XD5XRzXoVLS9bdHNUwCaIWie0tOYMLLmNooTU= ansible"
|
||||||
|
- name: Add Ansible user sudoers rule
|
||||||
|
template:
|
||||||
|
src: 90-ansible.cfg
|
||||||
|
dest: "/etc/sudoers.d/90-ansible.cfg
|
||||||
|
mode: "0440"
|
||||||
|
become: yes
|
||||||
|
3
roles/common/templates/90-ansible.cfg
Normal file
3
roles/common/templates/90-ansible.cfg
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
# Managed by Ansible
|
||||||
|
|
||||||
|
ansible ALL=(ALL) NOPASSWD:ALL
|
Loading…
Reference in New Issue
Block a user