Unify some homebrew roles' become methods

This commit is contained in:
Salt 2020-11-08 00:05:48 -06:00
parent f893458e51
commit ddc5c881de
5 changed files with 29 additions and 37 deletions

View File

@ -1,20 +1,17 @@
#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
- name: configure ansible-pull
block:
- name: assure vault password file
copy: src=vaultpass dest="~/ansiblevaultpass" mode="0600"
become: yes
become_user: ansible
- name: install ansible
pip: name=ansible,ansible-base,ansible-lint state=latest
- name: configure systemd service
template: src=ansible-pull.service dest=/etc/systemd/system/ansible-pull.service
notify: restart ansiblepull timer
- name: configure systemd timer
template: src=ansible-pull.timer dest=/etc/systemd/system/ansible-pull.timer
notify: restart ansiblepull timer
- name: enable timer
systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
notify: restart ansiblepull timer
- name: assure vault password file
copy: src=vaultpass dest="~/ansiblevaultpass" mode="0600"
become: yes
become_user: ansible
- name: install ansible
pip: name=ansible,ansible-base,ansible-lint state=latest
- name: configure systemd service
template: src=ansible-pull.service dest=/etc/systemd/system/ansible-pull.service
notify: restart ansiblepull timer
- name: configure systemd timer
template: src=ansible-pull.timer dest=/etc/systemd/system/ansible-pull.timer
notify: restart ansiblepull timer
- name: enable timer
systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
notify: restart ansiblepull timer

View File

@ -1,13 +1,10 @@
#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
- name: configure ansible user
block:
- name: create ansible user
user: name=ansible password_lock=yes
- name: configure ansible user home directory
file: path=/home/ansible owner=ansible group=ansible
- name: configure ansible user keys
authorized_key: user=ansible manage_dir=yes key={{ common_ansible_pubkey }}
- name: configure ansible user sudo
lineinfile: path=/etc/sudoers line="ansible ALL=(ALL:ALL) NOPASSWD:ALL"
become: yes
- name: create ansible user
user: name=ansible password_lock=yes
- name: configure ansible user home directory
file: path=/home/ansible owner=ansible group=ansible
- name: configure ansible user keys
authorized_key: user=ansible manage_dir=yes key={{ common_ansible_pubkey }}
- name: configure ansible user sudo
lineinfile: path=/etc/sudoers line="ansible ALL=(ALL:ALL) NOPASSWD:ALL"

View File

@ -28,5 +28,4 @@
- whois
- name: remove basic packages
apt: state=absent name=unattended-upgrades
become: yes
when: ansible_os_family == "Debian"

View File

@ -1,10 +1,7 @@
#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
- name: configure system
block:
- name: configure hostname
hostname: name={{ inventory_hostname }}
- name: configure timezone
timezone: name=America/Chicago
notify: restart cron
become: yes
- name: configure hostname
hostname: name={{ inventory_hostname }}
- name: configure timezone
timezone: name=America/Chicago
notify: restart cron

View File

@ -5,8 +5,10 @@
- hosts: all
roles:
- role: common
become: yes
tags: [ common ]
- role: ansible-pull
become: yes
tags: [ ansible, common ]
# Home desktops
- hosts: desktop