From f0a61e9538f5d92f8f9ad674b9b84a3c47b29453 Mon Sep 17 00:00:00 2001
From: Salt <rehashedsalt@cock.li>
Date: Tue, 16 Jun 2020 09:34:55 -0500
Subject: [PATCH] Reorganize inventory, add ansible system user Who is only
 used on my desktop hosts, obviously

---
 inventory/group_vars/{all.yml => 9iron.yml} |  0
 inventory/hosts.yml                         | 13 +++
 roles/common/tasks/ansibleuser.yml          | 15 ++++
 roles/common/tasks/main.yml                 | 92 ++++++++++-----------
 4 files changed, 74 insertions(+), 46 deletions(-)
 rename inventory/group_vars/{all.yml => 9iron.yml} (100%)
 create mode 100644 roles/common/tasks/ansibleuser.yml

diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/9iron.yml
similarity index 100%
rename from inventory/group_vars/all.yml
rename to inventory/group_vars/9iron.yml
diff --git a/inventory/hosts.yml b/inventory/hosts.yml
index d30ad43..cf948c4 100644
--- a/inventory/hosts.yml
+++ b/inventory/hosts.yml
@@ -4,6 +4,19 @@ all:
   vars:
     ansible_user: ubuntu
   children:
+    home:
+      vars:
+        ansible_user: ansible
+      hosts:
+        dsk-cstm-0:
+          ansible_host: 172.23.100.1
+        lap-th-e560-0:
+          ansible_host: 172.23.100.2
+    9iron:
+      children:
+        ansiblehosts:
+        webservers:
+        gameservers:
     ansiblehosts:
       hosts:
         9iron.club:
diff --git a/roles/common/tasks/ansibleuser.yml b/roles/common/tasks/ansibleuser.yml
new file mode 100644
index 0000000..abf52ab
--- /dev/null
+++ b/roles/common/tasks/ansibleuser.yml
@@ -0,0 +1,15 @@
+#!/usr/bin/ansible-playbook
+# vim:ft=ansible:
+- name: Configure Ansible system user
+  block:
+    - name: Create Ansible system user
+      user:
+        name: ansible
+        groups: sudo
+        password_lock: yes
+        system: yes
+    - name: Add Ansible key to user
+      authorized_key:
+        user: ansible
+        manage_dir: yes
+        key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8pjK7Z6V9IjxRtLB9Xwt5Rujj0iMQqOVExRkmkIzjEcblV/cqtwx4fOijoN9eQlmrjQg05rBWoHJoUiLH5LimU2HPQt9vSDSt/tTXNafhvi3St3nz+GA9yCwAkJfvz2QL/vnU7sfveYC2xmWZC0xjcG4bl8pL2GJgfyh4OnfS9vNRTpn1kAJ/Fl4vRLtRaFx1WzF3/RJUOkesYLegawSRJsaIamJFI5YxHe5VeTnFefVtssgbGrOj19uRDIZkBW/5uWsnNPVwbGUT089qioS11QFJaVOQCgU/E+4lxCHlRfLQ+gnXvaQV3j0JFk/I1bZNlCcNLHc0ZasXIqV+BUaR4au35QkDBjh38DCxesZ775tudXUp7KP6OHCC9i9ncIkum3mE+4K+0KAlS0oevUQdfguXkRQ6q3vydxEgWbBOx3jHi7i5AwvOnJqZRmUnfFp0qfhGfcS2pLEZhUcd0bOM6qAyK1XD5XRzXoVLS9bdHNUwCaIWie0tOYMLLmNooTU= ansible"
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 3788aae..92bdef9 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -1,50 +1,50 @@
 #!/usr/bin/ansible-playbook
 # vim:ft=ansible:
 ---
-- name: Update and upgrade apt packages
-  apt:
-    upgrade: "yes"
-    update_cache: yes
-    # One day
-    cache_valid_time: 86400
-  become: yes
-- name: Install basic packages
-  apt:
-    name: "{{ packages }}"
-  vars:
-    packages:
-      - acl
-      - aptitude
-      - net-tools
-      - python3-apt
-      - vim
-      - awscli
-  become: yes
-- name: Set timezone
-  timezone:
-    name: "America/Chicago"
-  become: yes
-  notify: restart cron
-- name: Configure MOTD
+- name: Configure basic system settings
   block:
-  - name: Disable MOTD news
-    copy:
-      src: "motd-news"
-      dest: "/etc/default/motd-news"
-  - name: Disable default update-motd tasks
-    file:
-      path: "/etc/update-motd.d/{{ item }}"
-      state: absent
-    loop:
-      - "00-header"
-      - "10-help-text"
-      - "50-landscape-sysinfo"
-      - "50-motd-news"
-      - "80-esm"
-      - "80-livepatch"
-      - "90-updates-available"
-      - "91-release-upgrade"
-      - "92-unattended-upgrades"
-      - "95-hwe-eol"
-      - "97-overlayroot"
-  become: yes
+    - name: Update and upgrade apt packages
+      apt:
+        upgrade: "yes"
+        update_cache: yes
+        # One day
+        cache_valid_time: 86400
+    - name: Install basic packages
+      apt:
+        name: "{{ packages }}"
+      vars:
+        packages:
+          - acl
+          - aptitude
+          - net-tools
+          - python3-apt
+          - vim
+          - awscli
+    - name: Set timezone
+      timezone:
+        name: "America/Chicago"
+      notify: restart cron
+    - name: Configure MOTD
+      block:
+      - name: Disable MOTD news
+        copy:
+          src: "motd-news"
+          dest: "/etc/default/motd-news"
+      - name: Disable default update-motd tasks
+        file:
+          path: "/etc/update-motd.d/{{ item }}"
+          state: absent
+        loop:
+          - "00-header"
+          - "10-help-text"
+          - "50-landscape-sysinfo"
+          - "50-motd-news"
+          - "80-esm"
+          - "80-livepatch"
+          - "90-updates-available"
+          - "91-release-upgrade"
+          - "92-unattended-upgrades"
+          - "95-hwe-eol"
+          - "97-overlayroot"
+    - name: Configure Ansible user
+      include_tasks: ansibleuser.yml