Reorganize inventory, add ansible system user

Who is only used on my desktop hosts, obviously

inventory/hosts.yml

@@ -4,6 +4,19 @@ all:
   vars:
     ansible_user: ubuntu
   children:
+    home:
+      vars:
+        ansible_user: ansible
+      hosts:
+        dsk-cstm-0:
+          ansible_host: 172.23.100.1
+        lap-th-e560-0:
+          ansible_host: 172.23.100.2
+    9iron:
+      children:
+        ansiblehosts:
+        webservers:
+        gameservers:
     ansiblehosts:
       hosts:
         9iron.club:

roles/common/tasks/ansibleuser.yml

@@ -0,0 +1,15 @@
+#!/usr/bin/ansible-playbook
+# vim:ft=ansible:
+- name: Configure Ansible system user
+  block:
+    - name: Create Ansible system user
+      user:
+        name: ansible
+        groups: sudo
+        password_lock: yes
+        system: yes
+    - name: Add Ansible key to user
+      authorized_key:
+        user: ansible
+        manage_dir: yes
+        key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8pjK7Z6V9IjxRtLB9Xwt5Rujj0iMQqOVExRkmkIzjEcblV/cqtwx4fOijoN9eQlmrjQg05rBWoHJoUiLH5LimU2HPQt9vSDSt/tTXNafhvi3St3nz+GA9yCwAkJfvz2QL/vnU7sfveYC2xmWZC0xjcG4bl8pL2GJgfyh4OnfS9vNRTpn1kAJ/Fl4vRLtRaFx1WzF3/RJUOkesYLegawSRJsaIamJFI5YxHe5VeTnFefVtssgbGrOj19uRDIZkBW/5uWsnNPVwbGUT089qioS11QFJaVOQCgU/E+4lxCHlRfLQ+gnXvaQV3j0JFk/I1bZNlCcNLHc0ZasXIqV+BUaR4au35QkDBjh38DCxesZ775tudXUp7KP6OHCC9i9ncIkum3mE+4K+0KAlS0oevUQdfguXkRQ6q3vydxEgWbBOx3jHi7i5AwvOnJqZRmUnfFp0qfhGfcS2pLEZhUcd0bOM6qAyK1XD5XRzXoVLS9bdHNUwCaIWie0tOYMLLmNooTU= ansible"

roles/common/tasks/main.yml

@@ -1,50 +1,50 @@
 #!/usr/bin/ansible-playbook
 # vim:ft=ansible:
 ---
-- name: Update and upgrade apt packages
+- name: Configure basic system settings
-  apt:
-    upgrade: "yes"
-    update_cache: yes
-    # One day
-    cache_valid_time: 86400
-  become: yes
-- name: Install basic packages
-  apt:
-    name: "{{ packages }}"
-  vars:
-    packages:
-      - acl
-      - aptitude
-      - net-tools
-      - python3-apt
-      - vim
-      - awscli
-  become: yes
-- name: Set timezone
-  timezone:
-    name: "America/Chicago"
-  become: yes
-  notify: restart cron
-- name: Configure MOTD
   block:
-  - name: Disable MOTD news
+    - name: Update and upgrade apt packages
-    copy:
+      apt:
-      src: "motd-news"
+        upgrade: "yes"
-      dest: "/etc/default/motd-news"
+        update_cache: yes
-  - name: Disable default update-motd tasks
+        # One day
-    file:
+        cache_valid_time: 86400
-      path: "/etc/update-motd.d/{{ item }}"
+    - name: Install basic packages
-      state: absent
+      apt:
-    loop:
+        name: "{{ packages }}"
-      - "00-header"
+      vars:
-      - "10-help-text"
+        packages:
-      - "50-landscape-sysinfo"
+          - acl
-      - "50-motd-news"
+          - aptitude
-      - "80-esm"
+          - net-tools
-      - "80-livepatch"
+          - python3-apt
-      - "90-updates-available"
+          - vim
-      - "91-release-upgrade"
+          - awscli
-      - "92-unattended-upgrades"
+    - name: Set timezone
-      - "95-hwe-eol"
+      timezone:
-      - "97-overlayroot"
+        name: "America/Chicago"
-  become: yes
+      notify: restart cron
+    - name: Configure MOTD
+      block:
+      - name: Disable MOTD news
+        copy:
+          src: "motd-news"
+          dest: "/etc/default/motd-news"
+      - name: Disable default update-motd tasks
+        file:
+          path: "/etc/update-motd.d/{{ item }}"
+          state: absent
+        loop:
+          - "00-header"
+          - "10-help-text"
+          - "50-landscape-sysinfo"
+          - "50-motd-news"
+          - "80-esm"
+          - "80-livepatch"
+          - "90-updates-available"
+          - "91-release-upgrade"
+          - "92-unattended-upgrades"
+          - "95-hwe-eol"
+          - "97-overlayroot"
+    - name: Configure Ansible user
+      include_tasks: ansibleuser.yml