#!/usr/bin/ansible-playbook # vim:ft=ansible: --- - name: Assure user user: name: "{{ user_username }}" shell: "{{ user_shell }}" password: "{{ user_password }}" groups: sudo append: yes become: yes - name: Bootstrap user block: - name: Generate keypair openssh_keypair: comment: "{{ user_username }}@{{ inventory_hostname }}" path: $HOME/.ssh/id_rsa mode: "0600" register: keypair - name: Register keypair with Gitea uri: url: "https://git.9iron.club/api/v1/user/keys" method: POST headers: accept: "application/json" Authorization: "token {{ gitea_api_token }}" body_format: json body: key: "{{ keypair.public_key }}" read_only: yes title: "{{ inventory_hostname }}" status_code: 201 when: keypair is changed - name: Configure authorized hosts authorized_key: user: "{{ user_username }}" manage_dir: yes key: "{{ item.key }}" state: "{{ item.state }}" loop: - { key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDc03Q21k7rDuIbZ91dIMOSAM7EpT75YFzOoYL6CfHLZbRDsYTVgUSHYL9lfgGiW9CYL9Gp8QT9eLzIdfgn4e8OMMuoW1jayM9nj6iY3tmWlinuzs535j04Us/aY1Gka+f0qf/vJfRAwO0VN92xmLxW4pQMD/r5DKQ3yppvohnAAPeOhoFeLbEPiBgb1ktNxtQF9GdIOdDIEE+dV0UA07dJskTdJGG9Zbff7VEcQXknhaLdclye+BHlNkRv+MvFu4jPnBNttPiM4TSBgOD88U68M6MsYBJ+2e+7cTiO2DWy9bTtAnhWHD468fdS3S9h62l2lsrGBa5dRpc8RCpPXFo/ salt@dsk-cstm-0", state: present } - { key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDyOzdOFNONNhr++/2L3iSN04JsLwYHkapslDMEImI0x4chvdfdA9OkEOZHP5EoMUG6uWL3xZZdQ9Egp931oHDc4W5ylPQ1VtqQ2vcyffCfBTOEaUeEgw2tHBDngMqBgTajMSFvTbaC7JNSIdcGP1KTCCYZ3f8DPjVmG8FAKq1kDnCyI4sXHQswi/AbIBrOsWSW+qjrQdD/jU7T2LPQbU9FB+afinDizhGXUzkmbRkOD5z/YsyrWDfaKhGS4EwJpZbEwT7ocnCaQSa74xYLwUlBONhg3u2wq00mrh7vc2WbeGB7VoCsojPIj5r6KoCKzRBVog2HLQ4W7QqfSW/nXR21 salt@lap-th-e560-0", state: present } - name: Check for dotfile initialization stat: path=$HOME/.dotfiles register: p - name: Initialize dotfiles block: - name: Configure git SSH substitute for GitHub git_config: name: url."https://github.com/".insteadOf value: "git@github.com:" scope: global state: absent - name: Configure git SSH substitute for GitLab git_config: name: url."https://gitlab.com/".insteadOf value: "git@gitlab.com:" scope: global state: absent - name: Configure git SSH substitute for 9iron git_config: name: url."https://git.9iron.club/".insteadOf value: "git@git.9iron.club:" scope: global state: absent - name: Clone bootstrap script git: accept_hostkey: yes repo: git@git.9iron.club:salt/bootstrap dest: $HOME/bootstrap depth: 1 force: yes - name: Execute bootstrap script shell: cd && ~/bootstrap/build-home.sh - name: Disable untracked files on dotfiles git_config: name: status.showUntrackedFiles value: "no" scope: local repo: ~/.dotfiles - name: Remove bootstrap script directory file: path: ~/bootstrap state: absent when: not p.stat.exists become: yes become_user: "{{ user_username }}"