80 lines
3.4 KiB
YAML
80 lines
3.4 KiB
YAML
#!/usr/bin/ansible-playbook
|
|
# vim:ft=ansible:
|
|
---
|
|
- name: Assure user salt
|
|
vars:
|
|
salt_pass: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
37666131343936663962386535343939373161343337383436613961303637376136633736353533
|
|
3366623536646563383563373265313134663464396231370a303033353661336436386561366139
|
|
30393536393634653566646636366436656435623534626266343632313336336336346131383361
|
|
3366343932383930350a383637646261373135376138633533306530306339316235353262356135
|
|
34626466363266616265653064333365663663306330666632343864373335626265323230633331
|
|
33623431633665353964623437636231623366383733626266353162633762373035376638663936
|
|
62383065653836366431316461663862393130653761643937376565366435646665313961663534
|
|
64303363653631653433343361616635373966326433663466636164613062343561333036613937
|
|
35616666633737356331653632323639373330396433366639326466373639313630
|
|
user:
|
|
name: salt
|
|
shell: /bin/bash
|
|
password: "{{ salt_pass }}"
|
|
groups: sudo
|
|
append: yes
|
|
become: yes
|
|
- name: Bootstrap user
|
|
block:
|
|
- name: Authorize dsk-cstm-0 for user salt
|
|
authorized_key:
|
|
user: salt
|
|
state: present
|
|
manage_dir: yes
|
|
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDc03Q21k7rDuIbZ91dIMOSAM7EpT75YFzOoYL6CfHLZbRDsYTVgUSHYL9lfgGiW9CYL9Gp8QT9eLzIdfgn4e8OMMuoW1jayM9nj6iY3tmWlinuzs535j04Us/aY1Gka+f0qf/vJfRAwO0VN92xmLxW4pQMD/r5DKQ3yppvohnAAPeOhoFeLbEPiBgb1ktNxtQF9GdIOdDIEE+dV0UA07dJskTdJGG9Zbff7VEcQXknhaLdclye+BHlNkRv+MvFu4jPnBNttPiM4TSBgOD88U68M6MsYBJ+2e+7cTiO2DWy9bTtAnhWHD468fdS3S9h62l2lsrGBa5dRpc8RCpPXFo/ Salt@tungsten-qemu"
|
|
- name: Authorize lap-th-e560-0 for user salt
|
|
authorized_key:
|
|
user: salt
|
|
state: present
|
|
manage_dir: yes
|
|
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDyOzdOFNONNhr++/2L3iSN04JsLwYHkapslDMEImI0x4chvdfdA9OkEOZHP5EoMUG6uWL3xZZdQ9Egp931oHDc4W5ylPQ1VtqQ2vcyffCfBTOEaUeEgw2tHBDngMqBgTajMSFvTbaC7JNSIdcGP1KTCCYZ3f8DPjVmG8FAKq1kDnCyI4sXHQswi/AbIBrOsWSW+qjrQdD/jU7T2LPQbU9FB+afinDizhGXUzkmbRkOD5z/YsyrWDfaKhGS4EwJpZbEwT7ocnCaQSa74xYLwUlBONhg3u2wq00mrh7vc2WbeGB7VoCsojPIj5r6KoCKzRBVog2HLQ4W7QqfSW/nXR21 salt@iridium"
|
|
- name: Check for dotfile initialization
|
|
stat: path=$HOME/.dotfiles
|
|
register: p
|
|
- name: Initialize dotfiles
|
|
block:
|
|
- name: Configure git SSH substitute for GitHub
|
|
git_config:
|
|
name: url."https://github.com/".insteadOf
|
|
value: "git@github.com:"
|
|
scope: global
|
|
- name: Configure git SSH substitute for GitLab
|
|
git_config:
|
|
name: url."https://gitlab.com/".insteadOf
|
|
value: "git@gitlab.com:"
|
|
scope: global
|
|
- name: Configure git SSH substitute for 9iron
|
|
git_config:
|
|
name: url."https://git.9iron.club/".insteadOf
|
|
value: "git@git.9iron.club:"
|
|
scope: global
|
|
- name: Clone bootstrap script
|
|
git:
|
|
accept_hostkey: yes
|
|
repo: git@git.9iron.club:salt/bootstrap
|
|
dest: $HOME/bootstrap
|
|
depth: 1
|
|
force: yes
|
|
- name: Execute bootstrap script
|
|
shell: cd && ~/bootstrap/build-home.sh
|
|
- name: Disable untracked files on dotfiles
|
|
git_config:
|
|
name: status.showUntrackedFiles
|
|
value: "no"
|
|
scope: local
|
|
repo: ~/.dotfiles
|
|
- name: Remove bootstrap script directory
|
|
file:
|
|
path: ~/bootstrap
|
|
state: absent
|
|
when: not p.stat.exists
|
|
become: yes
|
|
become_user: salt
|