diff options
| author | bnewbold <bnewbold@robocracy.org> | 2016-03-25 11:49:45 -0700 |
|---|---|---|
| committer | bnewbold <bnewbold@robocracy.org> | 2016-03-25 11:49:45 -0700 |
| commit | be8701c13800eb84fc4afb118c16738abee55850 (patch) | |
| tree | 7060e1b8ca09c1c9fd2957ba258a9ad624035d1d /playbooks | |
| download | infra-be8701c13800eb84fc4afb118c16738abee55850.tar.gz infra-be8701c13800eb84fc4afb118c16738abee55850.zip | |
import basics from NSA's commission repo
Diffstat (limited to 'playbooks')
| -rw-r--r-- | playbooks/init_adze.yml | 46 | ||||
| l--------- | playbooks/pubkeys | 1 | ||||
| l--------- | playbooks/roles | 1 | ||||
| l--------- | playbooks/vars | 1 |
4 files changed, 49 insertions, 0 deletions
diff --git a/playbooks/init_adze.yml b/playbooks/init_adze.yml new file mode 100644 index 0000000..e2c1f79 --- /dev/null +++ b/playbooks/init_adze.yml @@ -0,0 +1,46 @@ +--- +- name: Initializing adze.robocracy.org + hosts: adze.robocracy.org + remote_user: root + gather_facts: True + vars_files: + - vars/vault.yml + - vars/default.yml + + vars: + admin_email: "root@robocracy.org" + main_user_name: bnewbold + + roles: + - debian_jessie + - common + - nullmailer + # TODO: nginx + + tasks: + - name: Create main user account + user: name={{main_user_name}} state=present groups=sudo append=yes shell=/bin/bash + - name: Give main user account sudo power + template: src=roles/common/templates/sudoers.j2 dest=/etc/sudoers.d/sudoers owner=root group=root mode=0440 validate='visudo -cf %s' + - name: Install main user authorized SSH keys + authorized_key: user="{{ main_user_name}}" key="{{ item }}" + with_file: + - pubkeys/bnewbold.pub + - name: Install root user authorized SSH keys + authorized_key: user=root key="{{ item }}" + with_file: + - pubkeys/bnewbold.pub + - name: Extra packages for this host + apt: name={{item}} state=installed + with_items: + - socat + - rsyslog + + post_tasks: + - name: Sanity check that we have IPv4 connectivity + command: /bin/ping -c 2 mit.edu + - name: Sanity check that we have IPv6 connectivity + command: /bin/ping6 -c 2 mit.edu + - name: Done + shell: echo 'Done!' + diff --git a/playbooks/pubkeys b/playbooks/pubkeys new file mode 120000 index 0000000..60652d3 --- /dev/null +++ b/playbooks/pubkeys @@ -0,0 +1 @@ +../pubkeys/
\ No newline at end of file diff --git a/playbooks/roles b/playbooks/roles new file mode 120000 index 0000000..7b9ade8 --- /dev/null +++ b/playbooks/roles @@ -0,0 +1 @@ +../roles/
\ No newline at end of file diff --git a/playbooks/vars b/playbooks/vars new file mode 120000 index 0000000..b11f011 --- /dev/null +++ b/playbooks/vars @@ -0,0 +1 @@ +../vars/
\ No newline at end of file |