From cb00f9f7462c5d8bce5b5071d1c26a6cc80243d8 Mon Sep 17 00:00:00 2001
From: bnewbold <bnewbold@robocracy.org>
Date: Sat, 5 Aug 2017 11:35:15 -0700
Subject: commit bnewbold.the-nsa.org stuff

---
 playbooks/init_bnewbold_nsa.yml | 50 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 playbooks/init_bnewbold_nsa.yml

(limited to 'playbooks/init_bnewbold_nsa.yml')

diff --git a/playbooks/init_bnewbold_nsa.yml b/playbooks/init_bnewbold_nsa.yml
new file mode 100644
index 0000000..be66cc1
--- /dev/null
+++ b/playbooks/init_bnewbold_nsa.yml
@@ -0,0 +1,50 @@
+---
+- name: Initializing bnewbold.the-nsa.org
+  hosts: bnewbold.the-nsa.org
+  remote_user: bnewbold
+  sudo: True
+  sudo_user: root
+  gather_facts: True
+  vars_files:
+    - vars/vault.yml
+    - vars/bnewbold_nsa.yml
+
+  vars:
+    - admin_email: "bnewbold@the-nsa.org"
+    - main_user_name: bnewbold
+    - hostname_fqdn: bnewbold.the-nsa.org
+
+  roles:
+    - debian_jessie
+    - hostname
+    - common
+    - nullmailer
+    - nginx
+
+  tasks:
+    - name: Create main user account
+      user: name={{main_user_name}} state=present groups=sudo append=yes shell=/bin/bash
+    - name: Give main user account sudo power
+      template: src=roles/common/templates/sudoers.j2 dest=/etc/sudoers.d/sudoers owner=root group=root mode=0440 validate='visudo -cf %s'
+    - name: Install main user authorized SSH keys
+      authorized_key: user="{{ main_user_name}}" key="{{ item }}"
+      with_file:
+        - pubkeys/bnewbold.pub
+    - name: Install root user authorized SSH keys
+      authorized_key: user=root key="{{ item }}"
+      with_file:
+        - pubkeys/bnewbold.pub
+    - name: Extra packages for this host
+      apt: name={{item}} state=installed
+      with_items:
+            - socat
+            - rsyslog
+
+  post_tasks:
+    - name: Sanity check that we have IPv4 connectivity
+      command: /bin/ping -c 2 mit.edu
+    - name: Sanity check that we have IPv6 connectivity
+      command: /bin/ping6 -c 2 mit.edu
+    - name: Done
+      shell: echo 'Done!'
+
-- 
cgit v1.2.3