Merge branch 'main' into use_sudo
This commit is contained in:
commit
63414b60dd
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -4,3 +4,4 @@ playbook.retry
|
||||||
*.log
|
*.log
|
||||||
.idea/
|
.idea/
|
||||||
venv/
|
venv/
|
||||||
|
/ansible.cfg
|
||||||
|
|
10
Makefile
10
Makefile
|
@ -1,4 +1,10 @@
|
||||||
init: create_venv install_pre_commit install_ansible_galaxy_modules
|
init: create_ansible_cfg create_venv install_pre_commit install_ansible_galaxy_modules
|
||||||
|
|
||||||
|
.ONESHELL:
|
||||||
|
create_ansible_cfg:
|
||||||
|
read -rp "Enter remote username: " REMOTE_USER
|
||||||
|
cp ansible.cfg.sample ansible.cfg
|
||||||
|
sed -i "s/REMOTE_USER/$$REMOTE_USER/g" ansible.cfg
|
||||||
|
|
||||||
create_venv:
|
create_venv:
|
||||||
python3 -m venv venv
|
python3 -m venv venv
|
||||||
|
@ -9,4 +15,4 @@ install_pre_commit:
|
||||||
venv/bin/pre-commit install
|
venv/bin/pre-commit install
|
||||||
|
|
||||||
install_ansible_galaxy_modules:
|
install_ansible_galaxy_modules:
|
||||||
venv/bin/ansible-galaxy collection install community.general
|
venv/bin/ansible-galaxy collection install community.general
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
[defaults]
|
|
||||||
remote_user = root
|
|
||||||
inventory = datacoop_hosts
|
|
4
ansible.cfg.sample
Normal file
4
ansible.cfg.sample
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
[defaults]
|
||||||
|
remote_user = REMOTE_USER
|
||||||
|
inventory = datacoop_hosts
|
||||||
|
use_persistent_connections = True
|
|
@ -8,7 +8,7 @@ usage () {
|
||||||
} >&2
|
} >&2
|
||||||
}
|
}
|
||||||
|
|
||||||
BASE_CMD="ansible-playbook playbook.yml --ask-vault-pass"
|
BASE_CMD="ansible-playbook playbook.yml --ask-become-pass --ask-vault-pass"
|
||||||
|
|
||||||
if [ "$1" = "--vagrant" ]; then
|
if [ "$1" = "--vagrant" ]; then
|
||||||
BASE_CMD="$BASE_CMD --verbose --inventory=vagrant_host"
|
BASE_CMD="$BASE_CMD --verbose --inventory=vagrant_host"
|
||||||
|
|
|
@ -29,8 +29,6 @@
|
||||||
GITEA__mailer__FROM: "noreply@{{ services.gitea.domain }}"
|
GITEA__mailer__FROM: "noreply@{{ services.gitea.domain }}"
|
||||||
GITEA__mailer__MAILER_TYPE: "smtp"
|
GITEA__mailer__MAILER_TYPE: "smtp"
|
||||||
GITEA__mailer__HOST: "{{ smtp_host }}:{{ smtp_port }}"
|
GITEA__mailer__HOST: "{{ smtp_host }}:{{ smtp_port }}"
|
||||||
GITEA__mailer__USER: "noop"
|
|
||||||
GITEA__mailer__PASSWD: "noop"
|
|
||||||
GITEA__security__LOGIN_REMEMBER_DAYS: "60"
|
GITEA__security__LOGIN_REMEMBER_DAYS: "60"
|
||||||
GITEA__security__PASSWORD_COMPLEXITY: "off"
|
GITEA__security__PASSWORD_COMPLEXITY: "off"
|
||||||
GITEA__security__MIN_PASSWORD_LENGTH: "8"
|
GITEA__security__MIN_PASSWORD_LENGTH: "8"
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
path: "{{ services.restic.volume_folder }}/ssh"
|
path: "{{ services.restic.volume_folder }}/ssh"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: '0700'
|
mode: '0755'
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Copy private SSH key
|
- name: Copy private SSH key
|
||||||
|
|
|
@ -15,9 +15,3 @@
|
||||||
key: "{{ item.ssh_keys | join('\n') }}"
|
key: "{{ item.ssh_keys | join('\n') }}"
|
||||||
exclusive: true
|
exclusive: true
|
||||||
loop: "{{ users | default([]) }}"
|
loop: "{{ users | default([]) }}"
|
||||||
|
|
||||||
- name: "Add ssh authorized_keys to root user"
|
|
||||||
ansible.posix.authorized_key:
|
|
||||||
user: "root"
|
|
||||||
key: "{{ users | default([]) | map(attribute='ssh_keys') | flatten | join('\n') }}"
|
|
||||||
exclusive: true
|
|
||||||
|
|
Loading…
Reference in a new issue