commit 76e9cba31a966614e9308598d1297ac3bcdf0443 Author: Jesper Hess Nielsen Date: Tue May 8 21:09:24 2018 +0200 Initial commit diff --git a/datacoop_hosts b/datacoop_hosts new file mode 100644 index 0000000..347b6ed --- /dev/null +++ b/datacoop_hosts @@ -0,0 +1,10 @@ +###################################### +### All hosts +10.0.0.140 +10.0.0.145 + +###################################### +### Application servers +[kubernetes_servers] +10.0.0.140 +10.0.0.145 \ No newline at end of file diff --git a/deploy.sh b/deploy.sh new file mode 100644 index 0000000..e69de29 diff --git a/group_vars/all.yml b/group_vars/all.yml new file mode 100644 index 0000000..76e6bef --- /dev/null +++ b/group_vars/all.yml @@ -0,0 +1,9 @@ +--- +users: + graffen: + comment: Jesper Hess Nielsen + key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCbxFVukt5TIzoB0HX2q8b8lHJmXD1juzsWOu5XkexVDlCsvupa1cZ/OVkrIEAbDKk6RmJQj0TJ2O5+v9hbf0TDi0Pi+V8ADZIgO+OW5a4EeXsU72a4CN0nEocQhUPfQuC4IU+F7icoG2/I9jXg7U6p1LhBr8vlC3cNHnrH3yqrakrUR51/iRVIwo4FKvQg7jutaKTyOjlYa1uTdaczvAzNHWEdytCQgFnkzpR9fHvzkA79qHUD9n32rIpJicRJsHY3NnyDGfBcDv+4sLq15sM9jN83duGnSuMMtZgfSriwMUd/UwVReU2ZKxjMLe3WHB7+ZE/p39OJk/gjVfWJVh/za1/teTAwaLLmxh/HFt+AVYWkCj22fUxscl0dh2zy6Ki1Ua3ApChn6v6Gvng6khobFlxawSJZ49+0KoAl1qqFMR1o9EGWvqgDPuITAqJFN+ik0jxcxfmKrG3mbOYM1ikhJd0ER8wbS8e6NowHUBV7PUyDqxP5VM2gum58IYrDqaP2RYYi9vWWnXJJA8J1t+Wp3bF7fdktyVgkd7HQk02uVkxdMQQ802GCrQQuvJhWTCzrgkgrjPY8p0KcbCNt6jYQOUKV0T2vp6PbTJ5XWKb5u7gVXW1xiP9dYzgAr0DroiTK4xIuF80mv1Rfst0ceHAIQVcQ3GcGbh000QUYzbHT2Q== openpgp:0x265EE03C (Graffen) + password: $6$6bgPWZ76LvB$DZ3ipFsFtL2b1nSC0AQ63k8ibJidyIE9iIsWWzY0fux0ynz9L/o7b2sR2XYSaDuG.jewFV36IGStTF3NCZRC30 + groups: + - docker + - sudo \ No newline at end of file diff --git a/roles/playbook.yml b/roles/playbook.yml new file mode 100644 index 0000000..5ca84e6 --- /dev/null +++ b/roles/playbook.yml @@ -0,0 +1,14 @@ +--- +- name: "Include host secrets where applicable" + hosts: "all" + tasks: + - include_vars: "../../host_vars/{{ ansible_nodename }}-secrets.yml" + ignore_errors: yes + tags: + - "always" + +- name: "Run base config on all ubuntu hosts" + hosts: "all" + become: yes + roles: + - "ubuntu_base" \ No newline at end of file diff --git a/roles/ubuntu_base/tasks/main.yml b/roles/ubuntu_base/tasks/main.yml new file mode 100644 index 0000000..4c23175 --- /dev/null +++ b/roles/ubuntu_base/tasks/main.yml @@ -0,0 +1,3 @@ +--- +include_tasks: upgrade.yml +include_tasks: users.yml \ No newline at end of file diff --git a/roles/ubuntu_base/tasks/upgrade.yml b/roles/ubuntu_base/tasks/upgrade.yml new file mode 100644 index 0000000..c4cd33b --- /dev/null +++ b/roles/ubuntu_base/tasks/upgrade.yml @@ -0,0 +1,5 @@ +--- +- name: update and upgrade system via apt + apt: + update_cache: yes + upgrade: full diff --git a/roles/ubuntu_base/tasks/users.yml b/roles/ubuntu_base/tasks/users.yml new file mode 100644 index 0000000..c356f33 --- /dev/null +++ b/roles/ubuntu_base/tasks/users.yml @@ -0,0 +1,18 @@ +--- +- name: "Add users (set password to 'changeme')" + user: + name: "{{ item.key }}" + comment: "{{ item.value.comment }}" + password: "$1$gbSjoDr0$NgvOjcEBSzdK.WqjWGEfw0" + update_password: "on_create" + groups: + - {{ item.groups }} + with_dict: "{{ users | default({}) }}" + tags: usermanagement + +- name: "Add ssh authorized_keys" + authorized_key: + user: "{{ item.key }}" + key: "{{ item.value.key }}" + with_dict: "{{ users | default({}) }}" + tags: usermanagement