remove globals.yaml, move vars to role defaults
This commit is contained in:
parent
fad0a40eff
commit
f07a44a73c
7 changed files with 17 additions and 21 deletions
|
|
@ -1,6 +0,0 @@
|
|||
---
|
||||
username: jlay # user for 'create-user' role
|
||||
zfs_disk: /dev/vdb
|
||||
zfs_arc_size_mb: "{{ (ansible_memtotal_mb * 0.20)|int|abs }}"
|
||||
zfs_arc_size_bytes: "{{ zfs_arc_size_mb }}000000"
|
||||
pwgen: "{{ lookup('password', '/dev/null chars=ascii_letters,digits,hexdigits,punctuation length=32') }}"
|
||||
5
play.yml
5
play.yml
|
|
@ -1,14 +1,11 @@
|
|||
---
|
||||
- hosts: all
|
||||
vars_files:
|
||||
- ./globals.yaml
|
||||
|
||||
roles:
|
||||
- {role: bootstrap}
|
||||
- {role: tmp-mount-fix}
|
||||
- {role: install-packages}
|
||||
- {role: update-packages}
|
||||
- {role: fedora-upgrade}
|
||||
- {role: install-packages}
|
||||
- {role: create-user}
|
||||
- {role: hardening}
|
||||
# - {role: docker} # TODO: replace me with a generic container role, podman on EL based distros - Docker on Debian/Ubuntu
|
||||
|
|
|
|||
3
roles/create-user/defaults/main.yml
Normal file
3
roles/create-user/defaults/main.yml
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
create_username: "{{ lookup('env','USER') }}"
|
||||
create_pwgen: "{{ lookup('password', '/dev/null chars=ascii_letters,digits,hexdigits,punctuation length=32') }}"
|
||||
|
|
@ -1,9 +1,9 @@
|
|||
---
|
||||
|
||||
- name: creating user {{ username }} in sudo group (Debian/Ubuntu)
|
||||
- name: creating user {{ create_username }} in sudo group (Debian/Ubuntu)
|
||||
user:
|
||||
name: "{{ username }}"
|
||||
password: "{{ pwgen | password_hash('sha512') }}"
|
||||
name: "{{ create_username }}"
|
||||
password: "{{ create_pwgen | password_hash('sha512') }}"
|
||||
state: present
|
||||
shell: /bin/bash
|
||||
groups: sudo
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
---
|
||||
|
||||
- name: creating user {{ username }} in wheel group (RHEL/CentOS/Fedora)
|
||||
- name: creating user {{ create_username }} in wheel group (RHEL/CentOS/Fedora)
|
||||
user:
|
||||
name: "{{ username }}"
|
||||
password: "{{ pwgen | password_hash('sha512') }}"
|
||||
name: "{{ create_username }}"
|
||||
password: "{{ create_pwgen | password_hash('sha512') }}"
|
||||
state: present
|
||||
shell: /bin/bash
|
||||
groups: wheel
|
||||
|
|
|
|||
|
|
@ -6,13 +6,13 @@
|
|||
- include_tasks: el.yml
|
||||
when: ansible_distribution in ["CentOS", "Red Hat Enterprise Linux", "RedHat", "Fedora"]
|
||||
|
||||
- name: print generated password for {{ username }} on each host
|
||||
debug: var=pwgen
|
||||
- name: print generated password for {{ create_username }} on each host
|
||||
debug: var=create_pwgen
|
||||
when: user_created is changed
|
||||
|
||||
- name: copy current pubkeys to ~{{ username }}/.ssh/authorized_keys
|
||||
- name: copy current pubkeys to ~{{ create_username }}/.ssh/authorized_keys
|
||||
authorized_key:
|
||||
user: "{{ username }}"
|
||||
user: "{{ create_username }}"
|
||||
state: present
|
||||
key: "{{ item }}"
|
||||
with_items:
|
||||
|
|
|
|||
|
|
@ -1,10 +1,12 @@
|
|||
---
|
||||
zfs_disk: /dev/vdb
|
||||
zfs_arc_size_mb: "{{ (ansible_memtotal_mb * 0.20)|int|abs }}"
|
||||
zfs_arc_size_bytes: "{{ zfs_arc_size_mb }}000000"
|
||||
EL_ZFS_PKGS:
|
||||
- kernel-devel
|
||||
- "@Development tools"
|
||||
- dkms
|
||||
- zfs
|
||||
|
||||
UBUNTU_ZFS_PKGS:
|
||||
- zfsutils-linux
|
||||
- zfs-initramfs
|
||||
|
|
|
|||
Loading…
Reference in a new issue