jlay/deploy-base
1
1
Fork 0
Code Issues Pull requests Activity

remove globals.yaml, move vars to role defaults

Browse source
This commit is contained in:
Josh Lay 2020-04-18 23:26:48 -05:00
parent fad0a40eff
commit f07a44a73c
7 changed files with 17 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
globals.yaml
View file

@ -1,6 +0,0 @@
---
username: jlay # user for 'create-user' role
zfs_disk: /dev/vdb
zfs_arc_size_mb: "{{ (ansible_memtotal_mb * 0.20)|int|abs }}"
zfs_arc_size_bytes: "{{ zfs_arc_size_mb }}000000"
pwgen: "{{ lookup('password', '/dev/null chars=ascii_letters,digits,hexdigits,punctuation length=32') }}"

5
play.yml
View file

@ -1,14 +1,11 @@
--- ---
- hosts: all - hosts: all
vars_files:
- ./globals.yaml
roles: roles:
- {role: bootstrap} - {role: bootstrap}
- {role: tmp-mount-fix} - {role: tmp-mount-fix}
- {role: install-packages}
- {role: update-packages} - {role: update-packages}
- {role: fedora-upgrade} - {role: fedora-upgrade}
- {role: install-packages}
- {role: create-user} - {role: create-user}
- {role: hardening} - {role: hardening}
# - {role: docker} # TODO: replace me with a generic container role, podman on EL based distros - Docker on Debian/Ubuntu # - {role: docker} # TODO: replace me with a generic container role, podman on EL based distros - Docker on Debian/Ubuntu

3
roles/create-user/defaults/main.yml Normal file
View file

@ -0,0 +1,3 @@
---
create_username: "{{ lookup('env','USER') }}"
create_pwgen: "{{ lookup('password', '/dev/null chars=ascii_letters,digits,hexdigits,punctuation length=32') }}"

6
roles/create-user/tasks/deb.yml
View file

@ -1,9 +1,9 @@
--- ---
- name: creating user {{ username }} in sudo group (Debian/Ubuntu) - name: creating user {{ create_username }} in sudo group (Debian/Ubuntu)
user: user:
name: "{{ username }}" name: "{{ create_username }}"
password: "{{ pwgen | password_hash('sha512') }}" password: "{{ create_pwgen | password_hash('sha512') }}"
state: present state: present
shell: /bin/bash shell: /bin/bash
groups: sudo groups: sudo

6
roles/create-user/tasks/el.yml
View file

@ -1,9 +1,9 @@
--- ---
- name: creating user {{ username }} in wheel group (RHEL/CentOS/Fedora) - name: creating user {{ create_username }} in wheel group (RHEL/CentOS/Fedora)
user: user:
name: "{{ username }}" name: "{{ create_username }}"
password: "{{ pwgen | password_hash('sha512') }}" password: "{{ create_pwgen | password_hash('sha512') }}"
state: present state: present
shell: /bin/bash shell: /bin/bash
groups: wheel groups: wheel

8
roles/create-user/tasks/main.yml
View file

@ -6,13 +6,13 @@
- include_tasks: el.yml - include_tasks: el.yml
when: ansible_distribution in ["CentOS", "Red Hat Enterprise Linux", "RedHat", "Fedora"] when: ansible_distribution in ["CentOS", "Red Hat Enterprise Linux", "RedHat", "Fedora"]
- name: print generated password for {{ username }} on each host - name: print generated password for {{ create_username }} on each host
debug: var=pwgen debug: var=create_pwgen
when: user_created is changed when: user_created is changed
- name: copy current pubkeys to ~{{ username }}/.ssh/authorized_keys - name: copy current pubkeys to ~{{ create_username }}/.ssh/authorized_keys
authorized_key: authorized_key:
user: "{{ username }}" user: "{{ create_username }}"
state: present state: present
key: "{{ item }}" key: "{{ item }}"
with_items: with_items:

4
roles/zfs/defaults/main.yml
View file

@ -1,10 +1,12 @@
--- ---
zfs_disk: /dev/vdb
zfs_arc_size_mb: "{{ (ansible_memtotal_mb * 0.20)|int|abs }}"
zfs_arc_size_bytes: "{{ zfs_arc_size_mb }}000000"
EL_ZFS_PKGS: EL_ZFS_PKGS:
- kernel-devel - kernel-devel
- "@Development tools" - "@Development tools"
- dkms - dkms
- zfs - zfs
UBUNTU_ZFS_PKGS: UBUNTU_ZFS_PKGS:
- zfsutils-linux - zfsutils-linux
- zfs-initramfs - zfs-initramfs