Feat(choux): add first_deployement tag

2018-11-07 10:57:55 +01:00 · 2018-11-07 10:57:55 +01:00 · 40f7f91e72
parent 95205bcd78
commit 40f7f91e72
7 changed files with 45 additions and 13 deletions
--- a/Choux.yml
+++ b/Choux.yml
@ -14,7 +14,7 @@
    - include: tasks/sudo.yml
    - include: tasks/ssh.yml
    - include: tasks/arch_python.yml
-      #    - include: tasks/arch_aur.yml
+    - include: tasks/arch_aur.yml
    - include: tasks/arch_gnome.yml
    - include: tasks/arch_graphicals.yml
    - include: tasks/dotfiles.yml
--- a/tasks/arch_CLI_packages.yml
+++ b/tasks/arch_CLI_packages.yml
@ -3,6 +3,8 @@
  pacman:
    update_cache: yes
    upgrade: yes
  tags:
    - first_deployement
 - name: Install base CLI packages
  pacman:
@ -30,6 +32,8 @@
      - autofs
      - bind-tools
    state: present
  tags:
    - first_deployement
 - name: Install extra CLI packages
  pacman:
--- a/tasks/arch_aur.yml
+++ b/tasks/arch_aur.yml
@ -2,6 +2,8 @@
 - user:
    name: aur_builder
    group: wheel
  tags:
    - first_deployement
 - lineinfile:
    path: /etc/sudoers.d/11-install-aur_builder
@ -9,6 +11,8 @@
    line: 'aur_builder ALL=(ALL) NOPASSWD: /usr/bin/pacman'
    create: yes
    validate: 'visudo -cf %s'
  tags:
    - first_deployement
 - name: Git clone ansible-aur
  git:
@ -18,6 +22,8 @@
    accept_hostkey: yes
  become: yes
  become_user: aur_builder
  tags:
    - first_deployement
 - name: Install Yay
  aur:
--- a/tasks/ssh.yml
+++ b/tasks/ssh.yml
@ -10,6 +10,8 @@
    regexp: "^#?PermitEmptyPasswords"
    line: "PermitEmptyPasswords no"
    backrefs: yes
  tags:
    - first_deployement
 - name: Disable remote root login
  lineinfile: 
@ -17,6 +19,8 @@
    regexp: "^#?PermitRootLogin" 
    line: "PermitRootLogin no"
    backrefs: yes
  tags:
    - first_deployement
 - name: Add public key for deploy user
  authorized_key: 
@ -25,6 +29,8 @@
    state: present
  with_items: "{{ deploy_users }}"
  register: add_identity_key
  tags:
    - first_deployement
 - name: Disable password login
  lineinfile: 
@ -34,10 +40,14 @@
    backrefs: yes
  when: add_identity_key is succeeded and not add_identity_key is skipped
  notify: restart sshd
  tags:
    - first_deployement
 - name: Enable SSH daemon
  service: 
    name: sshd
    state: started
    enabled: yes
  tags:
    - first_deployement
--- a/tasks/sudo.yml
+++ b/tasks/sudo.yml
@ -4,11 +4,15 @@
    src: files/sudoers
    dest: /etc/sudoers
    mode: 0440
  tags:
    - first_deployement
 - name: Create sudo group
  group:
    name: sudo
    state: present
  tags:
    - first_deployement
 - name: Add deploy user to sudo group
  user:
@ -16,3 +20,5 @@
    groups: sudo
    append: yes
  with_items: '{{ deploy_users }}'
  tags:
    - first_deployement
--- a/tasks/users.yml
+++ b/tasks/users.yml
@ -6,6 +6,8 @@
    uid: "{{ item.uid }}"
    shell: /bin/zsh
  with_items: "{{ deploy_users }}"
  tags:
    - first_deployement
 - name: Add me
  user:
@ -15,4 +17,6 @@
    shell: /bin/zsh
  with_items: "{{ me }}"
  when: not minimal or not server
  tags:
    - first_deployement
--- a/tasks/zsh.yml
+++ b/tasks/zsh.yml
@ -1,19 +1,21 @@
 ---
- name: download default grml configuration
+# - name: download default grml configuration
-  get_url:
+#   get_url:
-    url: http://git.grml.org/f/grml-etc-core/etc/zsh/zshrc
+#     url: http://git.grml.org/f/grml-etc-core/etc/zsh/zshrc
-    dest: /etc/zsh/newuser.zshrc.recommended
+#     dest: /etc/zsh/newuser.zshrc.recommended
-    backup: yes
+#     backup: yes
-
+# 
- name: download default grml configuration
+# - name: download default grml configuration
-  get_url:
+#   get_url:
-    url: http://git.grml.org/f/grml-etc-core/etc/zsh/zshrc
+#     url: http://git.grml.org/f/grml-etc-core/etc/zsh/zshrc
-    dest: /etc/zsh/zshrc
+#     dest: /etc/zsh/zshrc
-    force: yes
+#     force: yes
-    backup: yes
+#     backup: yes
 - name: Set shell for root to zsh
  user:
    name: root
    shell: /bin/zsh
  tags:
    - first_deployement