Feat: rename roles by adding [role_name]
This commit is contained in:
parent
5761abff80
commit
571472acea
@ -1,10 +1,10 @@
|
|||||||
---
|
---
|
||||||
- name: Create ansible conf directory
|
- name: [ansible] Create ansible conf directory
|
||||||
file:
|
file:
|
||||||
path: /etc/ansible
|
path: /etc/ansible
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Copy ansible.cfg
|
- name: [ansible] Copy ansible.cfg
|
||||||
copy:
|
copy:
|
||||||
src: files/ansible.cfg
|
src: files/ansible.cfg
|
||||||
dest: /etc/ansible/ansible.cfg
|
dest: /etc/ansible/ansible.cfg
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
---
|
---
|
||||||
- name: Update and upgrade all packages
|
- name: [deb_CLI_packages] Update and upgrade all packages
|
||||||
apt:
|
apt:
|
||||||
update_cache: yes
|
update_cache: yes
|
||||||
upgrade: full
|
upgrade: full
|
||||||
|
|
||||||
- name: Install base CLI packages
|
- name: [deb_CLI_packages] Install base CLI packages
|
||||||
apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- sudo
|
- sudo
|
||||||
@ -26,7 +26,7 @@
|
|||||||
- rxvt-unicode-256color
|
- rxvt-unicode-256color
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Install extra CLI packages
|
- name: [deb_CLI_packages] Install extra CLI packages
|
||||||
apt:
|
apt:
|
||||||
name: "{{ item }}"
|
name: "{{ item }}"
|
||||||
state: present
|
state: present
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
---
|
---
|
||||||
- name: Remove depot docker version
|
- name: [deb_docker] Remove depot docker version
|
||||||
apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- docker
|
- docker
|
||||||
@ -7,7 +7,7 @@
|
|||||||
- docker.io
|
- docker.io
|
||||||
state: absent
|
state: absent
|
||||||
|
|
||||||
- name: Install tool to use apt with https and gpg
|
- name: [deb_docker] Install tool to use apt with https and gpg
|
||||||
apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- apt-transport-https
|
- apt-transport-https
|
||||||
@ -15,48 +15,48 @@
|
|||||||
- gpg
|
- gpg
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Add Docker apt key.
|
- name: [deb_docker] Add Docker apt key.
|
||||||
apt_key:
|
apt_key:
|
||||||
url: https://download.docker.com/linux/debian/gpg
|
url: https://download.docker.com/linux/debian/gpg
|
||||||
id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
|
id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
|
||||||
state: present
|
state: present
|
||||||
register: add_repository_key
|
register: add_repository_key
|
||||||
|
|
||||||
- name: Ensure curl is present (on older systems without SNI).
|
- name: [deb_docker] Ensure curl is present (on older systems without SNI).
|
||||||
apt:
|
apt:
|
||||||
name: curl
|
name: curl
|
||||||
state: present
|
state: present
|
||||||
when: add_repository_key is failed
|
when: add_repository_key is failed
|
||||||
|
|
||||||
- name: Add Docker apt key (alternative for older systems without SNI).
|
- name: [deb_docker] Add Docker apt key (alternative for older systems without SNI).
|
||||||
shell: "curl -sSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -"
|
shell: "curl -sSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -"
|
||||||
args:
|
args:
|
||||||
warn: no
|
warn: no
|
||||||
when: add_repository_key is failed
|
when: add_repository_key is failed
|
||||||
|
|
||||||
- name: Add Docker repository.
|
- name: [deb_docker] Add Docker repository.
|
||||||
apt_repository:
|
apt_repository:
|
||||||
repo: deb [arch=amd64] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable
|
repo: deb [arch=amd64] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable
|
||||||
state: present
|
state: present
|
||||||
update_cache: yes
|
update_cache: yes
|
||||||
|
|
||||||
- name: Install docker-ce
|
- name: [deb_docker] Install docker-ce
|
||||||
apt:
|
apt:
|
||||||
name: docker-ce
|
name: docker-ce
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Install docker-compose
|
- name: [deb_docker] Install docker-compose
|
||||||
get_url:
|
get_url:
|
||||||
url: https://github.com/docker/compose/releases/download/1.22.0/docker-compose-Linux-x86_64
|
url: https://github.com/docker/compose/releases/download/1.22.0/docker-compose-Linux-x86_64
|
||||||
dest: /usr/local/bin/docker-compose
|
dest: /usr/local/bin/docker-compose
|
||||||
mode: 751
|
mode: 751
|
||||||
|
|
||||||
- name: Create docker group
|
- name: [deb_docker] Create docker group
|
||||||
group:
|
group:
|
||||||
name: docker
|
name: docker
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Add deploy user to docker group
|
- name: [deb_docker] Add deploy user to docker group
|
||||||
user:
|
user:
|
||||||
name: "{{ item.username }}"
|
name: "{{ item.username }}"
|
||||||
groups: docker
|
groups: docker
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
---
|
---
|
||||||
- name: Copy tmux.conf
|
- name: [dotfiles] Copy tmux.conf
|
||||||
template:
|
template:
|
||||||
src: files/dotfiles/tmux.conf
|
src: files/dotfiles/tmux.conf
|
||||||
dest: /home/{{ item.username }}/.tmux.conf
|
dest: /home/{{ item.username }}/.tmux.conf
|
||||||
@ -8,24 +8,24 @@
|
|||||||
with_items: "{{ me }}"
|
with_items: "{{ me }}"
|
||||||
|
|
||||||
# Zsh config
|
# Zsh config
|
||||||
- name: Download antibody
|
- name: [dotfiles] Download antibody
|
||||||
get_url:
|
get_url:
|
||||||
url: https://raw.githubusercontent.com/getantibody/installer/master/install
|
url: https://raw.githubusercontent.com/getantibody/installer/master/install
|
||||||
dest: /tmp/antibody.sh
|
dest: /tmp/antibody.sh
|
||||||
mode: 0770
|
mode: 0770
|
||||||
when: prompt == "zsh"
|
when: prompt == "zsh"
|
||||||
|
|
||||||
- name: Execute the antibody.sh
|
- name: [dotfiles] Execute the antibody.sh
|
||||||
shell: /tmp/antibody.sh
|
shell: /tmp/antibody.sh
|
||||||
become: yes
|
become: yes
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
when: prompt == "zsh"
|
when: prompt == "zsh"
|
||||||
|
|
||||||
- name: Remove the antibody.sh
|
- name: [dotfiles] Remove the antibody.sh
|
||||||
file: path=/tmp/antibody.sh state=absent
|
file: path=/tmp/antibody.sh state=absent
|
||||||
when: prompt == "zsh"
|
when: prompt == "zsh"
|
||||||
|
|
||||||
- name: Copy local zshrc
|
- name: [dotfiles] Copy local zshrc
|
||||||
template:
|
template:
|
||||||
src: files/dotfiles/zshrc
|
src: files/dotfiles/zshrc
|
||||||
dest: /home/{{ item.username }}/.zshrc
|
dest: /home/{{ item.username }}/.zshrc
|
||||||
@ -34,7 +34,7 @@
|
|||||||
with_items: "{{ me }}"
|
with_items: "{{ me }}"
|
||||||
when: prompt == 'zsh'
|
when: prompt == 'zsh'
|
||||||
|
|
||||||
- name: Copy local zshrc.local
|
- name: [dotfiles] Copy local zshrc.local
|
||||||
template:
|
template:
|
||||||
src: files/dotfiles/zshrc.local
|
src: files/dotfiles/zshrc.local
|
||||||
dest: /home/{{ item.username }}/.zshrc.local
|
dest: /home/{{ item.username }}/.zshrc.local
|
||||||
@ -43,7 +43,7 @@
|
|||||||
with_items: "{{ me }}"
|
with_items: "{{ me }}"
|
||||||
when: prompt == 'zsh'
|
when: prompt == 'zsh'
|
||||||
|
|
||||||
- name: Copy local zsh_plugins.txt
|
- name: [dotfiles] Copy local zsh_plugins.txt
|
||||||
template:
|
template:
|
||||||
src: files/dotfiles/zsh_plugins.txt
|
src: files/dotfiles/zsh_plugins.txt
|
||||||
dest: /home/{{ item.username }}/.zsh_plugins.txt
|
dest: /home/{{ item.username }}/.zsh_plugins.txt
|
||||||
@ -53,14 +53,14 @@
|
|||||||
when: prompt == 'zsh'
|
when: prompt == 'zsh'
|
||||||
|
|
||||||
# Fish config
|
# Fish config
|
||||||
- name: Create fish config directory
|
- name: [dotfiles] Create fish config directory
|
||||||
file:
|
file:
|
||||||
dest: /home/{{ item.username }}/.config/fish/
|
dest: /home/{{ item.username }}/.config/fish/
|
||||||
state: directory
|
state: directory
|
||||||
with_items: "{{ me }}"
|
with_items: "{{ me }}"
|
||||||
when: prompt == 'fish'
|
when: prompt == 'fish'
|
||||||
|
|
||||||
- name: Copy config.fish
|
- name: [dotfiles] Copy config.fish
|
||||||
template:
|
template:
|
||||||
src: files/dotfiles/config.fish
|
src: files/dotfiles/config.fish
|
||||||
dest: /home/{{ item.username }}/.config/fish/
|
dest: /home/{{ item.username }}/.config/fish/
|
||||||
@ -70,7 +70,7 @@
|
|||||||
when: prompt == 'fish'
|
when: prompt == 'fish'
|
||||||
register: fishconfig
|
register: fishconfig
|
||||||
|
|
||||||
- name: Copy fisher plugin list
|
- name: [dotfiles] Copy fisher plugin list
|
||||||
template:
|
template:
|
||||||
src: files/dotfiles/fishfile
|
src: files/dotfiles/fishfile
|
||||||
dest: /home/{{ item.username }}/.config/fish/
|
dest: /home/{{ item.username }}/.config/fish/
|
||||||
@ -81,7 +81,7 @@
|
|||||||
register: fishplugin
|
register: fishplugin
|
||||||
|
|
||||||
# Vim config
|
# Vim config
|
||||||
- name: Copy .vim/
|
- name: [dotfiles] Copy .vim/
|
||||||
copy:
|
copy:
|
||||||
src: files/dotfiles/vim/
|
src: files/dotfiles/vim/
|
||||||
dest: /home/{{ item.username }}/.vim/
|
dest: /home/{{ item.username }}/.vim/
|
||||||
@ -89,13 +89,13 @@
|
|||||||
group: "{{ item.group }}"
|
group: "{{ item.group }}"
|
||||||
with_items: "{{ me }}"
|
with_items: "{{ me }}"
|
||||||
|
|
||||||
- name: Creates .vim/autoload/
|
- name: [dotfiles] Creates .vim/autoload/
|
||||||
file:
|
file:
|
||||||
path: /home/{{ item.username }}/.vim/autoload/
|
path: /home/{{ item.username }}/.vim/autoload/
|
||||||
state: directory
|
state: directory
|
||||||
with_items: "{{ me }}"
|
with_items: "{{ me }}"
|
||||||
|
|
||||||
- name: Download plug.vim
|
- name: [dotfiles] Download plug.vim
|
||||||
get_url:
|
get_url:
|
||||||
url: https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim
|
url: https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim
|
||||||
dest: /home/{{ item.username }}/.vim/autoload/plug.vim
|
dest: /home/{{ item.username }}/.vim/autoload/plug.vim
|
||||||
@ -103,7 +103,7 @@
|
|||||||
group: "{{ item.group }}"
|
group: "{{ item.group }}"
|
||||||
with_items: "{{ me }}"
|
with_items: "{{ me }}"
|
||||||
|
|
||||||
- name: Copy vimrc
|
- name: [dotfiles] Copy vimrc
|
||||||
template:
|
template:
|
||||||
src: files/dotfiles/vimrc
|
src: files/dotfiles/vimrc
|
||||||
dest: /home/{{ item.username }}/.vimrc
|
dest: /home/{{ item.username }}/.vimrc
|
||||||
@ -112,7 +112,7 @@
|
|||||||
with_items: "{{ me }}"
|
with_items: "{{ me }}"
|
||||||
|
|
||||||
# Ssh config
|
# Ssh config
|
||||||
- name: Creates .ssh
|
- name: [dotfiles] Creates .ssh
|
||||||
file:
|
file:
|
||||||
path: /home/{{ item.username }}/.ssh/
|
path: /home/{{ item.username }}/.ssh/
|
||||||
state: directory
|
state: directory
|
||||||
@ -121,7 +121,7 @@
|
|||||||
with_items: "{{ me }}"
|
with_items: "{{ me }}"
|
||||||
when: not server
|
when: not server
|
||||||
|
|
||||||
- name: Copy ssh user config
|
- name: [dotfiles] Copy ssh user config
|
||||||
template:
|
template:
|
||||||
src: files/dotfiles/sshconfig
|
src: files/dotfiles/sshconfig
|
||||||
dest: /home/{{ item.username }}/.ssh/config
|
dest: /home/{{ item.username }}/.ssh/config
|
||||||
@ -130,7 +130,7 @@
|
|||||||
with_items: "{{ deploy_users }}"
|
with_items: "{{ deploy_users }}"
|
||||||
when: not server
|
when: not server
|
||||||
|
|
||||||
- name: Copy ssh user config
|
- name: [dotfiles] Copy ssh user config
|
||||||
template:
|
template:
|
||||||
src: files/dotfiles/sshconfig
|
src: files/dotfiles/sshconfig
|
||||||
dest: /home/{{ item.username }}/.ssh/config
|
dest: /home/{{ item.username }}/.ssh/config
|
||||||
@ -140,7 +140,7 @@
|
|||||||
when: not server
|
when: not server
|
||||||
|
|
||||||
# Git config
|
# Git config
|
||||||
- name: Copy gitconfig
|
- name: [dotfiles] Copy gitconfig
|
||||||
template:
|
template:
|
||||||
src: files/dotfiles/gitconfig
|
src: files/dotfiles/gitconfig
|
||||||
dest: /home/{{ item.username }}/.gitconfig
|
dest: /home/{{ item.username }}/.gitconfig
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
---
|
---
|
||||||
# - name: Copy sshd_config
|
# - name: [ssh] Copy sshd_config
|
||||||
# template:
|
# template:
|
||||||
# src: files/sshd_config
|
# src: files/sshd_config
|
||||||
# dest: /etc/ssh/sshd_config
|
# dest: /etc/ssh/sshd_config
|
||||||
|
|
||||||
- name: Disable empty password login
|
- name: [ssh] Disable empty password login
|
||||||
lineinfile:
|
lineinfile:
|
||||||
dest: /etc/ssh/sshd_config
|
dest: /etc/ssh/sshd_config
|
||||||
regexp: "^#?PermitEmptyPasswords"
|
regexp: "^#?PermitEmptyPasswords"
|
||||||
@ -13,7 +13,7 @@
|
|||||||
tags:
|
tags:
|
||||||
- first_deployement
|
- first_deployement
|
||||||
|
|
||||||
- name: Disable remote root login
|
- name: [ssh] Disable remote root login
|
||||||
lineinfile:
|
lineinfile:
|
||||||
dest: /etc/ssh/sshd_config
|
dest: /etc/ssh/sshd_config
|
||||||
regexp: "^#?PermitRootLogin"
|
regexp: "^#?PermitRootLogin"
|
||||||
@ -22,7 +22,7 @@
|
|||||||
tags:
|
tags:
|
||||||
- first_deployement
|
- first_deployement
|
||||||
|
|
||||||
- name: Add public key for deploy user
|
- name: [ssh] Add public key for deploy user
|
||||||
authorized_key:
|
authorized_key:
|
||||||
user: "{{ item.username }}"
|
user: "{{ item.username }}"
|
||||||
key: "{{ lookup('file', 'sshpubs/' + deploy_public_key) }}"
|
key: "{{ lookup('file', 'sshpubs/' + deploy_public_key) }}"
|
||||||
@ -32,7 +32,7 @@
|
|||||||
tags:
|
tags:
|
||||||
- first_deployement
|
- first_deployement
|
||||||
|
|
||||||
- name: Disable password login
|
- name: [ssh] Disable password login
|
||||||
lineinfile:
|
lineinfile:
|
||||||
dest: /etc/ssh/sshd_config
|
dest: /etc/ssh/sshd_config
|
||||||
regexp: "^#?PasswordAuthentication"
|
regexp: "^#?PasswordAuthentication"
|
||||||
@ -43,7 +43,7 @@
|
|||||||
tags:
|
tags:
|
||||||
- first_deployement
|
- first_deployement
|
||||||
|
|
||||||
- name: Enable SSH daemon (not Debian)
|
- name: [ssh] Enable SSH daemon (not Debian)
|
||||||
service:
|
service:
|
||||||
name: sshd
|
name: sshd
|
||||||
state: started
|
state: started
|
||||||
@ -52,7 +52,7 @@
|
|||||||
- first_deployement
|
- first_deployement
|
||||||
when: ansible_distribution != 'Debian'
|
when: ansible_distribution != 'Debian'
|
||||||
|
|
||||||
- name: Enable SSH daemon (Debian)
|
- name: [ssh] Enable SSH daemon (Debian)
|
||||||
service:
|
service:
|
||||||
name: ssh
|
name: ssh
|
||||||
state: started
|
state: started
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
---
|
---
|
||||||
- name: Configure sudoers
|
- name: [sudo] Configure sudoers
|
||||||
template:
|
template:
|
||||||
src: files/sudoers
|
src: files/sudoers
|
||||||
dest: /etc/sudoers
|
dest: /etc/sudoers
|
||||||
@ -7,9 +7,9 @@
|
|||||||
tags:
|
tags:
|
||||||
- first_deployement
|
- first_deployement
|
||||||
|
|
||||||
- name: Create sudo group
|
- name: [sudo] Create sudo group
|
||||||
group:
|
group:
|
||||||
name: sudo
|
name: [sudo] sudo
|
||||||
state: present
|
state: present
|
||||||
tags:
|
tags:
|
||||||
- first_deployement
|
- first_deployement
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
---
|
---
|
||||||
- name: Ensure wheel group exists
|
- name: [users] Ensure wheel group exists
|
||||||
group:
|
group:
|
||||||
name: wheel
|
name: wheel
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Add deploy users
|
- name: [users] Add deploy users
|
||||||
user:
|
user:
|
||||||
name: "{{ item.username }}"
|
name: "{{ item.username }}"
|
||||||
password: "{{ item.password | password_hash('sha512')}}"
|
password: "{{ item.password | password_hash('sha512')}}"
|
||||||
@ -16,7 +16,7 @@
|
|||||||
with_items: "{{ deploy_users }}"
|
with_items: "{{ deploy_users }}"
|
||||||
when: create_user
|
when: create_user
|
||||||
|
|
||||||
- name: Add me
|
- name: [users] Add me
|
||||||
user:
|
user:
|
||||||
name: "{{ item.username }}"
|
name: "{{ item.username }}"
|
||||||
password: "{{ item.password | password_hash('sha512')}}"
|
password: "{{ item.password | password_hash('sha512')}}"
|
||||||
|
Loading…
Reference in New Issue
Block a user