From 885b1c4155ca8090afc988b2ecb4e9ded8b481dc Mon Sep 17 00:00:00 2001
From: Michael Grote <michael.grote@posteo.de>
Date: Sat, 28 Dec 2024 20:10:34 +0100
Subject: [PATCH] ff

---
 playbooks/0_laptop_bootstrap.yml | 49 ++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 playbooks/0_laptop_bootstrap.yml

diff --git a/playbooks/0_laptop_bootstrap.yml b/playbooks/0_laptop_bootstrap.yml
new file mode 100644
index 00000000..bfd5a0a3
--- /dev/null
+++ b/playbooks/0_laptop_bootstrap.yml
@@ -0,0 +1,49 @@
+---
+- hosts: all
+  gather_facts: false
+  roles:
+    - role: robertdebock.bootstrap
+      tags: "bootstrap"
+      become: true
+    - role: mgrote_users
+      tags: "user"
+      become: true
+
+  post_tasks:
+    - name: Change user password
+      become: true
+      ansible.builtin.user:
+        name: mg
+        update_password: always
+        password: "{{ lookup('viczem.keepass.keepass', 'mg_linux_password_hash', 'password') }}"
+
+  vars:
+    ### reobertdebock.bootstrap
+    bootstrap_user: mg
+    bootstrap_wait_for_host: false
+    bootstrap_timeout: 1
+    ### ansible
+    ansible_user: "mg"
+    ansible_password: hallowelt
+    ansible_become_password: hallowelt
+    ansible_ssh_common_args: "'-o StrictHostKeyChecking=no'"
+    ### mgrote_user
+    users:
+      - username: ansible-user
+        password: "{{ lookup('viczem.keepass.keepass', 'ansible_user_linux_password_hash', 'password') }}"
+        update_password: always
+        groups:
+          - ssh
+          - sudo
+        state: present
+        public_ssh_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJcBwOjanQV6sFWaTetqpl20SVe3aRzGjKbsp7hKkDCE mg@irantu
+        allow_sudo: true
+        allow_passwordless_sudo: true
+
+
+# Nach dem ersten durchlaufen ist keine Anmeldung mehr per Passwort & ssh möglich. Damit scheitert auch der Versuch das Playbook ein zweites mal durchlaufen zu lassen.
+
+# Vorher benötigt werden:
+# sudo adduser mg
+# sudo adduser mg sudo
+# sudo apt install openssh-sever