--- - hosts: all gather_facts: false roles: - role: robertdebock.bootstrap tags: "bootstrap" become: true - role: mgrote_apt_manage_sources tags: "apt_sources" when: "not 'laptop' in group_names" - role: mgrote_qemu_guest_agent when: ansible_virtualization_role == 'guest' tags: "qemu" - role: mgrote_apt_update_packages tags: "updates" - role: mgrote_users tags: "user" become: true - role: mgrote_netplan tags: "netplan" when: "not 'laptop' in group_names" post_tasks: - name: Change user password become: true ansible.builtin.user: name: mg update_password: always password: "{{ lookup('viczem.keepass.keepass', 'mg_linux_password_hash', 'password') }}" vars: ### robertdebock.bootstrap bootstrap_user: mg bootstrap_wait_for_host: false bootstrap_timeout: 1 ### ansible ansible_user: "mg" ansible_password: hallowelt ansible_become_password: hallowelt ansible_ssh_common_args: "'-o StrictHostKeyChecking=no'" ### mgrote_user users: - username: ansible-user password: "{{ lookup('viczem.keepass.keepass', 'ansible_user_linux_password_hash', 'password') }}" update_password: always groups: - ssh - sudo state: present public_ssh_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJcBwOjanQV6sFWaTetqpl20SVe3aRzGjKbsp7hKkDCE mg@irantu allow_sudo: true allow_passwordless_sudo: true # Nach dem ersten durchlaufen ist keine Anmeldung mehr per Passwort & ssh möglich. Damit scheitert auch der Versuch das Playbook ein zweites mal durchlaufen zu lassen. # Vorher benötigt werden: # sudo adduser mg # sudo adduser mg sudo # sudo apt install openssh-sever