mg/homeserver
1
0
Fork 0
Code Issues 1 Pull requests 1 Activity Actions
homeserver/playbooks/1_bootstrap.yml
Michael Grote 28f22968da
Some checks failed
ci/woodpecker/push/gitleaks Pipeline was successful
Details
ci/woodpecker/push/ansible-lint Pipeline was successful
Details
ci/woodpecker/push/ansible-playbook Pipeline failed
Details
ci: deploy config on merge or push (#127) 
Reviewed-on: #127
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>

ci: testing deployment (#128)

Reviewed-on: #128
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>

ci: test

ci: enable deployment

ci: set ssh-key for deployment

ci: debug

ci: deactivate ansible-lint temporarily

ci: deactivate ansible-galaxy temporarily

ci: debug ssh-key shell redirect

ci: base64

ci: debug

ci: debug

ci: fix output

Revert "ci: deactivate ansible-lint temporarily"

This reverts commit 6729342f26.

ci: fix vault-pass secret

pbs_integration: enable no_log

ci: debug ansible-vault

ci: debug

ci: ansible-vault + move to viczem.keepass (#130)

Reviewed-on: #130
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>

ff

plugin umbennennugn

ff
2024-07-09 22:27:57 +02:00

49 lines
1.5 KiB
YAML
Raw Blame History

---
- hosts: all
gather_facts: false
roles:
- role: ansible-role-bootstrap
tags: "bootstrap"
become: true
- role: mgrote_apt_manage_sources
tags: "apt_sources"
- role: mgrote_qemu_guest_agent
- role: mgrote_apt_update_packages
tags: "updates"
- role: mgrote_users
tags: "user"
become: true
- role: mgrote_netplan
tags: "netplan"
post_tasks:
- name: Change user password
become: true
ansible.builtin.user:
name: mg
update_password: always
password: "{{ lookup('viczem.keepass.keepass', 'mg_linux_password_hash', 'password') }}"
vars:
### reobertdebock.bootstrap
bootstrap_user: mg
bootstrap_wait_for_host: false
bootstrap_timeout: 1
### ansible
ansible_user: "mg"
ansible_password: hallowelt
ansible_become_password: hallowelt
ansible_ssh_common_args: "'-o StrictHostKeyChecking=no'"
### mgrote_user
users:
- username: ansible-user
password: "{{ lookup('viczem.keepass.keepass', 'ansible_user_linux_password_hash', 'password') }}"
update_password: always
groups: ssh, sudo
state: present
public_ssh_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJcBwOjanQV6sFWaTetqpl20SVe3aRzGjKbsp7hKkDCE mg@irantu
allow_sudo: true
allow_passwordless_sudo: true
# Nach dem ersten durchlaufen ist keine Anmeldung mehr per Passwort & ssh möglich. Damit scheitert auch der Versuch das Playbook ein zweites mal durchlaufen zu lassen.
Reference in a new issue View git blame Copy permalink