Paul Brinkmeier
74237d4ea2
All checks were successful
continuous-integration/drone/push Build is passing
75 lines
1.9 KiB
YAML
75 lines
1.9 KiB
YAML
---
|
|
- name: Basic setup for shamash (packages, Docker, Nix, sshd)
|
|
hosts: misc
|
|
tasks:
|
|
- name: Create /etc/pbri
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: /etc/pbri
|
|
state: directory
|
|
mode: u=rwx,g=rx,o=rx
|
|
- name: Create /home/paul/{Sites,Source}
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: "/home/paul/{{ item }}"
|
|
state: directory
|
|
owner: paul
|
|
group: paul
|
|
mode: u=rwx,g=rx,o=rx
|
|
loop:
|
|
- Sites
|
|
- Source
|
|
- name: Install basic packages
|
|
become: true
|
|
ansible.builtin.apt:
|
|
name:
|
|
- vim
|
|
- git
|
|
- htop
|
|
- tmux
|
|
update_cache: true
|
|
tags:
|
|
- apt
|
|
- name: Install and set up Docker and docker-compose
|
|
ansible.builtin.include_role:
|
|
name: docker
|
|
- name: Install and set up Nix
|
|
ansible.builtin.include_role:
|
|
name: install_nix
|
|
- name: Install pip prerequisites
|
|
become: true
|
|
ansible.builtin.apt:
|
|
name:
|
|
- python3-pip
|
|
- python3-setuptools
|
|
- python3-virtualenv
|
|
- name: Install global python docker package
|
|
become: true
|
|
ansible.builtin.pip:
|
|
name:
|
|
- docker
|
|
- docker-compose
|
|
- requests
|
|
- name: Configure sshd
|
|
become: true
|
|
ansible.builtin.copy:
|
|
dest: /etc/ssh/sshd_config.d/00_pbri.conf
|
|
mode: u=rw,g=r,o=r
|
|
# Included by /etc/ssh/sshd_config before other configuration
|
|
content: |
|
|
Port 2309
|
|
PermitRootLogin no
|
|
PubkeyAuthentication yes
|
|
AuthorizedKeysFile .ssh/authorized_keys
|
|
PasswordAuthentication no
|
|
validate: /usr/sbin/sshd -T -f %s
|
|
notify:
|
|
- Restart sshd
|
|
|
|
handlers:
|
|
- name: Restart sshd
|
|
become: true
|
|
ansible.builtin.service:
|
|
name: sshd
|
|
state: restarted
|