From d6db6f83a1c299da4ee7e18092c3b76c0c2cfe2d Mon Sep 17 00:00:00 2001
From: Paweł Dybiec <pawel.to.malpa@gmail.com>
Date: Tue, 27 Nov 2018 15:02:27 +0100
Subject: Base system

---
 base_apps.yml                   | 33 +++++++++++++++++++++++++++++++++
 bootstrap.yml                   | 33 +++++++++++++++++++++++++++++++++
 roles/base_users/tasks/main.yml | 20 ++++++++++++++++++++
 3 files changed, 86 insertions(+)
 create mode 100644 base_apps.yml
 create mode 100644 bootstrap.yml
 create mode 100644 roles/base_users/tasks/main.yml

diff --git a/base_apps.yml b/base_apps.yml
new file mode 100644
index 0000000..b07f991
--- /dev/null
+++ b/base_apps.yml
@@ -0,0 +1,33 @@
+---
+  - name: Base
+    hosts: tamriel
+    remote_user: ansible_worker
+    become: yes
+    tasks:
+    - apt_key:
+        url: https://download.docker.com/linux/debian/gpg
+    - apt: name=apt-transport-https
+    - apt_repository:
+        repo: deb [arch=amd64] https://download.docker.com/linux/debian stretch stable 
+        update_cache: true
+    - name: Base packages
+      apt:
+        name: "{{ item }}"
+      with_items:
+      - tmux
+      - htop
+      - nginx
+      - syncthing
+      - docker-ce
+      #- wireguard
+      - hugo
+      - rsync
+      - python-pip
+    - apt:
+        upgrade: full
+    - pip:
+        name: "{{ item }}"
+      with_items:
+      - docker
+      - docker-compose
+
diff --git a/bootstrap.yml b/bootstrap.yml
new file mode 100644
index 0000000..012ce90
--- /dev/null
+++ b/bootstrap.yml
@@ -0,0 +1,33 @@
+---
+  - name: Bootstrap base systems
+    hosts: tamriel
+    remote_user: root
+    vars:
+      users:
+      - login: pawel
+        groups: ['sudo', 'remote_access', 'docker']
+        pubkey: "{{ lookup('file', '/home/pawel/.ssh/id_rsa.pub') }}"
+        shell: /bin/zsh
+      - login: ansible_worker
+        groups: ['sudo', 'remote_access', 'docker']
+        pubkey: "{{ lookup('file', '/home/pawel/.ssh/id_rsa.pub') }}"
+        shell: /bin/bash
+    roles:
+    - base_users
+    tasks:
+    - name: zsh
+      apt: name=zsh
+    #- name: Allow paswordless sudo
+    #  lineinfile:
+    #    dest: /etc/sudoers
+    #    state: present
+    #    regexp: "^%sudo"
+    #    line: "%sudo ALL=(ALL) NOPASSWD: ALL"
+    #    validate: '/usr/sbin/visudo -cf %s'
+    - file:
+        path: /home/pawel/.zshrc
+        owner: pawel
+        group: pawel
+        state: touch
+        mode: 0660
+
diff --git a/roles/base_users/tasks/main.yml b/roles/base_users/tasks/main.yml
new file mode 100644
index 0000000..bf9f6f8
--- /dev/null
+++ b/roles/base_users/tasks/main.yml
@@ -0,0 +1,20 @@
+---
+- name: Create docker group
+  group: name=docker state=present
+
+- name: Create remote_access group
+  group: name=remote_access state=present
+
+- name: Add users
+  user: 
+    name: "{{ item.login }}"
+    groups: "users{% if 'groups' in item %},{{ item.groups|join(',') }}{% endif %}"
+    shell: "{{ item.shell }}"
+  with_items: "{{ users }}"
+
+- name: Setup authorized keys for users
+  authorized_key:
+    user: "{{ item.login }}"
+    key: "{{ item.pubkey }}"
+  with_items: "{{ users }}"
+
-- 
cgit 1.4.1