aceeb7b542
- ansible/: VM provisioning playbooks and roles - provision-vm.yml: create KVM VM from Ubuntu cloud image - install.yml: install OpenClaw on guest (upstream) - customize.yml: swappiness, virtiofs fstab, linger - roles/vm/: libvirt domain XML, cloud-init templates - inventory.yml + host_vars/zap.yml: zap instance config - backup-openclaw-vm.sh: daily rsync + MinIO upload - restore-openclaw-vm.sh: full redeploy from scratch - README.md: full operational documentation Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
77 lines
2.6 KiB
YAML
77 lines
2.6 KiB
YAML
---
|
|
- name: Verify playbook results
|
|
hosts: localhost
|
|
connection: local
|
|
gather_facts: true
|
|
|
|
vars:
|
|
openclaw_user: openclaw
|
|
openclaw_home: /home/openclaw
|
|
|
|
tasks:
|
|
- name: Verify openclaw user exists
|
|
ansible.builtin.command: "id {{ openclaw_user }}"
|
|
changed_when: false
|
|
|
|
- name: Verify critical packages installed
|
|
ansible.builtin.command: "dpkg -s {{ item }}"
|
|
loop: [git, curl, vim, jq, tmux, tree, htop]
|
|
changed_when: false
|
|
|
|
- name: Verify Node.js installed
|
|
ansible.builtin.command: node --version
|
|
changed_when: false
|
|
|
|
- name: Verify pnpm installed
|
|
ansible.builtin.command: pnpm --version
|
|
changed_when: false
|
|
|
|
- name: Verify openclaw directory structure
|
|
ansible.builtin.stat:
|
|
path: "{{ item.path }}"
|
|
loop:
|
|
- { path: "{{ openclaw_home }}/.openclaw", mode: "0755" }
|
|
- { path: "{{ openclaw_home }}/.openclaw/sessions" }
|
|
- { path: "{{ openclaw_home }}/.openclaw/credentials", mode: "0700" }
|
|
- { path: "{{ openclaw_home }}/.openclaw/data" }
|
|
- { path: "{{ openclaw_home }}/.openclaw/logs" }
|
|
- { path: "{{ openclaw_home }}/.openclaw/agents" }
|
|
- { path: "{{ openclaw_home }}/.openclaw/agents/main" }
|
|
- { path: "{{ openclaw_home }}/.openclaw/agents/main/agent", mode: "0700" }
|
|
- { path: "{{ openclaw_home }}/.openclaw/workspace" }
|
|
- { path: "{{ openclaw_home }}/.ssh", mode: "0700" }
|
|
register: dir_checks
|
|
|
|
- name: Assert directories exist
|
|
ansible.builtin.assert:
|
|
that: item.stat.exists and item.stat.isdir
|
|
fail_msg: "Directory missing: {{ item.item.path }}"
|
|
loop: "{{ dir_checks.results }}"
|
|
loop_control:
|
|
label: "{{ item.item.path }}"
|
|
|
|
- name: Assert restricted directories have correct permissions
|
|
ansible.builtin.assert:
|
|
that:
|
|
- dir_checks.results[2].stat.mode == '0700'
|
|
- dir_checks.results[7].stat.mode == '0700'
|
|
fail_msg: "credentials and agents/main/agent dirs should be 0700"
|
|
|
|
- name: Verify sudoers file exists and is valid
|
|
ansible.builtin.command: "visudo -cf /etc/sudoers.d/{{ openclaw_user }}"
|
|
changed_when: false
|
|
|
|
- name: Verify global vim config exists
|
|
ansible.builtin.stat:
|
|
path: /etc/vim/vimrc.local
|
|
register: vimrc
|
|
- ansible.builtin.assert:
|
|
that: vimrc.stat.exists
|
|
|
|
- name: Verify git global config
|
|
ansible.builtin.command: git config --global init.defaultBranch
|
|
changed_when: false
|
|
register: git_branch
|
|
- ansible.builtin.assert:
|
|
that: git_branch.stdout == 'main'
|