Add initial Ansible configuration and package management setup
- Create .gitignore to exclude .vscode directory
- Add ansible.cfg for Ansible configuration
- Define inventory for new machine
- Create playbook.yml for orchestrating tasks
- Set up common role with default variables, handlers, and tasks
- Implement package management tasks for installing packages from various sources
- Include appimage and flatpak package lists
This commit is contained in:
William Valentin
26
ansible/roles/common/defaults/main.yml
Normal file
26
ansible/roles/common/defaults/main.yml
Normal file
@@ -0,0 +1,26 @@
|
||||
---
|
||||
# Default variables for the 'common' role
|
||||
|
||||
# Hostname
|
||||
common_hostname: "willlaptop"
|
||||
|
||||
# WiFi Configuration
|
||||
common_wifi_ssid: "Skips new wifi"
|
||||
common_wifi_password: "04251992#04291962#"
|
||||
common_wifi_connection_name: "theden"
|
||||
|
||||
# Ethernet Configuration
|
||||
common_ethernet_ifname: "eth0"
|
||||
common_ethernet_con_name: "Ethernet"
|
||||
common_ethernet_ipv4_address: "192.168.153.117/24"
|
||||
common_ethernet_ipv4_gateway: "192.168.153.1"
|
||||
common_ethernet_ipv4_dns: "8.8.8.8,1.1.1.1"
|
||||
|
||||
# User Configuration
|
||||
common_user_name: "will"
|
||||
common_user_password: "$6$SQB4NRF/A4OI6oSq$Oe9DwyIpNo9CUobOU67kJri4OA91/o3bUWV3SFZmOWamxidShZjLDCG29hFw3f5Ta0uPfjKtQMVdY0ToPM0e71" # This should ideally be hashed or managed by vault
|
||||
|
||||
# SSHD Configuration
|
||||
common_sshd_permit_root_login: "yes"
|
||||
common_sshd_password_authentication: "yes"
|
||||
common_sshd_permit_empty_passwords: "no"
|
||||
7
ansible/roles/common/handlers/main.yml
Normal file
7
ansible/roles/common/handlers/main.yml
Normal file
@@ -0,0 +1,7 @@
|
||||
---
|
||||
# Handlers for the 'common' role
|
||||
|
||||
- name: Restart sshd
|
||||
ansible.builtin.service:
|
||||
name: sshd
|
||||
state: restarted
|
||||
72
ansible/roles/common/tasks/main.yml
Normal file
72
ansible/roles/common/tasks/main.yml
Normal file
@@ -0,0 +1,72 @@
|
||||
---
|
||||
# Add common tasks here
|
||||
|
||||
- name: Set hostname to '{{ common_hostname }}'
|
||||
ansible.builtin.hostname:
|
||||
name: "{{ common_hostname }}"
|
||||
tags: [ 'common', 'hostname' ]
|
||||
|
||||
- name: Configure WiFi connection '{{ common_wifi_connection_name }}'
|
||||
become: true
|
||||
ansible.builtin.command:
|
||||
cmd: >
|
||||
nmcli dev wifi connect "{{ common_wifi_ssid }}"
|
||||
password "{{ common_wifi_password }}"
|
||||
name "{{ common_wifi_connection_name }}"
|
||||
args:
|
||||
creates: "/etc/NetworkManager/system-connections/{{ common_wifi_connection_name }}.nmconnection"
|
||||
ignore_errors: true
|
||||
tags: [ 'common', 'network', 'wifi' ]
|
||||
|
||||
- name: Configure ethernet connection '{{ common_ethernet_con_name }}' with static IP, gateway, and DNS
|
||||
become: true
|
||||
ansible.builtin.command:
|
||||
cmd: >
|
||||
nmcli con add type ethernet ifname {{ common_ethernet_ifname }} con-name "{{ common_ethernet_con_name }}" ipv4.method manual ipv4.addresses {{ common_ethernet_ipv4_address }} ipv4.gateway {{ common_ethernet_ipv4_gateway }} ipv4.dns "{{ common_ethernet_ipv4_dns }}"
|
||||
args:
|
||||
creates: "/etc/NetworkManager/system-connections/{{ common_ethernet_con_name }}.nmconnection"
|
||||
ignore_errors: true
|
||||
tags: [ 'common', 'network', 'ethernet' ]
|
||||
- name: Ensure user '{{ common_user_name }}' exists with specified password
|
||||
ansible.builtin.user:
|
||||
name: "{{ common_user_name }}"
|
||||
password: "{{ common_user_password }}"
|
||||
shell: /bin/bash
|
||||
state: present
|
||||
create_home: yes
|
||||
tags: [ 'common', 'users' ]
|
||||
- name: Ensure root password matches user '{{ common_user_name }}'
|
||||
ansible.builtin.user:
|
||||
name: root
|
||||
password: "{{ common_user_password }}"
|
||||
tags: [ 'common', 'users' ]
|
||||
- name: Configure sshd_config to allow root login with password
|
||||
become: true
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
regexp: "^PermitRootLogin"
|
||||
line: "PermitRootLogin {{ common_sshd_permit_root_login }}"
|
||||
state: present
|
||||
create: yes
|
||||
notify: Restart sshd
|
||||
tags: [ 'common', 'sshd' ]
|
||||
- name: Ensure PasswordAuthentication is set to {{ common_sshd_password_authentication }} in sshd_config
|
||||
become: true
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
regexp: "^PasswordAuthentication"
|
||||
line: "PasswordAuthentication {{ common_sshd_password_authentication }}"
|
||||
state: present
|
||||
create: yes
|
||||
notify: Restart sshd
|
||||
tags: [ 'common', 'sshd' ]
|
||||
- name: Ensure PermitEmptyPasswords is set to {{ common_sshd_permit_empty_passwords }} in sshd_config
|
||||
become: true
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
regexp: "^PermitEmptyPasswords"
|
||||
line: "PermitEmptyPasswords {{ common_sshd_permit_empty_passwords }}"
|
||||
state: present
|
||||
create: yes
|
||||
notify: Restart sshd
|
||||
tags: [ 'common', 'sshd' ]
|
||||
Reference in New Issue
Block a user