diff options
| author | Lars Wirzenius <liw@liw.fi> | 2021-11-25 09:40:00 +0200 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2021-11-25 09:40:00 +0200 |
| commit | a7dbd2d380d4bf34504bf0b9bee06a1a9583980e (patch) | |
| tree | 21def33f80279bf098e10d37c2aebc25061163fb | |
| parent | 51587629c83fece75ce6cbcd8a3839416a64a699 (diff) | |
| download | ansibleness-a7dbd2d380d4bf34504bf0b9bee06a1a9583980e.tar.gz | |
refactor: drop use of liw-openpgp key everywhere
Sponsored-by: author
| -rw-r--r-- | ansible/atuin.liw.fi.yml | 6 | ||||
| -rw-r--r-- | ansible/billion.yml | 2 | ||||
| -rw-r--r-- | ansible/contractor-dev.yml | 4 | ||||
| -rw-r--r-- | ansible/debmirror.yml | 4 | ||||
| -rw-r--r-- | ansible/exolobe4.yml | 62 | ||||
| -rw-r--r-- | ansible/exolobe6.yml | 90 | ||||
| -rw-r--r-- | ansible/group_vars/all.yml | 4 | ||||
| -rw-r--r-- | ansible/holywood2.yml | 2 | ||||
| -rw-r--r-- | ansible/http.liw.fi.yml | 3 | ||||
| -rw-r--r-- | ansible/kea.yml | 2 | ||||
| -rw-r--r-- | ansible/letest-letest.vm.liw.fi.yml | 2 | ||||
| -rw-r--r-- | ansible/mirror-git.yml | 3 | ||||
| -rw-r--r-- | ansible/oomph.yml | 87 | ||||
| -rw-r--r-- | ansible/scap-dev.yml | 83 | ||||
| -rw-r--r-- | ansible/sequoia.yml | 29 | ||||
| -rw-r--r-- | ansible/sshca-dev.yml | 2 | ||||
| -rw-r--r-- | ansible/subplot-dan.yml | 2 | ||||
| -rw-r--r-- | ansible/train-dev-docker.yml | 69 | ||||
| -rw-r--r-- | ansible/train-dev.yml | 74 |
19 files changed, 9 insertions, 521 deletions
diff --git a/ansible/atuin.liw.fi.yml b/ansible/atuin.liw.fi.yml index 55b3095..cf0a223 100644 --- a/ansible/atuin.liw.fi.yml +++ b/ansible/atuin.liw.fi.yml @@ -54,12 +54,10 @@ comment: Lars Wirzenius sudo: yes authorized_keys: | - {{ liw_ssh_pub }} {{ liw_hetzner_ssh_pub }} - username: root sudo: yes authorized_keys: | - {{ liw_ssh_pub }} {{ liw_hetzner_ssh_pub }} mailname: atuin.liw.fi @@ -148,22 +146,18 @@ comment: Lars Wirzenius sudo: yes authorized_keys: | - {{ liw_ssh_pub }} {{ liw_hetzner_ssh_pub }} - username: root sudo: yes authorized_keys: | - {{ liw_ssh_pub }} {{ liw_hetzner_ssh_pub }} - username: liw-laptop comment: Lars Wirzenius authorized_keys: | - {{ liw_ssh_pub }} {{ liw_hetzner_ssh_pub }} - username: liw-holywood comment: Lars Wirzenius authorized_keys: | - {{ liw_ssh_pub }} {{ root_at_holywood2_ssh_key_pub }} {{ root_at_holywood2_ssh_key_pub_v2 }} diff --git a/ansible/billion.yml b/ansible/billion.yml index f902c9c..60c321d 100644 --- a/ansible/billion.yml +++ b/ansible/billion.yml @@ -18,4 +18,4 @@ comment: Lars Wirzenius sudo: yes authorized_keys: | - {{ liw_ssh_pub }} + {{ liw_personal_ssh_pub }} diff --git a/ansible/contractor-dev.yml b/ansible/contractor-dev.yml index d763065..d06fd72 100644 --- a/ansible/contractor-dev.yml +++ b/ansible/contractor-dev.yml @@ -26,7 +26,7 @@ groups: [liw, kvm] - copy: content: | - {{ liw_ssh_pub }} + {{ liw_personal_ssh_pub }} dest: /home/liw/.ssh/liw-openpgp.pub owner: liw group: liw @@ -43,7 +43,7 @@ comment: Lars Wirzenius sudo: yes authorized_keys: | - {{ liw_ssh_pub }} + {{ liw_personal_ssh_pub }} sources_lists: - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main diff --git a/ansible/debmirror.yml b/ansible/debmirror.yml index f9de0d4..3605f91 100644 --- a/ansible/debmirror.yml +++ b/ansible/debmirror.yml @@ -23,11 +23,11 @@ comment: Lars Wirzenius sudo: yes authorized_keys: | - {{ liw_ssh_pub }} + {{ liw_personal_ssh_pub }} - username: debmirror comment: Debian Mirror authorized_keys: | - {{ liw_ssh_pub }} + {{ liw_personal_ssh_pub }} static_sites: diff --git a/ansible/exolobe4.yml b/ansible/exolobe4.yml deleted file mode 100644 index c9518d6..0000000 --- a/ansible/exolobe4.yml +++ /dev/null @@ -1,62 +0,0 @@ -- hosts: exolobe4 - remote_user: liw - become: yes - roles: - - sane_debian_system - - comfortable-debian-system - - unix_users - - version-controller - - emacs - - gnupg-workstation - - gnome-system - # - smarthost-client - - journal-workstation - # - apache_server - - writing-dev-env - - tex-dev-env - - chaoskey-host - - vmhost - - ansible - - mail-client - - intel-wifi - - rust-dev-env - tasks: - - apt: - name: - - black - - pylint - - pylint3 - - lshw - - subplot - - extrautils - - flake8 - vars: - sane_debian_system_version: 1 - unix_users_version: 2 - - sane_debian_system_hostname: exolobe4 - sane_debian_system_codename: buster - sane_debian_system_timezone: Europe/Helsinki - sane_debian_system_sources_lists: - - repo: | - deb http://deb.debian.org/debian buster contrib non-free - - # - repo: | - # deb https://riot.im/packages/debian sid main - # signing_key: "{{ riot_im_signing_key }}" - - - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main - signing_key: "{{ ci_prod_signing_key }}" - - # mailname: exolobe4.liw.fi - # relayhost: pieni.net:587 - # smarthost: pieni.net - # smarthost_user: pienirelay - # smarthost_password: "{{ lookup('pipe', 'pass show pieni.net/pienirelay') }}" - - unix_users: - - username: liw - comment: Lars Wirzenius - sudo: yes - authorized_keys: | - {{ liw_ssh_pub }} diff --git a/ansible/exolobe6.yml b/ansible/exolobe6.yml deleted file mode 100644 index add7dea..0000000 --- a/ansible/exolobe6.yml +++ /dev/null @@ -1,90 +0,0 @@ -- hosts: exolobe6 - remote_user: liw - become: yes - roles: - - sane_debian_system - - comfortable-debian-system - - unix_users - - version-controller - - emacs - - backup-client - - gnupg-workstation - - gnome-system - - writing-dev-env - - ansible - - mail-client - - intel-wifi - - vmhost - tasks: - - apt: - name: - - black - - pylint - - pylint3 - - lshw - - subplot - - flake8 - - thunderbolt-tools - - liw-automation - - wmf-sre-laptop - - clamav - - clamav-freshclam - - clamav-daemon - vars: - ansible_python_interpreter: /usr/bin/python3 - sane_debian_system_version: 2 - unix_users_version: 2 - - sane_debian_system_hostname: exolobe6 - sane_debian_system_codename: bullseye - sane_debian_system_timezone: Europe/Helsinki - sane_debian_system_sources_lists: - - repo: | - deb http://deb.debian.org/debian bullseye contrib non-free - - - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main - signing_key: "{{ ci_prod_signing_key }}" - - - repo: deb http://apt.wikimedia.org/wikimedia buster-wikimedia main - signing_key: | - -----BEGIN PGP PUBLIC KEY BLOCK----- - Version: GnuPG v1 - - mQINBFieKQEBEACZXCSJEwJnXsEofPUIunQTqF8p1IipjkDF4sNSgyuA17AD235h - EEll1Czzd13bajM4D9dO+Yz4q9lWcrdoaHXklTEnA1Dhjk0wgTRqEqa37PBxjm7p - xTuSOEFAHnQfjM9ZzV6Bd3kzIlfxnTguiYbN1pf4KQ7u4TQSchKr8V4p+mf4Y+Xg - 6hhskLrvMRYO7mNGEzm0vdfWsGbbvPZlhrRMea4oyCrOGd2piXAIPLR6DFXpyrb9 - GdEKrg8evTUnntsIqQ60h8veFETGNUmtpSF9OwzVGfH8TKACV7qA30Bbp6wDSLeY - JefpX4yBexY3FbNx1oxXbXTZbDR8RZ4olWjP+inKYJTwHxQnvYjXWgMeNR/BgX2s - ontLXqK5BzBP+1E0vHdAAYSU/8vjr+zmy1qyDWYtIlqdMXzDkXTCZIkJE0WPp5Sx - sEFqpLdO7ggqJV5UF7h/yIq9bcxoaNxYGJFRDWg3Lj6ZLCxiSN/QHuqascMijKAU - 2RHzQtXhfXzZA8PwZp92dalOZOguytEYyhzrPfJlysvOnXTigHa9WeybDcJgsOO8 - xFbgU9P98NgyE4ZIel6P1GpLnBY8j0KpbhWfCi5mmomwwK5OUWe0g9/u4z5FmN3z - /WWA/8BjuJI9MFnS3YoU3safEUi0vD5pnuktVQGJOkSnR6gAN4dAoCcVEwARAQAB - tDxXaWtpbWVkaWEgQXJjaGl2ZSBBdXRvbWF0aWMgU2lnbmluZyBLZXkgPHJvb3RA - d2lraW1lZGlhLm9yZz6JAjcEEwEKACEFAlieKQECGwMFCwkIBwMFFQoJCAsFFgID - AQACHgECF4AACgkQnTktP/rfGPtmohAAhQhGkOe0DX5ZSK6uEs2IpB1W3EvCPK87 - vSgI6FZyGEURH7s/MknQR2lMShgHZ1oqLwZV1DE5ao/D4khPw1JZFeYajXOxQ3Sr - /Qjg6ZayrJ/r9sSchC4nd6m+rFpzuRsx22FWrVenzRBau6/J6OUz3WawsjX3Bwrg - /Hw11/+kgsabkdsdK28ENWdVj0tLp5asSxrs4L4d2RjKpfiufBAGpkqFV5p2J8aw - cJ7Wh3/1mMo+biTtuemHtWf4XfWmXv99ltSEVe8PpMYQ+FjNUHDzEZMS5K39em+V - EOC7GsE+SHHF6lgjH2BtDcpkimbU9uROnGeIWtpRr+PNMu/yhFLUCxe7tf4yffIJ - NIAL3RFcRhLj0xCbL3fd5DbQP4eB68k9pLHwYxpKba7DDmH0aMstvk5xrpphdHAP - p03VbE6ZThKxA828yb2jWtumDhoYRlkHs2KrVufUPA411mUE+A53pwqBse/KM9Iq - Pidc+TwMwy2nByRB9WFyyGS08wqhewpwp8mwIOejvRf+3yi+CGHM2Xi4bTmEqVL+ - Jm1D5W49O5/j1T6HyVPGsyH/0QgYwg2IVZwL5Jfy9w3974jTV3QAcCBafR9hcZCS - S2wOIo0ckRI0APw6DQSFMyBrNs9rWy72Ixu9RC1GtzCCn5OaMRUM9FaqjRnTKX4m - grWsU8i35fI= - =ib96 - -----END PGP PUBLIC KEY BLOCK----- - - - unix_users: - - username: liw - comment: Lars Wirzenius - sudo: yes - groups: - - libvirt - - kvm - authorized_keys: | - {{ liw_ssh_pub }} diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index befb482..558988a 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -1,7 +1,3 @@ -liw_ssh_pub: | - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDAlECa3tbFGXhB3Zh/4/GhM11THOThVfiuLqqJ2dpWHEClzpKJHpzzwWt7g9z/MMQNMsUJLy+okz+De6hdjjmYJ9kG9Sr3H4YKq6itGQMj7L/cH3WS3ynp0uy0oW3hf932vDZKQ8iy9vczXH+ERYl+4TYae1Jp4Hyf4/2IYxEfuhKctvSvqySST3Qk9JNZ71HFGOWhjH/MmoCLoT1v+HkqmHdYf/GMKGRo3gqCEGgCgNErYYIyKm3OF3dHXK+hyGLE/cZNu6fU5woW3rvtUCFt08Ri2pm0cnXXJn9jQIMxfS5Kkf64svwgzKmPqgX1f4flopYPlsBXduCgzbJvj+lpgauAk/i1A5B01CFa9sI4C6pHZmwk1qxRwN+4IXL2CQt+tDgYC84ZDDd8R7cNyL22a3KhMQmdHtvog1beAa3Ab+J+cafkXXN+Es9f1wQjzk7DiHupmJIVofBvPP+cRcB46rwha6ati8Fa5QkT9rXFNqQsKk7jq8TIi54Bm15OOa0jInGG3TM17b9Ftu2WTJSAaqgBnDfZiInK7HEvC6K/IBljrN3oGagmFZPrAvzw7d6C2/nKFAQtfoMcE5oWVDrJyjsmJ8oaru0E8rwj7mMvyKPgEMnXTGXLWDgEo50+i291m4bkCxVwiOPbPRvdMll1Y8qfBAPT76sY4Ikgcw/2iw== openpgp:0xBBE80E50 - - liw_personal_ssh_pub: | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQe6lsTapAxiwhhEeE/ixuK+5N8esCsMWoekQqjtxjP liw personal systems diff --git a/ansible/holywood2.yml b/ansible/holywood2.yml index 7175e9e..d739a03 100644 --- a/ansible/holywood2.yml +++ b/ansible/holywood2.yml @@ -28,13 +28,11 @@ comment: Lars Wirzenius sudo: yes authorized_keys: | - {{ liw_ssh_pub }} {{ liw_personal_ssh_pub }} - username: root ssh_key: "{{ lookup('pipe', 'pass show root_at_holywood2_ssh_key') }}" ssh_key_pub: "{{ root_at_holywood2_ssh_key_pub }}" authorized_keys: | - {{ liw_ssh_pub }} {{ liw_personal_ssh_pub }} mailname: "{{ sane_debian_system_hostname }}.liw.fi" diff --git a/ansible/http.liw.fi.yml b/ansible/http.liw.fi.yml index 042db97..f5b4352 100644 --- a/ansible/http.liw.fi.yml +++ b/ansible/http.liw.fi.yml @@ -17,16 +17,13 @@ - username: liw comment: Lars Wirzenius authorized_keys: | - {{ liw_ssh_pub }} {{ liw_personal_ssh_pub }} - username: root authorized_keys: | - {{ liw_ssh_pub }} {{ liw_personal_ssh_pub }} - username: ickliwfi comment: Ick website authorized_keys: | - {{ liw_ssh_pub }} {{ liw_personal_ssh_pub }} {{ ci_worker_ssh_pub }} diff --git a/ansible/kea.yml b/ansible/kea.yml index 2a884bc..cfa04d2 100644 --- a/ansible/kea.yml +++ b/ansible/kea.yml @@ -50,7 +50,7 @@ comment: Ansible sudo: yes authorized_keys: | - {{ liw_ssh_pub }} + {{ liw_personal_ssh_pub }} sources_lists: - repo: | diff --git a/ansible/letest-letest.vm.liw.fi.yml b/ansible/letest-letest.vm.liw.fi.yml index 8ff0919..c9555dc 100644 --- a/ansible/letest-letest.vm.liw.fi.yml +++ b/ansible/letest-letest.vm.liw.fi.yml @@ -17,4 +17,4 @@ - username: liw comment: Lars Wirzenius authorized_keys: | - {{ liw_ssh_pub }} + {{ liw_personal_ssh_pub }} diff --git a/ansible/mirror-git.yml b/ansible/mirror-git.yml index c1cd202..97810f6 100644 --- a/ansible/mirror-git.yml +++ b/ansible/mirror-git.yml @@ -60,17 +60,14 @@ unix_users: - username: root authorized_keys: | - {{ liw_ssh_pub }} {{ liw_personal_ssh_pub }} - username: debian authorized_keys: | - {{ liw_ssh_pub }} {{ liw_personal_ssh_pub }} - username: liw comment: Lars Wirzenius sudo: true authorized_keys: | - {{ liw_ssh_pub }} {{ liw_personal_ssh_pub }} ssh_key: | {{ lookup('pipe', 'pass show ssh/liw@mirror-git') }} diff --git a/ansible/oomph.yml b/ansible/oomph.yml deleted file mode 100644 index adfb643..0000000 --- a/ansible/oomph.yml +++ /dev/null @@ -1,87 +0,0 @@ -- hosts: oomph - remote_user: root - roles: - - sane_debian_system - - comfortable-debian-system - - unix_users - - self-updating-system - tasks: - - apt_repository: - repo: "deb http://deb.debian.org/debian buster-backports main" - - copy: - content: | - Package: ansible - Pin: release a=buster-backports - Pin-Priority: 900 - dest: /etc/apt/preferences.d/50-train-dev.pref - - apt: - name: - - ansible - - subplot - - qemu-utils - - qemu-system-x86 - - kpartx - - moreutils - - genisoimage - - libvirt-clients - - shellcheck - - pyflakes3 - - apt: - upgrade: yes - - copy: - content: | - options kvm-intel nested=1 - options kvm-intel enable_shadow_vmcs=1 - options kvm-intel enable_apicv=1 - options kvm-intel ept=1 - options kvm-amd nested=1 - dest: /etc/modprobe.d/kvm-nested.conf - - user: - name: liw - groups: [kvm] - - - name: Make ext4 filesystem on /dev/vdb - filesystem: - fstype: ext4 - dev: /dev/vdb - force: no - opts: "-Lworkspace" - - name: mkdir /workspace - file: - state: directory - path: /workspace - - name: Mount /dev/vdb on /workspace - mount: - src: LABEL=workspace - path: /workspace - fstype: auto - opts: defaults - dump: '0' - passno: '2' - state: mounted - - name: Set owner/mode on /workspace - file: - path: /workspace - owner: liw - group: liw - mode: 0755 - vars: - sane_debian_system_version: 1 - unix_users_version: 2 - - sane_debian_system_hostname: oomph - sane_debian_system_codename: buster - - unix_users: - - username: liw - comment: Lars Wirzenius - sudo: yes - authorized_keys: | - {{ liw_ssh_pub }} - - sources_lists: - - repo: | - deb http://deb.debian.org/debian buster contrib non-free - - - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main - signing_key: "{{ ci_prod_signing_key }}" diff --git a/ansible/scap-dev.yml b/ansible/scap-dev.yml deleted file mode 100644 index 5586076..0000000 --- a/ansible/scap-dev.yml +++ /dev/null @@ -1,83 +0,0 @@ -- hosts: scapdev - remote_user: debian - become: true - roles: - - sane_debian_system - - comfortable-debian-system - - unix_users - tasks: - - apt: - name: - - bash-completion - - black - - build-essential - - ca-certificates - - cowbuilder - - debhelper - - dh-python - - docker.io - - flake8 - - git - - git-buildpackage - - libjpeg-dev - - moreutils - - openssl - - pandoc-citeproc - - php - - php-cli - - python-all - - python-all-dev - - python-concurrent.futures - - python-configparser - - python-coverage - - python-dev - - python-flake8 - - python-jinja2 - - python-mock - - python-openssl - - python-psutil - - python-pygments - - python-pytest - - python-pytest-cov - - python-pytest-mock - - python-requests - - python-setuptools - - python-six - - python-sphinx - - python-sphinxcontrib.actdiag - - python-sphinxcontrib.blockdiag - - python-sphinxcontrib.programoutput - - python-yaml - - python2.7 - - python2.7-dev - - python2.7-dev - - subplot - - texlive-fonts-recommended - - texlive-latex-base - - texlive-latex-recommended - - zlib1g-dev - - name: "upgrade all packages" - apt: - upgrade: safe - vars: - ansible_python_interpreter: /bin/python2 - - sane_debian_system_version: 1 - sane_debian_system_codename: buster - - sane_debian_system_sources_lists: - - repo: | - deb http://deb.debian.org/debian buster contrib non-free - - - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main - signing_key: "{{ ci_prod_signing_key }}" - - unix_users_version: 2 - unix_users: - - username: liw - comment: Lars Wirzenius - sudo: yes - groups: - - docker - authorized_keys: | - {{ liw_ssh_pub }} diff --git a/ansible/sequoia.yml b/ansible/sequoia.yml deleted file mode 100644 index f6b2680..0000000 --- a/ansible/sequoia.yml +++ /dev/null @@ -1,29 +0,0 @@ -- hosts: sequoia - remote_user: root - roles: - - sane_debian_system - - comfortable-debian-system - - unix_users - - self-updating-system - - emacs - tasks: - - apt: - name: - - curl - - build-essential - - clang - - pkg-config - - nettle-dev - - libssl-dev - - capnproto - - libsqlite3-dev - vars: - hostname: sequoia - debian_codename: buster - - unix_users: - - username: liw - comment: Lars Wirzenius - sudo: yes - authorized_keys: | - {{ liw_ssh_pub }} diff --git a/ansible/sshca-dev.yml b/ansible/sshca-dev.yml index ee92b83..c3403d9 100644 --- a/ansible/sshca-dev.yml +++ b/ansible/sshca-dev.yml @@ -44,7 +44,7 @@ comment: Lars Wirzenius sudo: yes authorized_keys: | - {{ liw_ssh_pub }} + {{ liw_personal_ssh_pub }} sane_debian_system_sources_lists: - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main diff --git a/ansible/subplot-dan.yml b/ansible/subplot-dan.yml index 0f6493f..56a3d9b 100644 --- a/ansible/subplot-dan.yml +++ b/ansible/subplot-dan.yml @@ -25,7 +25,7 @@ comment: Lars Wirzenius sudo: yes authorized_keys: | - {{ liw_ssh_pub }} + {{ liw_personal_ssh_pub }} - username: dan comment: Dan sudo: yes diff --git a/ansible/train-dev-docker.yml b/ansible/train-dev-docker.yml deleted file mode 100644 index 013f634..0000000 --- a/ansible/train-dev-docker.yml +++ /dev/null @@ -1,69 +0,0 @@ -- hosts: train-dev-docker - remote_user: debian - become: true - roles: - - sane_debian_system - - comfortable-debian-system - - unix_users - - self-updating-system - tasks: - - apt_repository: - repo: "deb http://deb.debian.org/debian buster-backports main" - - apt_repository: - repo: "deb [trusted=yes] http://ci-prod-controller.vm.liw.fi/debian unstable-ci main" - - copy: - content: | - Package: ansible - Pin: release a=buster-backports - Pin-Priority: 900 - dest: /etc/apt/preferences.d/50-train-dev.pref - - apt: - name: - - docker.io - - docker-compose - - make - - emacs - - jq - - subplot - - apt: - upgrade: yes - - copy: - content: | - options kvm-intel nested=1 - options kvm-intel enable_shadow_vmcs=1 - options kvm-intel enable_apicv=1 - options kvm-intel ept=1 - options kvm-amd nested=1 - dest: /etc/modprobe.d/kvm-nested.conf - - user: - name: liw - groups: [docker] - - - name: mkdir /workspace - file: - state: directory - path: /workspace - owner: liw - group: liw - vars: - sane_debian_system_version: 2 - unix_users_version: 2 - - sane_debian_system_hostname: train-dev-docker - sane_debian_system_codename: buster - - ansible_python_interpreter: /usr/bin/python3 - - unix_users: - - username: liw - comment: Lars Wirzenius - sudo: yes - authorized_keys: | - {{ liw_ssh_pub }} - - sources_lists: - - repo: | - deb http://deb.debian.org/debian buster contrib non-free - - - repo: | - deb [trusted=yes] http://ci-prod-controller.vm.liw.fi/debian unstable-ci main diff --git a/ansible/train-dev.yml b/ansible/train-dev.yml deleted file mode 100644 index bf0e01a..0000000 --- a/ansible/train-dev.yml +++ /dev/null @@ -1,74 +0,0 @@ -- hosts: train-dev - remote_user: debian - become: true - roles: - - sane_debian_system - - comfortable-debian-system - - unix_users - - self-updating-system - tasks: - - apt_repository: - repo: "deb http://deb.debian.org/debian buster-backports main" - - apt_repository: - repo: "deb [trusted=yes] http://ci-prod-controller.vm.liw.fi/debian unstable-ci main" - - copy: - content: | - Package: ansible - Pin: release a=buster-backports - Pin-Priority: 900 - dest: /etc/apt/preferences.d/50-train-dev.pref - - apt: - name: - - ansible - - subplot - - qemu-utils - - qemu-system-x86 - - kpartx - - moreutils - - genisoimage - - libvirt-clients - - shellcheck - - pyflakes3 - - netcat-traditional - - apt: - upgrade: yes - - copy: - content: | - options kvm-intel nested=1 - options kvm-intel enable_shadow_vmcs=1 - options kvm-intel enable_apicv=1 - options kvm-intel ept=1 - options kvm-amd nested=1 - dest: /etc/modprobe.d/kvm-nested.conf - - user: - name: liw - groups: [kvm] - - - name: mkdir /workspace - file: - state: directory - path: /workspace - owner: liw - group: liw - vars: - sane_debian_system_version: 2 - unix_users_version: 2 - - sane_debian_system_hostname: train-dev - sane_debian_system_codename: buster - - ansible_python_interpreter: /usr/bin/python3 - - unix_users: - - username: liw - comment: Lars Wirzenius - sudo: yes - authorized_keys: | - {{ liw_ssh_pub }} - - sources_lists: - - repo: | - deb http://deb.debian.org/debian buster contrib non-free - - - repo: | - deb [trusted=yes] http://ci-prod-controller.vm.liw.fi/debian unstable-ci main |