diff options
| author | Lars Wirzenius <liw@liw.fi> | 2021-12-28 17:33:18 +0200 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2021-12-28 17:33:18 +0200 |
| commit | 809ed387367c97f39ed5ae1c41f56720b0505ef8 (patch) | |
| tree | 815e2914fa9b20ed2cd47815e8c864f732f90378 /ansible/exolobe5.yml | |
| parent | 632f8b376e1dccf90c9a40301e412d54f2cc38fa (diff) | |
| download | ansibleness-809ed387367c97f39ed5ae1c41f56720b0505ef8.tar.gz | |
exolobe5, vmhost-minimal: adjust for freshly reinstalled server
Sponsored-by: author
Diffstat (limited to 'ansible/exolobe5.yml')
| -rw-r--r-- | ansible/exolobe5.yml | 101 |
1 files changed, 98 insertions, 3 deletions
diff --git a/ansible/exolobe5.yml b/ansible/exolobe5.yml index f9a7966..e899f47 100644 --- a/ansible/exolobe5.yml +++ b/ansible/exolobe5.yml @@ -1,6 +1,5 @@ - hosts: exolobe5 - remote_user: liw - become: yes + remote_user: root roles: - sane_debian_system - ssd @@ -14,12 +13,106 @@ name: - jq - vmadm + - python3-lxml + - bridge-utils + - name: "configure loopback network interface" + copy: + content: | + auto lo + iface lo inet loopback + dest: /etc/network/interfaces.d/lo + - name: "configure main network interface" + copy: + content: | + auto enp6s0 + iface enp6s0 inet manual + dest: /etc/network/interfaces.d/enp6s0 + - name: "configure bridge br0 for virtual machines to use" + copy: + content: | + auto br0 + iface br0 inet dhcp + bridge_ports enp6s0 + dest: /etc/network/interfaces.d/br0 + - name: "configure /etc/network/interfaces" + copy: + content: | + source /etc/network/interfaces.d/* + dest: /etc/network/interfaces + - name: "bring up network interfaces" + shell: | + ifup -a + - name: "create ~liw/base-images" + file: + state: directory + path: /home/liw/base-images + owner: liw + group: liw + mode: 0755 + - name: "create ~liw/vm" + file: + state: directory + path: /home/liw/vm + owner: liw + group: liw + mode: 0755 + - name: "fetch cloud images" + get_url: + url: "{{ item.url }}" + dest: "/home/liw/base-images/{{ item.file }}" + owner: liw + group: liw + mode: 0644 + with_items: + - url: https://cloud.debian.org/images/cloud/bullseye/latest/debian-11-generic-amd64.qcow2 + file: bullseye.qcow2 + - name: "create ~liw/.ssh" + file: + state: directory + path: /home/liw/.ssh + owner: liw + group: liw + mode: 0755 + - name: install SSH public key for liw + copy: + content: "{{ liw_personal_ssh_pub }}" + dest: /home/liw/.ssh/id_personal.pub + owner: liw + group: liw + mode: 0644 + - name: "install SSH CA key" + copy: + content: "{{ lookup('pipe', 'pass show sshca/vmadm-v1') }}" + dest: /home/liw/.ssh/vmadm + owner: liw + group: liw + mode: 0600 + - name: "ensure SSH CA key file ends in a newline" + shell: | + if [ "$(tail -n1 /home/liw/.ssh/vmadm | wc -l)" = 0 ] + then + echo >> /home/liw/.ssh/vmadm + fi + - name: "create ~liw/.config/vmadm" + file: + state: directory + path: /home/liw/.config/vmadm + owner: liw + group: liw + mode: 0755 + - name: "configure vmadm" + copy: + src: vmadm.yaml + dest: /home/liw/.config/vmadm/config.yaml + owner: liw + group: liw + mode: 0644 vars: ansible_python_interpreter: /usr/bin/python3 sane_debian_system_version: 2 sane_debian_system_hostname: exolobe5 - sane_debian_system_codename: buster + sane_debian_system_codename: bullseye sane_debian_system_sources_lists: - repo: | deb http://security.debian.org/debian-security buster/updates main contrib non-free @@ -35,6 +128,8 @@ - username: liw comment: Lars Wirzenius sudo: yes + groups: + - libvirt authorized_keys: | {{ liw_personal_ssh_pub }} |