diff options
author | Lars Wirzenius <liw@liw.fi> | 2022-07-11 14:39:49 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2022-07-11 14:39:49 +0300 |
commit | b7945407581b0e37d0f9a53352dea230989b1e78 (patch) | |
tree | 2dd8ba59a84983456f324a9a43f25d18c5961cd0 /ansible/exolobe5.yml | |
parent | 23326492fcf946e03fed30531a7747ed50da6178 (diff) | |
download | ansibleness-b7945407581b0e37d0f9a53352dea230989b1e78.tar.gz |
stamina: add
Sponsored-by: author
Diffstat (limited to 'ansible/exolobe5.yml')
-rw-r--r-- | ansible/exolobe5.yml | 172 |
1 files changed, 0 insertions, 172 deletions
diff --git a/ansible/exolobe5.yml b/ansible/exolobe5.yml deleted file mode 100644 index df60554..0000000 --- a/ansible/exolobe5.yml +++ /dev/null @@ -1,172 +0,0 @@ -- hosts: exolobe5 - remote_user: root - roles: - - sane_debian_system - - ssd - - comfortable-debian-system - - self-updating-system - - vmhost-minimal - - unix_users - - smarthost-client - tasks: - - apt: - name: - - jq - - vmadm - - python3-lxml - - systemd-timesyncd - - ifupdown - - bridge-utils - - apt: - name: ntp - state: absent - purge: yes - - file: - path: /etc/systemd/network/external.network - state: absent - - copy: - content: | - auto lo - iface lo inet loopback - dest: /etc/network/interfaces.d/lo - - copy: - content: | - iface eth0 inet manual - - auto br0 - iface br0 inet dhcp - bridge_ports eth0 - bridge_hw eth0 - up ip route delete 10.1.1.1 dev eth0 - up ip route delete 10.1.1.0/24 dev eth0 - up ip route delete default via 10.1.1.1 dev eth0 - dest: /etc/network/interfaces.d/br0 - - name: "set permission of /mnt/vms" - file: - path: /mnt/vms - owner: root - group: libvirt - mode: 0775 - - name: "clone ansibleness to ~liw" - git: - repo: git://git.liw.fi/ansibleness - dest: /home/liw/ansibleness - - name: "clone liw-dot-files to ~liw" - git: - repo: git://git.liw.fi/liw-dot-files - dest: /home/liw/liw-dot-files - - name: "set ownership of everything in ~liw/ansibleness and liw-dot-files" - args: - warn: false - shell: | - chown -R liw:liw /home/liw/ansibleness /home/liw/liw-dot-files - - name: "configure liw dot files" - shell: | - sudo -u liw -i bash -c "pwd && ./liw-dot-files/make-symlinks" - sudo -u liw -i bash -c "ln -nsf liw-dot-files/gitconfig-exolobe1 .gitconfig" - - name: "create ~liw/base-images" - file: - state: directory - path: /home/liw/base-images - owner: liw - group: liw - mode: 0755 - - name: "create ~liw/vm" - file: - state: directory - path: /home/liw/vm - owner: liw - group: liw - mode: 0755 - - name: "fetch cloud images" - get_url: - url: "{{ item.url }}" - dest: "/home/liw/base-images/{{ item.file }}" - owner: liw - group: liw - mode: 0644 - with_items: - - url: https://cloud.debian.org/images/cloud/bullseye/latest/debian-11-generic-amd64.qcow2 - file: bullseye.qcow2 - - url: https://cloud.debian.org/images/cloud/OpenStack/current-10/debian-10-openstack-amd64.qcow2 - file: buster.qcow2 - - name: "create ~liw/.ssh" - file: - state: directory - path: /home/liw/.ssh - owner: liw - group: liw - mode: 0755 - - name: install SSH public key for liw - copy: - content: "{{ liw_personal_ssh_pub }}" - dest: /home/liw/.ssh/id_personal.pub - owner: liw - group: liw - mode: 0644 - - name: "install SSH CA key" - copy: - content: "{{ lookup('pipe', 'pass show sshca/vmadm-v1') }}" - dest: /home/liw/.ssh/vmadm - owner: liw - group: liw - mode: 0600 - - name: "ensure SSH CA key file ends in a newline" - shell: | - if [ "$(tail -n1 /home/liw/.ssh/vmadm | wc -l)" = 0 ] - then - echo >> /home/liw/.ssh/vmadm - fi - - name: "create ~liw/.config/vmadm" - file: - state: directory - path: /home/liw/.config/vmadm - owner: liw - group: liw - mode: 0755 - - name: "configure vmadm" - copy: - src: vmadm.yaml - dest: /home/liw/.config/vmadm/config.yaml - owner: liw - group: liw - mode: 0644 - - name: "enable libvirt 'default' network" - virt_net: - name: default - autostart: yes - state: active - vars: - ansible_python_interpreter: /usr/bin/python3 - - sane_debian_system_version: 2 - sane_debian_system_hostname: exolobe5 - sane_debian_system_codename: bullseye - sane_debian_system_sources_lists: - - repo: | - deb http://security.debian.org/debian-security buster/updates main contrib non-free - - - repo: | - deb http://deb.debian.org/debian buster contrib non-free - - - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main - signing_key: "{{ ci_prod_signing_key }}" - - unix_users_version: 2 - unix_users: - - username: liw - comment: Lars Wirzenius - sudo: yes - groups: - - libvirt - authorized_keys: | - {{ liw_personal_ssh_pub }} - - username: root - authorized_keys: | - {{ liw_personal_ssh_pub }} - - mailname: "{{ sane_debian_system_hostname }}.liw.fi" - relayhost: pieni.net:587 - smarthost: pieni.net - smarthost_user: pienirelay - smarthost_password: "{{ lookup('pipe', 'pass show pieni.net/pienirelay') }}" |