diff options
author | Lars Wirzenius <liw@liw.fi> | 2023-12-19 20:09:44 +0200 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2023-12-19 20:09:44 +0200 |
commit | d6e4bf3dc6da6b74ba6f93aba3d8481800046419 (patch) | |
tree | 70682e2218a3602a0a2ac7ecd8248c51a5080062 /ansible/radicle-liw3.yaml | |
parent | 119ce654b7df12631c16279e24a5d595f2fdfc68 (diff) | |
download | ansibleness-d6e4bf3dc6da6b74ba6f93aba3d8481800046419.tar.gz |
radicle-liw3: install Radicle and stuff
Signed-off-by: Lars Wirzenius <liw@liw.fi>
Sponsored-by: author
Diffstat (limited to 'ansible/radicle-liw3.yaml')
-rw-r--r-- | ansible/radicle-liw3.yaml | 130 |
1 files changed, 130 insertions, 0 deletions
diff --git a/ansible/radicle-liw3.yaml b/ansible/radicle-liw3.yaml new file mode 100644 index 0000000..7dadc1c --- /dev/null +++ b/ansible/radicle-liw3.yaml @@ -0,0 +1,130 @@ +- hosts: radicle-liw3 + remote_user: debian + become: yes + roles: + - role: sane_debian_system + - role: sshd + - role: comfortable-debian-system + - role: unix_users + - role: rust-rustup + - role: liw + tasks: + - name: "install important additional packages" + apt: + name: + - moreutils + - nmap + - ripgrep + + - name: "install radicle using installer" + shell: | + curl -sSf https://radicle.xyz/install | sudo -u liw bash + + - name: "create directory for Radicle keys" + file: + state: directory + path: /home/liw/.radicle/keys + owner: liw + group: liw + + - name: "install Radicle private key" + copy: + content: | + {{ lookup('pipe', 'pass show radicle/radicle-liw3/key') }} + dest: /home/liw/.radicle/keys/radicle + owner: liw + group: liw + mode: 0600 + + - name: "install Radicle public key" + copy: + content: | + {{ lookup('pipe', 'pass show radicle/radicle-liw3/key.pub') }} + dest: /home/liw/.radicle/keys/radicle.pub + owner: liw + group: liw + mode: 0644 + + - name: "install systemd unit for Radicle node" + copy: + content: | + [Unit] + After=syslog.target network.target + Description=Radicle Node + + [Service] + Type=simple + ExecStart=/home/liw/.radicle/bin/radicle-node --listen 0.0.0.0:8776 + Environment=RAD_HOME=/home/liw/.radicle + KillMode=process + Restart=never + RestartSec=1 + User=liw + Group=liw + + [Install] + WantedBy=default.target + dest: /lib/systemd/system/radicle-node.service + + - name: "enable systemd unit for Radicle node" + systemd: + name: radicle-node + state: restarted + masked: no + enabled: yes + daemon_reload: yes + + - name: "install script to install Radicle CI stuff" + copy: + content: | + #!/bin/bash + set -xeuo pipefail + + clone_install() { + local url dir root + url="$1" + dir="$2" + root="$3" + + if [ ! -e "$dir" ]; then + git clone "$url" "$dir" + else + (cd "$dir" && git pull) + fi + + (cd "$dir" && cargo install --path=. --root="$root") + } + + clone_install https://radicle.liw.fi/zwTxygwuz5LDGBq255RA2CbNGrz8.git radicle-ci-broker "$(pwd)/root" + clone_install https://radicle.liw.fi/z3qg5TKmN83afz2fj9z3fQjU8vaYE.git radicle-native-ci "$(pwd)/root" + + install root/bin/* $HOME/bin + dest: /home/liw/install-radicle-ci + owner: liw + group: liw + mode: 0755 + + - name: "install Radicle CI stuff" + shell: | + sudo -i -u liw bash -c 'cd /home/liw && install -d bin && ./install-radicle-ci' + + vars: + ansible_python_interpreter: /usr/bin/python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: "{{ inventory_hostname }}" + sane_debian_system_codename: bookworm + sane_debian_system_timezone: Europe/Helsinki + sane_debian_system_sources_lists: + - repo: | + deb http://security.debian.org/debian-security bookworm-security main contrib non-free + + unix_users_version: 2 + unix_users: + - username: liw + comment: Lars Wirzenius + + sshd_version: 1 + + rustup_cargo_install: | + starship |