diff options
Diffstat (limited to 'ansible/maybe-someday')
| -rw-r--r-- | ansible/maybe-someday/apt-dev.yml | 78 | ||||
| -rw-r--r-- | ansible/maybe-someday/clab-dev.yml | 52 | ||||
| -rw-r--r-- | ansible/maybe-someday/debian-mirror.yml | 111 | ||||
| -rw-r--r-- | ansible/maybe-someday/debmirror.yml | 41 | ||||
| -rw-r--r-- | ansible/maybe-someday/ewww-dev.yml | 56 | ||||
| -rw-r--r-- | ansible/maybe-someday/ewww-test.yml | 118 | ||||
| -rw-r--r-- | ansible/maybe-someday/jt-dev.yml | 50 | ||||
| -rw-r--r-- | ansible/maybe-someday/letest-letest.vm.liw.fi.yml | 20 | ||||
| -rw-r--r-- | ansible/maybe-someday/openpgp-ca-dev.yml | 47 | ||||
| -rw-r--r-- | ansible/maybe-someday/openpgp-card-dev.yml | 55 | ||||
| -rw-r--r-- | ansible/maybe-someday/python-mess.yml | 41 | ||||
| -rw-r--r-- | ansible/maybe-someday/roadmap-dev.yml | 45 | ||||
| -rw-r--r-- | ansible/maybe-someday/ssh-dev.yml | 22 |
13 files changed, 736 insertions, 0 deletions
diff --git a/ansible/maybe-someday/apt-dev.yml b/ansible/maybe-someday/apt-dev.yml new file mode 100644 index 0000000..54c3d99 --- /dev/null +++ b/ansible/maybe-someday/apt-dev.yml @@ -0,0 +1,78 @@ +- hosts: apt-dev + remote_user: debian + become: yes + roles: + - role: sane_debian_system + tags: [sane] + - role: sshd + tags: [sshd] + - role: comfortable-debian-system + tags: [comfy] + - role: unix_users + tags: [users] + - role: liw + tags: [liw] + tasks: + - apt: + update_cache: yes + name: + - debhelper + - build-essential + - git + - moreutils + - python3 + - cmake + - debhelper-compat + - docbook-xml + - docbook-xsl + - dpkg-dev + - expect + - gettext + - libgtest-dev + - libbz2-dev + - libdb-dev + - libgnutls28-dev + - libgcrypt20-dev + - liblz4-dev +# - liblzma-dev + - libseccomp-dev + - libsystemd-dev + - libudev-dev + - libxxhash-dev + - libzstd-dev + - ninja-build + - pkg-config + - po4a + - triehash + - xsltproc +# - zlib1g-dev + - doxygen + - graphviz + - w3m + + vars: + ansible_python_interpreter: python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: apt-dev + sane_debian_system_codename: bullseye + sane_debian_system_sources_lists: + - repo: deb-src http://deb.debian.org/debian bullseye main + + # - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main + # signing_key: "{{ ci_prod_signing_key }}" + + timezone: Europe/Helsinki + + unix_users_version: 2 + unix_users: + - username: liw + comment: Lars Wirzenius + sudo: yes + authorized_keys: | + {{ liw_personal_ssh_pub }} + - username: debian + sudo: yes + + sshd_version: 1 + sshd_allow_authorized_keys: yes diff --git a/ansible/maybe-someday/clab-dev.yml b/ansible/maybe-someday/clab-dev.yml new file mode 100644 index 0000000..32c6dd9 --- /dev/null +++ b/ansible/maybe-someday/clab-dev.yml @@ -0,0 +1,52 @@ +- hosts: clab-dev + remote_user: debian + become: yes + roles: + - role: sane_debian_system + tags: [sane] + - role: sshd + tags: [sshd] + - role: comfortable-debian-system + tags: [comfy] + - role: unix_users + tags: [users] + - role: liw + tags: [liw] + - role: rust-rustup + tags: [rustup] + tasks: + - apt: + name: + - debhelper + - build-essential + - git + - moreutils + - python3 + - python3-yaml + - subplot + - texlive-fonts-recommended + - texlive-latex-base + - texlive-latex-recommended + vars: + ansible_python_interpreter: python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: clab-dev + sane_debian_system_codename: bullseye + + timezone: Europe/Helsinki + + unix_users_version: 2 + unix_users: + - username: liw + comment: Lars Wirzenius + sudo: yes + - username: debian + sudo: yes + + sane_debian_system_sources_lists: + - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main + signing_key: "{{ ci_prod_signing_key }}" + + sshd_version: 1 + sshd_allow_authorized_keys: yes diff --git a/ansible/maybe-someday/debian-mirror.yml b/ansible/maybe-someday/debian-mirror.yml new file mode 100644 index 0000000..1b85a21 --- /dev/null +++ b/ansible/maybe-someday/debian-mirror.yml @@ -0,0 +1,111 @@ +- hosts: debian-mirror + remote_user: debian + become: yes + roles: + - role: sane_debian_system + - role: unix_users + - role: self-updating-system + - role: debian-mirror + tasks: + - name: "Install ewww" + apt: + name: + - curl + - ewww + - locales-all + - psmisc + - rsync + state: present + - name: "Create /srv/http" + file: + state: directory + path: /srv/http + owner: debmirror + group: debmirror + mode: 0755 + - name: "Create ewww config directory" + file: + state: directory + path: /etc/ewww + - name: "Install ewww config" + copy: + content: | + webroot: /srv/http + listen: "0.0.0.0:443" + tls_cert: /etc/ewww/tls.pem + tls_key: /etc/ewww/tls.key + dest: /etc/ewww/ewww.yaml + - name: "Install TLS cert" + copy: + content: | + -----BEGIN CERTIFICATE----- + MIICrzCCAZcCFFusxXoXXAVCzpfNK5VlnS8vFnY/MA0GCSqGSIb3DQEBCwUAMBQx + EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMTA3MjIwNzMzNThaFw0yMjA3MjIwNzMz + NThaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEP + ADCCAQoCggEBALhfy48gwIslLt5nCDSaPZeg52TwlZ8gWotnoprcv3cgTllDD/t7 + uLwRrYFJl2AheaNRP+ZOgXYzuS+pOz7YCdLg6bc1d8Dto69gQy848GnTtHINgy3Z + Ag0L5d2B8/PcpEagFe2z1cCDzxNxkhjWisb0Rm1AOJcNxQWvICw428wwWEr6SRiO + FHTht5UG0oClK88cJSwBnzNSS9Q30q42JfUmua1Dd0PS3FOMibtzMB9aBATeR4uH + pQ1qCGU197er0PVfxWYrm8LEyZFQHRviwiaLNMtMRQuOp2rDF3kV/aZuw+aUYqpk + zz+H3g0lxU3vYp/NmSRvC7y4HFxr7xlu6DECAwEAATANBgkqhkiG9w0BAQsFAAOC + AQEAgpZ0dd+W4v7P6uFZ3R4rbRrHUQEOlFFMUrkf6EyT9xeIk7XjO6+RYbVP6tWX + h4T9sEIFypAtR/47JEhFKYzncPBygUQfzXH5hW0JgviMQ8nNQz6NUJ5vPpeI4Tob + 7uipx46Lq6nF6h9DbMK/03M7ZeybEa+nknDtry5hKTVzi+xSkVQX1/xgOBY0hhUk + xcLCULujN2Lp262aP9hIuI/vaXo5HOh+BavsSauVUsRjScz/8Lgn+q4qRajcgnRa + WvK5nH/Ok4am5F9LDcwZOyUXrV+VB9CcbhnzinMuPwCdhPvMr+F7zQP9YXbOeOlP + NdZiSNvGZAbEnmMnNCEYMO3wVA== + -----END CERTIFICATE----- + dest: /etc/ewww/tls.pem + - name: "Install TLS key" + copy: + content: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEAuF/LjyDAiyUu3mcINJo9l6DnZPCVnyBai2eimty/dyBOWUMP + +3u4vBGtgUmXYCF5o1E/5k6BdjO5L6k7PtgJ0uDptzV3wO2jr2BDLzjwadO0cg2D + LdkCDQvl3YHz89ykRqAV7bPVwIPPE3GSGNaKxvRGbUA4lw3FBa8gLDjbzDBYSvpJ + GI4UdOG3lQbSgKUrzxwlLAGfM1JL1DfSrjYl9Sa5rUN3Q9LcU4yJu3MwH1oEBN5H + i4elDWoIZTX3t6vQ9V/FZiubwsTJkVAdG+LCJos0y0xFC46nasMXeRX9pm7D5pRi + qmTPP4feDSXFTe9in82ZJG8LvLgcXGvvGW7oMQIDAQABAoIBAQCTKyP441PNvahj + ripGkreHSNBrKf7EPbcIf3iz1HCgThE7/uPLAT68IAA2qt9BxHarfjdbRl7gUvkG + qja4OwncYdssemlUfluhqVz3XKPKVUo7n72N4yJX959L6GcpyHz4QuA+FMYSHSQ1 + iPntCZNMq79rhU+mgz85AkjUA66ulKzkFwYRL6oRJ+fxwYKTCcnRAUbUaihDXb5T + AV4wDPMKLse70KL42SPTrQFzTqguDlXzPlKvqOEi2lZkNkiMr8wdN/xZlzLre89K + EM/mczCnYnI17dkFrdF+9Wsr63o24H+vUQ3IWIDnVP+dgMXonvCz2Z8mawlb5tt7 + vuY4b9KBAoGBAOczO740Q/mDk2iQI4Kt+o1unRwz34AEge0hm7kVUb7g2iV9sqNU + PovFjIvfCpWTmxVj6NQHyHbKDUfnnYzrpYHuMu2mL5E/1w+WqO1xPgoS287Xs/0I + E6N/BozDW4kMgBID0U2qz0JBrDMDFlL/yoziec6kv8f8uvRlQKtSdVSFAoGBAMwm + uDCShE4RcCr0PgAhiCSllJF03AVbLioTqdXwiHbIVvu5XvUClgOuI0eUDzU0Dsco + eWVaMQYx2Gt26sPPE52duZQNZ8JOZVq8/eSoycxYBn+hxYsjWqR9VvAZ4UMQvQ9g + T8La/NJTmzGVqpSD6XA176umCmgB/oeEaNZvchq9AoGAUfmbdDxJ4b1iVc/Nl3ci + gGU49Zf65gQzISYqdbx2aIyHLIXeAgVLy/k2dR2XPiPA+BudoRhFXsETZmxcM2wW + GfSgQB0Nfp25HkDYEqB1U9MN9tAKdGwZsn3Gj8Bwwy4Ydsq9uqEWrbJlYQz2LGWf + psZiU/+cNEeK7j68aEJrcZUCgYAu7zvrVtP6CsJJ7csPRqZBHpwwcLhgtty/KbQj + DmChRl/REYYGOCj7AZ70xtJUPfqjyOdX6MtajD0gP7+rcsEkvG0833QaVOGyYb7R + Qgja5OXhk/SRj3g4VuSU4K5MN93vWgocVzJGvJfyZ2FHMaiKdqv6P3sm/EZjK4ra + udZ21QKBgQDXmMP5sPHBtpHyXybIHk+nJICOtsKAJklXA1msgCk8OqDyPXX3qh8e + 4vFU4tgRN1nBMmEG5ROTtING1dQ5+X3aqXOJIO+asE1FkQA1kUhFKg2OSo15liPI + cB5//DSHki2Mh1iZxPfZnvFYpEOl9pmedSJ4tlltzKQSY//6kGJ49g== + -----END RSA PRIVATE KEY----- + dest: /etc/ewww/tls.key + - name: "Enable and start ewww service" + systemd: + name: ewww + state: restarted + enabled: yes + daemon_reload: yes + vars: + ansible_python_interpreter: /usr/bin/python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: debian-mirror + sane_debian_system_codename: bullseye + sane_debian_system_mirror: deb.debian.org + sane_debian_system_sources_lists: + - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main + signing_key: "{{ ci_prod_signing_key }}" + + unix_users_version: 2 + unix_users: + - username: debmirror + - username: liw + comment: Lars Wirzenius diff --git a/ansible/maybe-someday/debmirror.yml b/ansible/maybe-someday/debmirror.yml new file mode 100644 index 0000000..8aa9831 --- /dev/null +++ b/ansible/maybe-someday/debmirror.yml @@ -0,0 +1,41 @@ +- hosts: debmirror + remote_user: root + roles: + - role: sane_debian_system + - role: comfortable-debian-system + - role: unix_users + - role: apache_server + tags: [apache] + - role: self-updating-system + - role: debian-mirror + tags: [mirror] + - role: mail-client + vars: + sane_debian_system_version: 0 + unix_users_version: 0 + + hostname: debmirror + debian_codename: buster + debian_mirror: deb.debian.org + + unix_users: + - username: liw + comment: Lars Wirzenius + sudo: yes + - username: debmirror + comment: Debian Mirror + + static_sites: + + - domain: debmirror + owner: debmirror + ownermail: liw@liw.fi + letsencrypt: no + + mailname: debmirror.liw.fi + timezone: Europe/Helsinki + + relayhost: pieni.net:587 + smarthost: pieni.net + smarthost_user: pienirelay + smarthost_password: "{{ lookup('pipe', 'pass show pieni.net/pienirelay') }}" diff --git a/ansible/maybe-someday/ewww-dev.yml b/ansible/maybe-someday/ewww-dev.yml new file mode 100644 index 0000000..4696bd2 --- /dev/null +++ b/ansible/maybe-someday/ewww-dev.yml @@ -0,0 +1,56 @@ +- hosts: ewww-dev + remote_user: debian + become: yes + roles: + - role: sane_debian_system + tags: [sane] + - role: sshd + tags: [sshd] + - role: comfortable-debian-system + tags: [comfy] + - role: unix_users + tags: [users] + - role: version-controller + tags: [vacs] + - role: liw + tags: [liw] + - role: rust-rustup + tags: [rustup] + tasks: + - apt: + name: + - debhelper + - build-essential + - daemonize + - git + - moreutils + - pkg-config + - python3 + - python3-requests + - python3-yaml + - subplot + - texlive-fonts-recommended + - texlive-latex-base + - texlive-latex-recommended + vars: + ansible_python_interpreter: python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: ewww-dev + sane_debian_system_codename: bullseye + + timezone: Europe/Helsinki + + unix_users_version: 2 + unix_users: + - username: debian + - username: liw + comment: Lars Wirzenius + sudo: yes + + sane_debian_system_sources_lists: + - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main + signing_key: "{{ ci_prod_signing_key }}" + + sshd_version: 1 + sshd_allow_authorized_keys: yes diff --git a/ansible/maybe-someday/ewww-test.yml b/ansible/maybe-someday/ewww-test.yml new file mode 100644 index 0000000..67b2123 --- /dev/null +++ b/ansible/maybe-someday/ewww-test.yml @@ -0,0 +1,118 @@ +- hosts: ewww-test + remote_user: debian + become: yes + roles: + - role: sane_debian_system + - role: sshd + tags: [sshd] + - role: unix_users + - role: self-updating-system + tasks: + - name: "Install ewww" + apt: + name: + - ewww + - psmisc + - curl + - rsync + state: present + - name: "Create /srv/http" + file: + state: directory + path: /srv/http + owner: _ewww + group: _ewww + mode: 0755 + - name: "Create ewww config directory" + file: + state: directory + path: /etc/ewww + - name: "Install ewww config" + copy: + content: | + webroot: /srv/http + listen: "0.0.0.0:443" + tls_cert: /etc/ewww/tls.pem + tls_key: /etc/ewww/tls.key + dest: /etc/ewww/ewww.yaml + - name: "Install TLS cert" + copy: + content: | + -----BEGIN CERTIFICATE----- + MIICrzCCAZcCFFusxXoXXAVCzpfNK5VlnS8vFnY/MA0GCSqGSIb3DQEBCwUAMBQx + EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMTA3MjIwNzMzNThaFw0yMjA3MjIwNzMz + NThaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEP + ADCCAQoCggEBALhfy48gwIslLt5nCDSaPZeg52TwlZ8gWotnoprcv3cgTllDD/t7 + uLwRrYFJl2AheaNRP+ZOgXYzuS+pOz7YCdLg6bc1d8Dto69gQy848GnTtHINgy3Z + Ag0L5d2B8/PcpEagFe2z1cCDzxNxkhjWisb0Rm1AOJcNxQWvICw428wwWEr6SRiO + FHTht5UG0oClK88cJSwBnzNSS9Q30q42JfUmua1Dd0PS3FOMibtzMB9aBATeR4uH + pQ1qCGU197er0PVfxWYrm8LEyZFQHRviwiaLNMtMRQuOp2rDF3kV/aZuw+aUYqpk + zz+H3g0lxU3vYp/NmSRvC7y4HFxr7xlu6DECAwEAATANBgkqhkiG9w0BAQsFAAOC + AQEAgpZ0dd+W4v7P6uFZ3R4rbRrHUQEOlFFMUrkf6EyT9xeIk7XjO6+RYbVP6tWX + h4T9sEIFypAtR/47JEhFKYzncPBygUQfzXH5hW0JgviMQ8nNQz6NUJ5vPpeI4Tob + 7uipx46Lq6nF6h9DbMK/03M7ZeybEa+nknDtry5hKTVzi+xSkVQX1/xgOBY0hhUk + xcLCULujN2Lp262aP9hIuI/vaXo5HOh+BavsSauVUsRjScz/8Lgn+q4qRajcgnRa + WvK5nH/Ok4am5F9LDcwZOyUXrV+VB9CcbhnzinMuPwCdhPvMr+F7zQP9YXbOeOlP + NdZiSNvGZAbEnmMnNCEYMO3wVA== + -----END CERTIFICATE----- + dest: /etc/ewww/tls.pem + - name: "Install TLS key" + copy: + content: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEAuF/LjyDAiyUu3mcINJo9l6DnZPCVnyBai2eimty/dyBOWUMP + +3u4vBGtgUmXYCF5o1E/5k6BdjO5L6k7PtgJ0uDptzV3wO2jr2BDLzjwadO0cg2D + LdkCDQvl3YHz89ykRqAV7bPVwIPPE3GSGNaKxvRGbUA4lw3FBa8gLDjbzDBYSvpJ + GI4UdOG3lQbSgKUrzxwlLAGfM1JL1DfSrjYl9Sa5rUN3Q9LcU4yJu3MwH1oEBN5H + i4elDWoIZTX3t6vQ9V/FZiubwsTJkVAdG+LCJos0y0xFC46nasMXeRX9pm7D5pRi + qmTPP4feDSXFTe9in82ZJG8LvLgcXGvvGW7oMQIDAQABAoIBAQCTKyP441PNvahj + ripGkreHSNBrKf7EPbcIf3iz1HCgThE7/uPLAT68IAA2qt9BxHarfjdbRl7gUvkG + qja4OwncYdssemlUfluhqVz3XKPKVUo7n72N4yJX959L6GcpyHz4QuA+FMYSHSQ1 + iPntCZNMq79rhU+mgz85AkjUA66ulKzkFwYRL6oRJ+fxwYKTCcnRAUbUaihDXb5T + AV4wDPMKLse70KL42SPTrQFzTqguDlXzPlKvqOEi2lZkNkiMr8wdN/xZlzLre89K + EM/mczCnYnI17dkFrdF+9Wsr63o24H+vUQ3IWIDnVP+dgMXonvCz2Z8mawlb5tt7 + vuY4b9KBAoGBAOczO740Q/mDk2iQI4Kt+o1unRwz34AEge0hm7kVUb7g2iV9sqNU + PovFjIvfCpWTmxVj6NQHyHbKDUfnnYzrpYHuMu2mL5E/1w+WqO1xPgoS287Xs/0I + E6N/BozDW4kMgBID0U2qz0JBrDMDFlL/yoziec6kv8f8uvRlQKtSdVSFAoGBAMwm + uDCShE4RcCr0PgAhiCSllJF03AVbLioTqdXwiHbIVvu5XvUClgOuI0eUDzU0Dsco + eWVaMQYx2Gt26sPPE52duZQNZ8JOZVq8/eSoycxYBn+hxYsjWqR9VvAZ4UMQvQ9g + T8La/NJTmzGVqpSD6XA176umCmgB/oeEaNZvchq9AoGAUfmbdDxJ4b1iVc/Nl3ci + gGU49Zf65gQzISYqdbx2aIyHLIXeAgVLy/k2dR2XPiPA+BudoRhFXsETZmxcM2wW + GfSgQB0Nfp25HkDYEqB1U9MN9tAKdGwZsn3Gj8Bwwy4Ydsq9uqEWrbJlYQz2LGWf + psZiU/+cNEeK7j68aEJrcZUCgYAu7zvrVtP6CsJJ7csPRqZBHpwwcLhgtty/KbQj + DmChRl/REYYGOCj7AZ70xtJUPfqjyOdX6MtajD0gP7+rcsEkvG0833QaVOGyYb7R + Qgja5OXhk/SRj3g4VuSU4K5MN93vWgocVzJGvJfyZ2FHMaiKdqv6P3sm/EZjK4ra + udZ21QKBgQDXmMP5sPHBtpHyXybIHk+nJICOtsKAJklXA1msgCk8OqDyPXX3qh8e + 4vFU4tgRN1nBMmEG5ROTtING1dQ5+X3aqXOJIO+asE1FkQA1kUhFKg2OSo15liPI + cB5//DSHki2Mh1iZxPfZnvFYpEOl9pmedSJ4tlltzKQSY//6kGJ49g== + -----END RSA PRIVATE KEY----- + dest: /etc/ewww/tls.key + - name: "Enable and start ewww service" + systemd: + name: ewww + state: restarted + enabled: yes + daemon_reload: yes + - name: "Add content file" + copy: + content: | + <html><body>Hello, World!</body></html> + dest: /srv/http/index.html + vars: + ansible_python_interpreter: /usr/bin/python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: ewww-test + sane_debian_system_codename: bullseye + sane_debian_system_mirror: deb.debian.org + sane_debian_system_sources_lists: + - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main + signing_key: "{{ ci_prod_signing_key }}" + + unix_users_version: 2 + unix_users: + - username: _ewww + comment: Static web site content + + sshd_version: 1 + sshd_allow_authorized_keys: yes diff --git a/ansible/maybe-someday/jt-dev.yml b/ansible/maybe-someday/jt-dev.yml new file mode 100644 index 0000000..ccb405b --- /dev/null +++ b/ansible/maybe-someday/jt-dev.yml @@ -0,0 +1,50 @@ +- hosts: jt-dev + remote_user: debian + become: yes + roles: + - role: sane_debian_system + tags: [sane] + - role: sshd + tags: [sshd] + - role: comfortable-debian-system + tags: [comfy] + - role: unix_users + tags: [users] + - role: version-controller + tags: [vacs] + - role: liw + tags: [liw] + - role: rust-rustup + tags: [rustup] + tasks: + - apt: + name: + - black + - build-essential + - jq + - moreutils + - python3 + - subplot + - texlive-fonts-recommended + - texlive-latex-base + - texlive-latex-recommended + vars: + ansible_python_interpreter: python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: jt-dev + sane_debian_system_codename: bullseye + + timezone: Europe/Helsinki + + unix_users_version: 2 + unix_users: + - username: liw + comment: Lars Wirzenius + + sane_debian_system_sources_lists: + - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main + signing_key: "{{ ci_prod_signing_key }}" + + sshd_version: 1 + sshd_allow_authorized_keys: yes diff --git a/ansible/maybe-someday/letest-letest.vm.liw.fi.yml b/ansible/maybe-someday/letest-letest.vm.liw.fi.yml new file mode 100644 index 0000000..c9555dc --- /dev/null +++ b/ansible/maybe-someday/letest-letest.vm.liw.fi.yml @@ -0,0 +1,20 @@ +- hosts: letest + remote_user: root + roles: +# - sane_debian_system +# - comfortable-debian-system +# - self-updating-system + - letest + vars: + sane_debian_system_version: 2 + unix_users_version: 1 + + hostname: letest + debian_codename: buster + debian_mirror: deb.debian.org + + unix_users: + - username: liw + comment: Lars Wirzenius + authorized_keys: | + {{ liw_personal_ssh_pub }} diff --git a/ansible/maybe-someday/openpgp-ca-dev.yml b/ansible/maybe-someday/openpgp-ca-dev.yml new file mode 100644 index 0000000..38818e1 --- /dev/null +++ b/ansible/maybe-someday/openpgp-ca-dev.yml @@ -0,0 +1,47 @@ +- hosts: openpgp-ca-dev + remote_user: debian + become: yes + roles: + - role: sane_debian_system + tags: [sane] + - role: sshd + tags: [sshd] + - role: version-controller + tags: [vcs] + - role: unix_users + tags: [users] + - role: rust-rustup + tags: [rustup] + - role: liw + tags: [liw] + + tasks: + - apt: + name: + - build-essential + - capnproto + - clang + - debhelper + - libclang-dev + - libsqlite3-dev + - libssl-dev + - llvm + - locales-all + - moreutils + - nettle-dev + - pkg-config + vars: + ansible_python_interpreter: /usr/bin/python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: openpgp-ca-dev + sane_debian_system_codename: bullseye + sane_debian_system_timezone: Europe/Helsinki + + unix_users_version: 2 + unix_users: + - username: liw + comment: Lars Wirzenius + + sshd_version: 1 + sshd_allow_authorized_keys: yes diff --git a/ansible/maybe-someday/openpgp-card-dev.yml b/ansible/maybe-someday/openpgp-card-dev.yml new file mode 100644 index 0000000..3633b68 --- /dev/null +++ b/ansible/maybe-someday/openpgp-card-dev.yml @@ -0,0 +1,55 @@ +- hosts: openpgp-card-dev + remote_user: debian + become: yes + roles: + - role: sane_debian_system + tags: [sane] + - role: sshd + tags: [sshd] + - role: version-controller + tags: [vcs] + - role: unix_users + tags: [users] + - role: rust-rustup + tags: [rustup] + - role: liw + tags: [liw] + + tasks: + - apt: + name: + - build-essential + - debhelper + - docker.io + - libclang-dev + - libpcsclite-dev + - lintian + - moreutils + - nettle-dev + - ntp + - pkg-config + - psmisc + - subplot + - user: + name: liw + groups: + - docker + vars: + ansible_python_interpreter: /usr/bin/python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: "{{ inventory_hostname }}" + sane_debian_system_codename: bullseye + sane_debian_system_timezone: Europe/Helsinki + + sane_debian_system_sources_lists: + - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main + signing_key: "{{ ci_prod_signing_key }}" + + unix_users_version: 2 + unix_users: + - username: liw + comment: Lars Wirzenius + + sshd_version: 1 + sshd_allow_authorized_keys: yes diff --git a/ansible/maybe-someday/python-mess.yml b/ansible/maybe-someday/python-mess.yml new file mode 100644 index 0000000..3cbdc91 --- /dev/null +++ b/ansible/maybe-someday/python-mess.yml @@ -0,0 +1,41 @@ +- hosts: python-mess + remote_user: debian + become: yes + roles: + - role: sane_debian_system + tags: [sane] + - role: sshd + tags: [sshd] + - role: comfortable-debian-system + tags: [comfy] + - role: unix_users + tags: [users] + - role: version-controller + tags: [vcs] + - role: emacs + tags: [emacs] + - role: liw + tags: [liw] + tasks: + - apt: + name: + - build-essential + - python3-all + - python3-pip + vars: + ansible_python_interpreter: python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: python-mess + sane_debian_system_codename: bullseye + + timezone: Europe/Helsinki + + unix_users_version: 2 + unix_users: + - username: liw + comment: Lars Wirzenius + sudo: yes + + sshd_version: 1 + sshd_allow_authorized_keys: yes diff --git a/ansible/maybe-someday/roadmap-dev.yml b/ansible/maybe-someday/roadmap-dev.yml new file mode 100644 index 0000000..0842792 --- /dev/null +++ b/ansible/maybe-someday/roadmap-dev.yml @@ -0,0 +1,45 @@ +- hosts: roadmap-dev + remote_user: debian + become: yes + roles: + - role: sane_debian_system + tags: [sane] + - role: sshd + tags: [sshd] + - role: comfortable-debian-system + tags: [comfy] + - role: unix_users + tags: [users] + - role: version-controller + tags: [vacs] + - role: liw + tags: [liw] + - role: rust-rustup + tags: [rustup] + tasks: + - apt: + name: + - debhelper + - build-essential + - git + - moreutils + - python3 + - python3-requests + - python3-yaml + vars: + ansible_python_interpreter: python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: roadmap-dev + sane_debian_system_codename: bullseye + + timezone: Europe/Helsinki + + unix_users_version: 2 + unix_users: + - username: liw + comment: Lars Wirzenius + sudo: yes + + sshd_version: 1 + sshd_allow_authorized_keys: yes diff --git a/ansible/maybe-someday/ssh-dev.yml b/ansible/maybe-someday/ssh-dev.yml new file mode 100644 index 0000000..3b05e70 --- /dev/null +++ b/ansible/maybe-someday/ssh-dev.yml @@ -0,0 +1,22 @@ +- hosts: ssh-dev + remote_user: debian + become: yes + roles: + - role: sane_debian_system + - role: sshd + tags: [sshd] + - role: unix_users + vars: + ansible_python_interpreter: /usr/bin/python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: "{{ inventory_hostname }}" + sane_debian_system_codename: bullseye + sane_debian_system_mirror: deb.debian.org + + unix_users_version: 2 + unix_users: + - username: liw + + sshd_version: 1 + sshd_allow_authorized_keys: yes |