- hosts: icktool remote_user: root roles: - role: sane_debian_system - role: unix_users tasks: - name: "install git and Ick" apt: state: present name: - git - moreutils - psmisc - ick2 - jq - name: "clone liw-ci" shell: | if ! [ -e /home/liw/liw-ci ] then sudo -i -u liw git clone git://git.liw.fi/liw-ci fi - name: "install ick-statut" copy: content: | #!/bin/bash set -euo pipefail icktool status | grep -v -e "done" -e "dummy-" dest: /home/liw/ick-status owner: liw group: liw mode: 0755 - name: "create ~/.config/icktool" file: state: directory path: /home/liw/.config/icktool owner: liw group: liw - name: "install icktool config" copy: content: | config: controller: https://ci-prod-controller.vm.liw.fi dest: /home/liw/.config/icktool/icktool.yaml owner: liw group: liw mode: 0644 - name: "install icktool credentials" copy: content: | [https://ci-prod-controller.vm.liw.fi/token] client_id = liw client_secret = {{ lookup('pipe', 'pass ick2/admin_secret') }} dest: /home/liw/.config/icktool/credentials.conf owner: liw group: liw mode: 0600 vars: ansible_python_interpreter: /usr/bin/python3 sane_debian_system_version: 2 sane_debian_system_hostname: icktool sane_debian_system_codename: buster sane_debian_system_sources_lists: - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main signing_key: "{{ ci_prod_signing_key }}" unix_users_version: 2 unix_users: - username: liw comment: Lars Wirzenius sudo: true ssh_key: | {{ lookup('pipe', 'pass show ssh/liw@mirror-git') }} ssh_key_pub: | {{ lookup('pipe', 'pass show ssh/liw@mirror-git.pub') }}