ansible/ambient-driver.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103

- hosts: ambient-driver
  remote_user: debian
  become: yes
  roles:
    - role: sane_debian_system
    - role: sshd
    - role: comfortable-debian-system
    - role: unix_users
    - role: liw
    - role: rust-rustup
  tasks:
    - apt:
        name:
          - ambient-driver
          - build-essential
          - cpu-checker
          - dput
          - qemu-system-x86
          - qemu-utils
    - file:
        state: directory
        path: /home/liw/.config/ambient-driver
        owner: liw
        group: liw
    - file:
        state: directory
        path: /home/liw/images
        owner: liw
        group: liw
    - copy:
        content: |
          tmpdir: /tmp
          log: ~/log
          run_ci: /usr/bin/run-ci
          cpus: 12
          memory: 25769803776
          cache_max_size: 536870912000
          dput_target: apt.liw.fi
        dest: /home/liw/.config/ambient-driver/config.yaml
    - copy:
        content: |
          [apt.liw.fi]
          login = incoming
          fqdn = apt.liw.fi
          method = scp
          incoming = /srv/apt/incoming
          allow_unsigned_uploads = 1
          check_version = 0
          run_dinstall = 0
        dest: /home/liw/.dput.cf
        owner: liw
        group: liw
    - copy:
        content: |
          {{ lookup('pipe', 'pass ambient-driver-apt/key') }}
        dest: /home/liw/.ssh/id_ed25519
        owner: liw
        group: liw
        mode: 0600
    - copy:
        content: |
          {{ lookup('pipe', 'pass ambient-driver-apt/key.pub') }}
        dest: /home/liw/.ssh/id_ed25519.pub
        owner: liw
        group: liw
    - copy:
        content: |
          ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIDiOutT7werZw3x8Yro1UgQJcHV1Z96nuz4PU5P5EiA7AAAAIPyTjl4aj32Gwp5vqvuOx+0hlvDqSh419PbuzSwjXT+EAAAAAAAAAAAAAAABAAAAJ2NlcnRpZmljYXRlIGZvciB1c2VyIGluY29taW5nLF9ld3d3LGxpdwAAABwAAAAIaW5jb21pbmcAAAAFX2V3d3cAAAADbGl3AAAAAGYaL1AAAAAAZpDWkQAAAAAAAACCAAAAFXBlcm1pdC1YMTEtZm9yd2FyZGluZwAAAAAAAAAXcGVybWl0LWFnZW50LWZvcndhcmRpbmcAAAAAAAAAFnBlcm1pdC1wb3J0LWZvcndhcmRpbmcAAAAAAAAACnBlcm1pdC1wdHkAAAAAAAAADnBlcm1pdC11c2VyLXJjAAAAAAAAAAAAAABKAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAINjZEn0qxuBORhdR9bB48Sk3dRz4Kxxo4S7dDiqssQPXAAAABHNzaDoAAABnAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAQAY9oziUwJJWaoFt48RnuinJgTkQ8xJ8sPVG+VIqdVYQ5By6Vv4ukOtLiQpQc+ykBFhzrYrEHVRHsiQWcX1wuQ0BAAAhIA== liw@tursas
        dest: /home/liw/.ssh/id_ed25519-cert.pub
        owner: liw
        group: liw
    - copy:
        content: |
          Host *
              IdentityFile ~/.ssh/id_ed25519
              PasswordAuthentication no
              IdentitiesOnly yes
        dest: /home/liw/.ssh/config
        owner: liw
        group: liw
  vars:
    ansible_python_interpreter: python3

    sane_debian_system_version: 2
    sane_debian_system_hostname: "{{ inventory_hostname }}"
    sane_debian_system_codename: bookworm

    timezone: Europe/Helsinki

    unix_users_version: 2
    unix_users:
      - username: liw
        comment: Lars Wirzenius
        groups:
          - kvm
        sudo: yes

    sane_debian_system_sources_lists:
      - repo: deb http://apt.liw.fi/debian unstable main
        signing_key: "{{ apt_liw_fi_signing_key }}"

    sshd_version: 1