diff options
author | Lars Wirzenius <liw@liw.fi> | 2022-01-09 13:35:40 +0200 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2022-01-10 10:20:34 +0200 |
commit | 087b65ebe2e81ed51f1796a999d06485bb84a712 (patch) | |
tree | 69265b035b893d697b3597a8e2c5de980ea08e61 /std.yml | |
parent | 949822c2f2ec0b7fbbf7969c2868435f189aae93 (diff) | |
download | v-i-087b65ebe2e81ed51f1796a999d06485bb84a712.tar.gz |
feat: replace options with a YAML specification file
Files can be kept in git. Command line invocation are less convenient.
Also: discard all the drives, allow extra LVs to be created, and
refactor the code to be easier to follow.
Sponsored-by: author
Diffstat (limited to 'std.yml')
-rw-r--r-- | std.yml | 68 |
1 files changed, 10 insertions, 58 deletions
@@ -1,4 +1,7 @@ # Ansible playbook to install stuff for a standard install with v-i. +# You should inspect the user_* variables at the end, and override +# them with "ansible_vars" in the system spec file. v-i sets the +# hostname variable automatically. - hosts: image tasks: @@ -8,11 +11,6 @@ {{ hostname }} dest: /etc/hostname - - name: "remove root password" - shell: | - # passwd -l root - sed -i '/^root:[^:]*:/root::/' /etc/passwd - - name: "create ~root/.ssh" file: state: directory @@ -57,19 +55,10 @@ {{ user_locale }} dest: /etc/profile.d/finnish.sh - - name: "configure Ethernet networking" - copy: - content: | - auto eth0 - iface eth0 inet dhcp - iface eth0 inet6 auto - dest: /etc/network/interfaces.d/wired - - # - name: "restrict root logins over ssh" - # lineinfile: - # path: /etc/ssh/sshd_config - # regex: "#* *PasswordAuthentication" - # line: "PasswordAuthentication no" + - name: "remove ifupdown" + apt: + name: ifupdown + state: absent - name: "configure networkd" copy: @@ -81,54 +70,17 @@ DHCP=yes dest: /etc/systemd/network/external.network - - name: "remove ifupdown" - apt: - name: ifupdown - state: absent - - name: "enable networkd" systemd: name: systemd-networkd enabled: yes vars: - hostname: v-i - user_pub: | - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQe6lsTapAxiwhhEeE/ixuK+5N8esCsMWoekQqjtxjP liw personal systems + ansible_python_interpreter: /usr/bin/python3 + + # You may want to override these. user_locale: | LC_CTYPE=fi_FI.UTF8 user_keyboard_model: pc105 user_keyboard_layout: fi user_console_codeset: Lat15 - - ansible_python_interpreter: /usr/bin/python3 - ci_prod_signing_key: | - -----BEGIN PGP PUBLIC KEY BLOCK----- - - mQINBFrLO7kBEADdz6mHstYmKU5Dp6OSjxWtWaqTDOX1sJdmmaIK/9EKVIH0Maxp - 5kvVO5G6mULLAjv/kLG0MxasHPrq8I2A/y8AqKAGVL8QelwLjQMIFZ30/VbGQPHS - +T5TZXEnoQtNce1GUhFwJ38ZyjjwHBFV9tSec7rZ2Q3YeM3nNnGPf6DacXGfEOPO - HIN4sXAN2hzNXNjKRzTIvxQseb6nr7afUh/SlZ3yhQOCrIzmYlD7tP9WJe7ofL0p - JY4pDQYw8rT6nC2BE/ioemh84kERCT1vCe+OVFlSRuMlqfEv+ZpKQ+itOmPDQ/lM - jpUm1K2hrW/lWpxT/ZxHKo/w1K36J5WshgMZxfUu5BMCL9LMqMcrXNhNjDMfxDMM - 3yBPOvQ4ls6fecOZ/bsFo1p8VzMk/w/eG8vPs5yuNa5XxN95yFMXoOHGb5Xbu8D4 - 6yiW+Af70LbiSNpGdmNdneiGB2fY38NxBukPw5u3S5qG8HedSmMr1RvSr5kHoAAe - UbOY+BYaaKsTAT7+1skUW1o3FJSqoRKCHAzTsMWC6zzhR8hRn7jVrrguH1hGbqq5 - TZSCFQZExuTJ7uXrTLG0WoBXIjB5wWNcSeXn8myUWYB51nJNF4tJBouZOz9JwWGl - kiAQkrHnBttLQWdW9FyjbIoTZMtpvVx+m6ObGTGdGL1cNlLAvWprMXGc+QARAQAB - tDJJY2sgQVBUIHJlcG9zaXRvcnkgc2lnbmluZyBrZXkgKDIwMTgpIDxsaXdAbGl3 - LmZpPokCTgQTAQgAOBYhBKL1uyDoXyxUH3O717Wr+TZVS6PGBQJayzu5AhsDBQsJ - CAcCBhUICQoLAgQWAgMBAh4BAheAAAoJELWr+TZVS6PGB5QQANTcikhRUHwt9N4h - dGc/Hp6CbqdshMoWlwpFskttoVDxQG5OAobuZl5XyzGcmja1lT85RGkZFfbca0IZ - LnXOLLSAu51QBkXNaj4OhjK/0uQ+ITrvL6RQSXNgHiUTR/W2XD1GIUq6nBqe2GSN - 31S1baYKKVj5QIMsi7Dq8ls3BBXuPCE+xTSaNmGWjes2t9pPidcRvxsksCLY1qgw - P1GFXBeMkBQ29kBP87SUL15SIk7OiQLlEURCy5iRls5rt/YEsdEpRWIb0Tm5Nrjv - 2M3VM+iBhfNXTwj0rJ34mlycF1qQmA7YcTEobT7z587GPY0VWzBpQUnEQj7rQWPM - cDYY0b+I6kQ8VKOaL4wVAtE98d7HzFIrIrwhTKufnrWrVDPYsmLZ+LPC1jiF7JBD - SR6Vftb+SdDR9xoE1yRuXbC6IfoW+5/qQNrdQ2mm9BFw5jOonBqchs18HTTf3441 - 6SWwP9fY3Vi+IZphPPi0Gf85oMStgnv/Wnw6LacEL32ek39Desero/D8iGLZernK - Q2mC9mua5A/bYGVhsNWyURNFkKdbFa+/wW3NfdKYyZnsSfo+jJ2luNewrhAY7Kod - GWXTer9RxzTGA3EXFGvNr+BBOOxSj0SfWTl0Olo7J5dnxof+jLAUS1VHpceHGHps - GSJSdir7NkZidgwoCPA7BTqsb5LN - =dXB0 - -----END PGP PUBLIC KEY BLOCK----- |