feat: replace options with a YAML specification file

Files can be kept in git. Command line invocation are less convenient.

Also: discard all the drives, allow extra LVs to be created, and
refactor the code to be easier to follow.

Sponsored-by: author

1 files changed, 10 insertions, 58 deletions

diff --git a/std.yml b/std.yml
index 75aca0d..cb62c82 100644
--- a/std.yml
+++ b/std.yml
@@ -1,4 +1,7 @@
 # Ansible playbook to install stuff for a standard install with v-i.
+# You should inspect the user_* variables at the end, and override
+# them with "ansible_vars" in the system spec file. v-i sets the
+# hostname variable automatically.
 
 - hosts: image
   tasks:
@@ -8,11 +11,6 @@
           {{ hostname }}
         dest: /etc/hostname
 
-    - name: "remove root password"
-      shell: |
-        # passwd -l root
-        sed -i '/^root:[^:]*:/root::/' /etc/passwd
-
     - name: "create ~root/.ssh"
       file:
         state: directory
@@ -57,19 +55,10 @@
           {{ user_locale }}
         dest: /etc/profile.d/finnish.sh
 
-    - name: "configure Ethernet networking"
-      copy:
-        content: |
-          auto eth0
-          iface eth0 inet dhcp
-          iface eth0 inet6 auto
-        dest: /etc/network/interfaces.d/wired
-
-    # - name: "restrict root logins over ssh"
-    #   lineinfile:
-    #     path: /etc/ssh/sshd_config
-    #     regex: "#* *PasswordAuthentication"
-    #     line: "PasswordAuthentication no"
+    - name: "remove ifupdown"
+      apt:
+        name: ifupdown
+        state: absent
 
     - name: "configure networkd"
       copy:
@@ -81,54 +70,17 @@
           DHCP=yes
         dest: /etc/systemd/network/external.network
 
-    - name: "remove ifupdown"
-      apt:
-        name: ifupdown
-        state: absent
-
     - name: "enable networkd"
       systemd:
         name: systemd-networkd
         enabled: yes
 
   vars:
-    hostname: v-i
-    user_pub: |
-      ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQe6lsTapAxiwhhEeE/ixuK+5N8esCsMWoekQqjtxjP liw personal systems
+    ansible_python_interpreter: /usr/bin/python3
+
+    # You may want to override these.
     user_locale: |
       LC_CTYPE=fi_FI.UTF8
     user_keyboard_model: pc105
     user_keyboard_layout: fi
     user_console_codeset: Lat15
-
-    ansible_python_interpreter: /usr/bin/python3
-    ci_prod_signing_key: |
-        -----BEGIN PGP PUBLIC KEY BLOCK-----
-
-        mQINBFrLO7kBEADdz6mHstYmKU5Dp6OSjxWtWaqTDOX1sJdmmaIK/9EKVIH0Maxp
-        5kvVO5G6mULLAjv/kLG0MxasHPrq8I2A/y8AqKAGVL8QelwLjQMIFZ30/VbGQPHS
-        +T5TZXEnoQtNce1GUhFwJ38ZyjjwHBFV9tSec7rZ2Q3YeM3nNnGPf6DacXGfEOPO
-        HIN4sXAN2hzNXNjKRzTIvxQseb6nr7afUh/SlZ3yhQOCrIzmYlD7tP9WJe7ofL0p
-        JY4pDQYw8rT6nC2BE/ioemh84kERCT1vCe+OVFlSRuMlqfEv+ZpKQ+itOmPDQ/lM
-        jpUm1K2hrW/lWpxT/ZxHKo/w1K36J5WshgMZxfUu5BMCL9LMqMcrXNhNjDMfxDMM
-        3yBPOvQ4ls6fecOZ/bsFo1p8VzMk/w/eG8vPs5yuNa5XxN95yFMXoOHGb5Xbu8D4
-        6yiW+Af70LbiSNpGdmNdneiGB2fY38NxBukPw5u3S5qG8HedSmMr1RvSr5kHoAAe
-        UbOY+BYaaKsTAT7+1skUW1o3FJSqoRKCHAzTsMWC6zzhR8hRn7jVrrguH1hGbqq5
-        TZSCFQZExuTJ7uXrTLG0WoBXIjB5wWNcSeXn8myUWYB51nJNF4tJBouZOz9JwWGl
-        kiAQkrHnBttLQWdW9FyjbIoTZMtpvVx+m6ObGTGdGL1cNlLAvWprMXGc+QARAQAB
-        tDJJY2sgQVBUIHJlcG9zaXRvcnkgc2lnbmluZyBrZXkgKDIwMTgpIDxsaXdAbGl3
-        LmZpPokCTgQTAQgAOBYhBKL1uyDoXyxUH3O717Wr+TZVS6PGBQJayzu5AhsDBQsJ
-        CAcCBhUICQoLAgQWAgMBAh4BAheAAAoJELWr+TZVS6PGB5QQANTcikhRUHwt9N4h
-        dGc/Hp6CbqdshMoWlwpFskttoVDxQG5OAobuZl5XyzGcmja1lT85RGkZFfbca0IZ
-        LnXOLLSAu51QBkXNaj4OhjK/0uQ+ITrvL6RQSXNgHiUTR/W2XD1GIUq6nBqe2GSN
-        31S1baYKKVj5QIMsi7Dq8ls3BBXuPCE+xTSaNmGWjes2t9pPidcRvxsksCLY1qgw
-        P1GFXBeMkBQ29kBP87SUL15SIk7OiQLlEURCy5iRls5rt/YEsdEpRWIb0Tm5Nrjv
-        2M3VM+iBhfNXTwj0rJ34mlycF1qQmA7YcTEobT7z587GPY0VWzBpQUnEQj7rQWPM
-        cDYY0b+I6kQ8VKOaL4wVAtE98d7HzFIrIrwhTKufnrWrVDPYsmLZ+LPC1jiF7JBD
-        SR6Vftb+SdDR9xoE1yRuXbC6IfoW+5/qQNrdQ2mm9BFw5jOonBqchs18HTTf3441
-        6SWwP9fY3Vi+IZphPPi0Gf85oMStgnv/Wnw6LacEL32ek39Desero/D8iGLZernK
-        Q2mC9mua5A/bYGVhsNWyURNFkKdbFa+/wW3NfdKYyZnsSfo+jJ2luNewrhAY7Kod
-        GWXTer9RxzTGA3EXFGvNr+BBOOxSj0SfWTl0Olo7J5dnxof+jLAUS1VHpceHGHps
-        GSJSdir7NkZidgwoCPA7BTqsb5LN
-        =dXB0
-        -----END PGP PUBLIC KEY BLOCK-----