diff options
author | Lars Wirzenius <liw@liw.fi> | 2022-01-07 15:06:29 +0200 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2022-01-07 18:52:02 +0200 |
commit | 2c3f88259122323eb73eb40f4dec9d66483d926c (patch) | |
tree | ca22c3b0740bb2db51f1775d80dec57b7317140f /std.yml | |
parent | 79dd4f5367ca66df6c2c56b751b4582554e39032 (diff) | |
download | v-i-2c3f88259122323eb73eb40f4dec9d66483d926c.tar.gz |
feat: make v-i script support my standard base install
Also, put as many packages as possible inside the cached portion, for speed.
Sponsored-by: author
Diffstat (limited to 'std.yml')
-rw-r--r-- | std.yml | 113 |
1 files changed, 113 insertions, 0 deletions
@@ -0,0 +1,113 @@ +# Ansible playbook to install stuff for a standard install with v-i. + +- hosts: image + tasks: + - name: "set /etc/hostname" + copy: + content: | + {{ hostname }} + dest: /etc/hostname + + - name: "disable root password" + shell: | + passwd -l root + + - name: "create ~root/.ssh" + file: + state: directory + path: /root/.ssh + owner: root + group: root + mode: 0700 + + - name: "set ~root/.ssh/authorized keys" + copy: + content: | + {{ user_pub }} + dest: /root/.ssh/authorized_keys + owner: root + group: root + mode: 0600 + + - name: "configure keyboard layout" + copy: + content: | + XKBMODEL="{{ user_keyboard_model }}" + XKBLAYOUT="{{ user_keyboard_layout }}" + XKBVARIANT="" + XKBOPTIONS="" + BACKSPACE="guess" + dest: /etc/default/keyboard + + - name: "configure console" + copy: + content: | + ACTIVE_CONSOLES="/dev/tty[1-6]" + CHARMAP="UTF-8" + CODESET="{{ user_console_codeset }}" + FONTFACE="Fixed" + FONTSIZE="8x16" + VIDEOMODE= + dest: /etc/default/console-setup + + - name: "set default locales for all users" + copy: + content: | + {{ user_locale }} + dest: /etc/profile.d/finnish.sh + + - name: "configure Ethernet networking" + copy: + content: | + auto eth0 + iface eth0 inet dhcp + iface eth0 inet6 auto + dest: /etc/network/interfaces.d/wired + + # - name: "restrict root logins over ssh" + # lineinfile: + # path: /etc/ssh/sshd_config + # regex: "#* *PasswordAuthentication" + # line: "PasswordAuthentication no" + + vars: + hostname: v-i + user_pub: | + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQe6lsTapAxiwhhEeE/ixuK+5N8esCsMWoekQqjtxjP liw personal systems + user_locale: | + LC_CTYPE=fi_FI.UTF8 + user_keyboard_model: pc105 + user_keyboard_layout: fi + user_console_codeset: Lat15 + + ansible_python_interpreter: /usr/bin/python3 + ci_prod_signing_key: | + -----BEGIN PGP PUBLIC KEY BLOCK----- + + mQINBFrLO7kBEADdz6mHstYmKU5Dp6OSjxWtWaqTDOX1sJdmmaIK/9EKVIH0Maxp + 5kvVO5G6mULLAjv/kLG0MxasHPrq8I2A/y8AqKAGVL8QelwLjQMIFZ30/VbGQPHS + +T5TZXEnoQtNce1GUhFwJ38ZyjjwHBFV9tSec7rZ2Q3YeM3nNnGPf6DacXGfEOPO + HIN4sXAN2hzNXNjKRzTIvxQseb6nr7afUh/SlZ3yhQOCrIzmYlD7tP9WJe7ofL0p + JY4pDQYw8rT6nC2BE/ioemh84kERCT1vCe+OVFlSRuMlqfEv+ZpKQ+itOmPDQ/lM + jpUm1K2hrW/lWpxT/ZxHKo/w1K36J5WshgMZxfUu5BMCL9LMqMcrXNhNjDMfxDMM + 3yBPOvQ4ls6fecOZ/bsFo1p8VzMk/w/eG8vPs5yuNa5XxN95yFMXoOHGb5Xbu8D4 + 6yiW+Af70LbiSNpGdmNdneiGB2fY38NxBukPw5u3S5qG8HedSmMr1RvSr5kHoAAe + UbOY+BYaaKsTAT7+1skUW1o3FJSqoRKCHAzTsMWC6zzhR8hRn7jVrrguH1hGbqq5 + TZSCFQZExuTJ7uXrTLG0WoBXIjB5wWNcSeXn8myUWYB51nJNF4tJBouZOz9JwWGl + kiAQkrHnBttLQWdW9FyjbIoTZMtpvVx+m6ObGTGdGL1cNlLAvWprMXGc+QARAQAB + tDJJY2sgQVBUIHJlcG9zaXRvcnkgc2lnbmluZyBrZXkgKDIwMTgpIDxsaXdAbGl3 + LmZpPokCTgQTAQgAOBYhBKL1uyDoXyxUH3O717Wr+TZVS6PGBQJayzu5AhsDBQsJ + CAcCBhUICQoLAgQWAgMBAh4BAheAAAoJELWr+TZVS6PGB5QQANTcikhRUHwt9N4h + dGc/Hp6CbqdshMoWlwpFskttoVDxQG5OAobuZl5XyzGcmja1lT85RGkZFfbca0IZ + LnXOLLSAu51QBkXNaj4OhjK/0uQ+ITrvL6RQSXNgHiUTR/W2XD1GIUq6nBqe2GSN + 31S1baYKKVj5QIMsi7Dq8ls3BBXuPCE+xTSaNmGWjes2t9pPidcRvxsksCLY1qgw + P1GFXBeMkBQ29kBP87SUL15SIk7OiQLlEURCy5iRls5rt/YEsdEpRWIb0Tm5Nrjv + 2M3VM+iBhfNXTwj0rJ34mlycF1qQmA7YcTEobT7z587GPY0VWzBpQUnEQj7rQWPM + cDYY0b+I6kQ8VKOaL4wVAtE98d7HzFIrIrwhTKufnrWrVDPYsmLZ+LPC1jiF7JBD + SR6Vftb+SdDR9xoE1yRuXbC6IfoW+5/qQNrdQ2mm9BFw5jOonBqchs18HTTf3441 + 6SWwP9fY3Vi+IZphPPi0Gf85oMStgnv/Wnw6LacEL32ek39Desero/D8iGLZernK + Q2mC9mua5A/bYGVhsNWyURNFkKdbFa+/wW3NfdKYyZnsSfo+jJ2luNewrhAY7Kod + GWXTer9RxzTGA3EXFGvNr+BBOOxSj0SfWTl0Olo7J5dnxof+jLAUS1VHpceHGHps + GSJSdir7NkZidgwoCPA7BTqsb5LN + =dXB0 + -----END PGP PUBLIC KEY BLOCK----- |