feat: make v-i script support my standard base install

Also, put as many packages as possible inside the cached portion, for speed. Sponsored-by: author
author: Lars Wirzenius <liw@liw.fi> 2022-01-07 15:06:29 +0200
committer: Lars Wirzenius <liw@liw.fi> 2022-01-07 18:52:02 +0200
commit: 2c3f88259122323eb73eb40f4dec9d66483d926c (patch)
tree: ca22c3b0740bb2db51f1775d80dec57b7317140f /std.yml
parent: 79dd4f5367ca66df6c2c56b751b4582554e39032 (diff)
download: v-i-2c3f88259122323eb73eb40f4dec9d66483d926c.tar.gz
1 files changed, 113 insertions, 0 deletions
diff --git a/std.yml b/std.yml
new file mode 100644
index 0000000..f2911ad
--- /dev/null
+++ b/std.yml
@@ -0,0 +1,113 @@
+# Ansible playbook to install stuff for a standard install with v-i.
+
+- hosts: image
+  tasks:
+    - name: "set /etc/hostname"
+      copy:
+        content: |
+          {{ hostname }}
+        dest: /etc/hostname
+
+    - name: "disable root password"
+      shell: |
+        passwd -l root
+
+    - name: "create ~root/.ssh"
+      file:
+        state: directory
+        path: /root/.ssh
+        owner: root
+        group: root
+        mode: 0700
+
+    - name: "set ~root/.ssh/authorized keys"
+      copy:
+        content: |
+          {{ user_pub }}
+        dest: /root/.ssh/authorized_keys
+        owner: root
+        group: root
+        mode: 0600
+
+    - name: "configure keyboard layout"
+      copy:
+        content: |
+          XKBMODEL="{{ user_keyboard_model }}"
+          XKBLAYOUT="{{ user_keyboard_layout }}"
+          XKBVARIANT=""
+          XKBOPTIONS=""
+          BACKSPACE="guess"
+        dest: /etc/default/keyboard
+
+    - name: "configure console"
+      copy:
+        content: |
+          ACTIVE_CONSOLES="/dev/tty[1-6]"
+          CHARMAP="UTF-8"
+          CODESET="{{ user_console_codeset }}"
+          FONTFACE="Fixed"
+          FONTSIZE="8x16"
+          VIDEOMODE=
+        dest: /etc/default/console-setup
+
+    - name: "set default locales for all users"
+      copy:
+        content: |
+          {{ user_locale }}
+        dest: /etc/profile.d/finnish.sh
+
+    - name: "configure Ethernet networking"
+      copy:
+        content: |
+          auto eth0
+          iface eth0 inet dhcp
+          iface eth0 inet6 auto
+        dest: /etc/network/interfaces.d/wired
+
+    # - name: "restrict root logins over ssh"
+    #   lineinfile:
+    #     path: /etc/ssh/sshd_config
+    #     regex: "#* *PasswordAuthentication"
+    #     line: "PasswordAuthentication no"
+
+  vars:
+    hostname: v-i
+    user_pub: |
+      ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQe6lsTapAxiwhhEeE/ixuK+5N8esCsMWoekQqjtxjP liw personal systems
+    user_locale: |
+      LC_CTYPE=fi_FI.UTF8
+    user_keyboard_model: pc105
+    user_keyboard_layout: fi
+    user_console_codeset: Lat15
+
+    ansible_python_interpreter: /usr/bin/python3
+    ci_prod_signing_key: |
+        -----BEGIN PGP PUBLIC KEY BLOCK-----
+
+        mQINBFrLO7kBEADdz6mHstYmKU5Dp6OSjxWtWaqTDOX1sJdmmaIK/9EKVIH0Maxp
+        5kvVO5G6mULLAjv/kLG0MxasHPrq8I2A/y8AqKAGVL8QelwLjQMIFZ30/VbGQPHS
+        +T5TZXEnoQtNce1GUhFwJ38ZyjjwHBFV9tSec7rZ2Q3YeM3nNnGPf6DacXGfEOPO
+        HIN4sXAN2hzNXNjKRzTIvxQseb6nr7afUh/SlZ3yhQOCrIzmYlD7tP9WJe7ofL0p
+        JY4pDQYw8rT6nC2BE/ioemh84kERCT1vCe+OVFlSRuMlqfEv+ZpKQ+itOmPDQ/lM
+        jpUm1K2hrW/lWpxT/ZxHKo/w1K36J5WshgMZxfUu5BMCL9LMqMcrXNhNjDMfxDMM
+        3yBPOvQ4ls6fecOZ/bsFo1p8VzMk/w/eG8vPs5yuNa5XxN95yFMXoOHGb5Xbu8D4
+        6yiW+Af70LbiSNpGdmNdneiGB2fY38NxBukPw5u3S5qG8HedSmMr1RvSr5kHoAAe
+        UbOY+BYaaKsTAT7+1skUW1o3FJSqoRKCHAzTsMWC6zzhR8hRn7jVrrguH1hGbqq5
+        TZSCFQZExuTJ7uXrTLG0WoBXIjB5wWNcSeXn8myUWYB51nJNF4tJBouZOz9JwWGl
+        kiAQkrHnBttLQWdW9FyjbIoTZMtpvVx+m6ObGTGdGL1cNlLAvWprMXGc+QARAQAB
+        tDJJY2sgQVBUIHJlcG9zaXRvcnkgc2lnbmluZyBrZXkgKDIwMTgpIDxsaXdAbGl3
+        LmZpPokCTgQTAQgAOBYhBKL1uyDoXyxUH3O717Wr+TZVS6PGBQJayzu5AhsDBQsJ
+        CAcCBhUICQoLAgQWAgMBAh4BAheAAAoJELWr+TZVS6PGB5QQANTcikhRUHwt9N4h
+        dGc/Hp6CbqdshMoWlwpFskttoVDxQG5OAobuZl5XyzGcmja1lT85RGkZFfbca0IZ
+        LnXOLLSAu51QBkXNaj4OhjK/0uQ+ITrvL6RQSXNgHiUTR/W2XD1GIUq6nBqe2GSN
+        31S1baYKKVj5QIMsi7Dq8ls3BBXuPCE+xTSaNmGWjes2t9pPidcRvxsksCLY1qgw
+        P1GFXBeMkBQ29kBP87SUL15SIk7OiQLlEURCy5iRls5rt/YEsdEpRWIb0Tm5Nrjv
+        2M3VM+iBhfNXTwj0rJ34mlycF1qQmA7YcTEobT7z587GPY0VWzBpQUnEQj7rQWPM
+        cDYY0b+I6kQ8VKOaL4wVAtE98d7HzFIrIrwhTKufnrWrVDPYsmLZ+LPC1jiF7JBD
+        SR6Vftb+SdDR9xoE1yRuXbC6IfoW+5/qQNrdQ2mm9BFw5jOonBqchs18HTTf3441
+        6SWwP9fY3Vi+IZphPPi0Gf85oMStgnv/Wnw6LacEL32ek39Desero/D8iGLZernK
+        Q2mC9mua5A/bYGVhsNWyURNFkKdbFa+/wW3NfdKYyZnsSfo+jJ2luNewrhAY7Kod
+        GWXTer9RxzTGA3EXFGvNr+BBOOxSj0SfWTl0Olo7J5dnxof+jLAUS1VHpceHGHps
+        GSJSdir7NkZidgwoCPA7BTqsb5LN
+        =dXB0
+        -----END PGP PUBLIC KEY BLOCK-----
author	Lars Wirzenius <liw@liw.fi>	2022-01-07 15:06:29 +0200
committer	Lars Wirzenius <liw@liw.fi>	2022-01-07 18:52:02 +0200
commit	2c3f88259122323eb73eb40f4dec9d66483d926c (patch)
tree	ca22c3b0740bb2db51f1775d80dec57b7317140f /std.yml
parent	79dd4f5367ca66df6c2c56b751b4582554e39032 (diff)
download	v-i-2c3f88259122323eb73eb40f4dec9d66483d926c.tar.gz