blob: a35e87d627b9743641088427979e094e72bdc8e0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
# Ansible playbook to install stuff for a standard install with v-i.
# You should inspect the user_* variables at the end, and override
# them with "ansible_vars" in the system spec file. v-i sets the
# hostname variable automatically.
- hosts: image
tasks:
- name: "set /etc/hostname"
copy:
content: |
{{ hostname }}
dest: /etc/hostname
- name: "lock root password"
shell: |
passwd -l root
- name: "create ~root/.ssh"
when: user_pub is defined
file:
state: directory
path: /root/.ssh
owner: root
group: root
mode: 0700
- name: "set ~root/.ssh/authorized keys"
when: user_pub is defined
copy:
content: |
{{ user_pub }}
dest: /root/.ssh/authorized_keys
owner: root
group: root
mode: 0600
- name: "install user CA public key"
when: user_ca_pubkey is defined
copy:
content: |
{{ user_ca_pubkey }}
dest: /etc/ssh/user_ca_keys
- name: "configure sshd to accept CA for users"
when: user_ca_pubkey is defined
copy:
content: TrustedUserCAKeys /etc/ssh/user_ca_keys
dest: /etc/ssh/sshd_config.d/userca.conf
- name: "configure keyboard layout"
copy:
content: |
XKBMODEL="{{ user_keyboard_model }}"
XKBLAYOUT="{{ user_keyboard_layout }}"
XKBVARIANT=""
XKBOPTIONS=""
BACKSPACE="guess"
dest: /etc/default/keyboard
- name: "configure console"
copy:
content: |
ACTIVE_CONSOLES="/dev/tty[1-6]"
CHARMAP="UTF-8"
CODESET="{{ user_console_codeset }}"
FONTFACE="Fixed"
FONTSIZE="8x16"
VIDEOMODE=
dest: /etc/default/console-setup
- name: "set default locales for all users"
copy:
content: |
{{ user_locale }}
dest: /etc/profile.d/locale.sh
- name: "remove ifupdown"
apt:
name: ifupdown
state: absent
- name: "configure networkd"
copy:
content: |
[Match]
Name=eth0
[Network]
DHCP=yes
dest: /etc/systemd/network/external.network
- name: "enable networkd"
systemd:
name: systemd-networkd
enabled: yes
vars:
ansible_python_interpreter: /usr/bin/python3
# You may want to override these.
user_locale: |
export LC_CTYPE=fi_FI.UTF8
user_keyboard_model: pc105
user_keyboard_layout: fi
user_console_codeset: Lat15
|