Minimal shell setup for colo server.

2023-05-27 23:10:44 -04:00 · 2023-05-27 23:10:44 -04:00 · 6691cca055
commit 6691cca055
parent d5a9ba5a84
9 changed files with 23 additions and 41 deletions
--- a/ansible/environments/colo/host_vars/mrmanager
+++ b/ansible/environments/colo/host_vars/mrmanager
@ -0,0 +1,4 @@
 os_flavor: "freebsd"
 zfs_snapshot_datasets:
  - zroot/freebsd/main/be
 sshd_enabled: true
--- a/ansible/environments/colo/hosts
+++ b/ansible/environments/colo/hosts
@ -0,0 +1,2 @@
 [server]
 mrmanager ansible_user=root ansible_host=74.80.180.138
--- a/ansible/playbook.yaml
+++ b/ansible/playbook.yaml
@ -1,4 +1,4 @@
- hosts: all:!jail:!vm
+- hosts: all:!jail:!vm:!server
  vars:
    ansible_become: True
  roles:
@ -61,3 +61,17 @@
  roles:
    - portshaker
    - poudriere
 - hosts: mrmanager
  vars:
    ansible_become: True
  roles:
    - sudo
    - doas
    - users
    - package_manager
    - zfs
    - zrepl
    - zsh
    - network
    - sshd
--- a/ansible/roles/doas/tasks/common.yaml
+++ b/ansible/roles/doas/tasks/common.yaml
@ -9,13 +9,3 @@
 - import_tasks: tasks/linux.yaml
  when: 'os_flavor == "linux"'
 - include_tasks:
    file: tasks/peruser.yaml
    apply:
      become: yes
      become_user: "{{ initialize_user }}"
  when: users is defined
  loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}"
  loop_control:
    loop_var: initialize_user
--- a/ansible/roles/doas/tasks/peruser.yaml
+++ b/ansible/roles/doas/tasks/peruser.yaml
@ -1,29 +0,0 @@
 - include_role:
    name: per_user
 # - name: Create directories
 #   file:
 #     name: "{{ account_homedir.stdout }}/{{ item }}"
 #     state: directory
 #     mode: 0700
 #     owner: "{{ account_name.stdout }}"
 #     group: "{{ group_name.stdout }}"
 #   loop:
 #     - ".config/foo"
 # - name: Copy files
 #   copy:
 #     src: "files/{{ item.src }}"
 #     dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
 #     mode: 0600
 #     owner: "{{ account_name.stdout }}"
 #     group: "{{ group_name.stdout }}"
 #   loop:
 #     - src: foo.conf
 #       dest: .config/foo/foo.conf
 - import_tasks: tasks/peruser_freebsd.yaml
  when: 'os_flavor == "freebsd"'
 - import_tasks: tasks/peruser_linux.yaml
  when: 'os_flavor == "linux"'
--- a/ansible/roles/doas/tasks/peruser_freebsd.yaml
+++ b/ansible/roles/doas/tasks/peruser_freebsd.yaml
--- a/ansible/roles/doas/tasks/peruser_linux.yaml
+++ b/ansible/roles/doas/tasks/peruser_linux.yaml
--- a/ansible/roles/users/defaults/main.yaml
+++ b/ansible/roles/users/defaults/main.yaml
@ -9,4 +9,3 @@ users:
      - yubikey
      - main_fido
      - backup_fido
      - homeassistant
--- a/ansible/run.bash
+++ b/ansible/run.bash
@ -28,6 +28,8 @@ elif [ "$target" = "jail_homeserver_nat_dhcp" ]; then
    ansible-playbook -v -i environments/jail playbook.yaml --diff --limit homeserver_nat_dhcp "${@}"
 elif [ "$target" = "vm_poudriereodo" ]; then
    ansible-playbook -v -i environments/vm playbook.yaml --diff --limit poudriereodo "${@}"
 elif [ "$target" = "mrmanager" ]; then
    ansible-playbook -v -i environments/colo playbook.yaml --diff --limit mrmanager "${@}"
 else
    die 1 "Unrecognized target"
 fi
		`@ -0,0 +1,2 @@`
							`[server]`
							`mrmanager ansible_user=root ansible_host=74.80.180.138`