v.1.0.0 bootstrap.yml; ansible-user on everry host

2024-11-17 14:20:14 +01:00
parent cdc0cdae6a
commit 38bce638c5
4 changed files with 43 additions and 1 deletions
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
 ### runnning against default hosts
 ```shell script
-ansible-playbook --ask-become-pass system-upgrade.yml
+ansible-playbook --ask-become-pass bootstrap.yml
 ```
--- a/bootstrap.yml
+++ b/bootstrap.yml
@@ -0,0 +1,36 @@
+---
+
+- hosts: all
+  become: true
+
+  pre_tasks:
+  - name: update respository index
+    tags: always
+    ansible.builtin.apt:
+      update_cache: true
+
+
+- hosts: all
+  become: true
+
+  tasks:
+  - name: create ansible user with group
+    tags: always 
+    ansible.builtin.user:
+      name: ansible
+      group: ansible
+
+  - name: add ssh key for ansible
+    tags: always 
+    ansible.builtin.authorized_key:
+      user: ansible
+      key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOclevKIKKnVEgkVXjszax/bTfaBT9yNNfy2in2ZZoyU ansible"
+
+  - name: add sudoers file for ansible
+    tags: always 
+    ansible.builtin.copy:
+      src: sudoer_ansible
+      dest: /etc/sudoers.d/ansible
+      owner: root
+      group: root
+      mode: 0440
--- a/files/sudoer_ansible
+++ b/files/sudoer_ansible
@@ -0,0 +1 @@
+ansible ALL=(ALL) NOPASSWD:ALL
--- a/5
+++ b/5
@@ -8,6 +8,11 @@ jenkins
 gitea
 pihole

+[pve]
+proxmox
+[pve:vars]
+ansible_user=root
+
 [vm]
 microk8s
 nginx