Initialise Ansible pour configurer un nouveau serveur

56a5c47d · Maxime Bombar · 56a5c47d · 56a5c47d · 56a5c47d · 56a5c47d
Commit 56a5c47d authored 4 years ago by Maxime Bombar
--- a/ansible.cfg
+++ b/ansible.cfg
+# Ansible configuration
+
+[defaults]
+
+ansible_managed = Ansible managed, modified on %Y-%m-%d %H:%M:%S by {uid} from {host}
+
+# Do not create .retry files
+retry_files_enabled = False
+
+# Generate inventory
+inventory = ./hosts
+
+# Do not use cows (with cowsay)
+nocows = 1
+
+# Do more parallelism
+forks = 15
+
+# Some SSH connection will take time
+timeout = 60
+
+[privilege_escalation]
+
+# Use sudo to get priviledge access
+become = True
+
+# Ask for password
+become_ask_pass = True
+
+[ssh_connection]
+
+pipelining = True
+retries = 3
+
+[diff]
+
+# TO know what changed
+always = yes
--- a/hosts
+++ b/hosts
+[servens]
+thunes
+thunes-dev
+
+[crans]
+zamok
+
+[hilbert]
+hilbert
+
+[bde]
+note
+note-test
+bde3
+
+[zsh:children]
+servens
+bde
+crans
+
+[bombar:children]
+servens
+crans
+
+[pollion:children]
+bde
+hilbert
+
+[bombar:vars]
+ansible_user=bombar
+
+[pollion:vars]
+ansible_user=pollion
+
+[all:vars]
+ansible_python_interpreter=/usr/bin/python3
--- a/roles/common_tools/tasks/main.yml
+++ b/roles/common_tools/tasks/main.yml
+- name: Install common tools
+  apt:
+    update_cache: true
+    install_recommends: false
+    name:
+      - sudo
+      - molly-guard
+      - ntp
+      - apt
+      - emacs-nox
+      - htop
+      - zsh
+      - aptitude
+      - iotop  # monitor i/o
+      - tree  # create a graphical tree of files
+      - git
+      - less
+      - needrestart
+      - lsb-release
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
+
--- a/roles/deploy_config/tasks/main.yml
+++ b/roles/deploy_config/tasks/main.yml
+---
+# - name: Create config directory
+#   file:
+#     path: /home/{{ ansible_user }}/Git/Config_Files
+#     state: directory
+#     mode: "2775"
+#     owner: "{{ ansible_user }}"
+
+- name: Deploy ssh key
+  authorized_key:
+    user: "{{ ansible_user }}"
+    comment: Maxime Bombar (bombar@crans.org) - Poincare
+    exclusive: no
+    key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILZ5sU8rUfwe72C6k/xS0ffsKs0rr4KITeVfk4ZeFmP3
+
+- name: Clone Config_Files
+  git:
+    repo: ssh://git@gitlab.crans.org/bombar/Config_Files.git
+    dest: /home/{{ ansible_user }}/Git/Config_Files
+    track_submodules: yes
+    version: master
+  when: not ansible_check_mode
+
+- name: Find ssh configuration
+  find:
+    paths: /home/{{ ansible_user }}/Git/Config_Files/.ssh
+    patterns: config*
+  register: ssh_config
+  when: not ansible_check_mode
+  
+- name: Deploy ssh configuration
+  file:
+    src: /home/{{ ansible_user}}/Git/Config_Files/.ssh/{{ item.path | basename }}
+    dest: /home/{{ ansible_user }}/.ssh/{{ item.path | basename }}
+    state: link
+  loop: "{{ ssh_config.files }}"
+  when: not ansible_check_mode
+
+- name: Deploy general configuration
+  file:
+    src: /home/{{ ansible_user}}/Git/Config_Files/{{ item }}
+    dest: /home/{{ ansible_user }}/{{ item }}
+    state: link
+  loop:
+    - .emacs
+    - .git
+    - .gitconfig
+    - .zshrc
+    - .zsh
+  when: not ansible_check_mode
--- a/setup.yml
+++ b/setup.yml
+#!/usr/bin/env ansible-playbook
+---
+- hosts: all
+  roles:
+    - common_tools
+
+- hosts: all
+  vars:
+    - ansible_become: false
+  roles:
+    - deploy_config