From 11270d15846378446af5fa3259dd63ddee5c7449 Mon Sep 17 00:00:00 2001
From: polyfloyd <floyd@polyfloyd.net>
Date: Sun, 24 May 2020 17:48:47 +0200
Subject: [PATCH] Add initial version of the bank-terminal role

---
 bar.yaml                                      |  4 ++
 group_vars/all.yaml                           |  2 +
 roles/bank-terminal/defaults/main.yaml        |  1 +
 roles/bank-terminal/handlers/main.yaml        |  4 ++
 roles/bank-terminal/tasks/main.yaml           | 44 +++++++++++++++++++
 roles/bank-terminal/templates/login           |  5 +++
 .../templates/tty_autologin.conf              |  5 +++
 7 files changed, 65 insertions(+)
 create mode 100644 bar.yaml
 create mode 100644 group_vars/all.yaml
 create mode 100644 roles/bank-terminal/defaults/main.yaml
 create mode 100644 roles/bank-terminal/handlers/main.yaml
 create mode 100644 roles/bank-terminal/tasks/main.yaml
 create mode 100644 roles/bank-terminal/templates/login
 create mode 100644 roles/bank-terminal/templates/tty_autologin.conf

diff --git a/bar.yaml b/bar.yaml
new file mode 100644
index 0000000..d93a1cd
--- /dev/null
+++ b/bar.yaml
@@ -0,0 +1,4 @@
+---
+- hosts: bar
+  roles:
+    - bank-terminal
diff --git a/group_vars/all.yaml b/group_vars/all.yaml
new file mode 100644
index 0000000..65db9c7
--- /dev/null
+++ b/group_vars/all.yaml
@@ -0,0 +1,2 @@
+ansible_user: root
+ansible_python_interpreter: auto_silent
diff --git a/roles/bank-terminal/defaults/main.yaml b/roles/bank-terminal/defaults/main.yaml
new file mode 100644
index 0000000..2393eed
--- /dev/null
+++ b/roles/bank-terminal/defaults/main.yaml
@@ -0,0 +1 @@
+bank_terminal_user: bank-terminal
diff --git a/roles/bank-terminal/handlers/main.yaml b/roles/bank-terminal/handlers/main.yaml
new file mode 100644
index 0000000..55217f0
--- /dev/null
+++ b/roles/bank-terminal/handlers/main.yaml
@@ -0,0 +1,4 @@
+---
+- name: daemon_reload
+  systemd:
+    daemon_reload: yes
diff --git a/roles/bank-terminal/tasks/main.yaml b/roles/bank-terminal/tasks/main.yaml
new file mode 100644
index 0000000..2505aa8
--- /dev/null
+++ b/roles/bank-terminal/tasks/main.yaml
@@ -0,0 +1,44 @@
+---
+- name: Client
+  tags: bank_terminal_client
+  block:
+    - name: Add user
+      user:
+        name: bank-terminal
+        home: /home/{{ bank_terminal_user }}
+        shell: /home/{{ bank_terminal_user }}/login
+        generate_ssh_key: yes
+        ssh_key_type: ed25519
+
+    - name: Locate agetty
+      command: which agetty
+      register: agetty_location_cmd
+
+    - name: Set agetty var
+      set_fact: agetty_location="{{ agetty_location_cmd.stdout_lines | join }}"
+
+    - name: Install login script
+      template:
+        src: login
+        dest: /home/{{ bank_terminal_user }}/login
+        owner: bank-terminal
+        group: bank-terminal
+        mode: 0755
+
+    - name: Autologin User
+      template:
+        src: tty_autologin.conf
+        dest: /etc/systemd/system/getty@tty1.service.d/override.conf
+        owner: root
+        group: root
+        mode: 0644
+      notify: daemon_reload
+
+    - name: Read pubkey
+      command: /bin/cat /home/{{ bank_terminal_user }}/.ssh/id_ed25519.pub
+      register: pubkey
+
+    - debug:
+        msg:
+          - Please ensure that the pubkey below is is authorized on the bank server.
+          - "{{ pubkey.stdout_lines | join }}"
diff --git a/roles/bank-terminal/templates/login b/roles/bank-terminal/templates/login
new file mode 100644
index 0000000..a8f456c
--- /dev/null
+++ b/roles/bank-terminal/templates/login
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+# Managed by Ansible
+
+TERM=xterm-256color ssh bank@bank.bitlair.nl
diff --git a/roles/bank-terminal/templates/tty_autologin.conf b/roles/bank-terminal/templates/tty_autologin.conf
new file mode 100644
index 0000000..3b8b789
--- /dev/null
+++ b/roles/bank-terminal/templates/tty_autologin.conf
@@ -0,0 +1,5 @@
+# Managed by Ansible
+
+[Service]
+ExecStart=
+ExecStart=-{{ agetty_location }} --autologin {{ bank_terminal_user }} --noclear %I $TERM