bank: Include Revbank setup
This commit is contained in:
parent
a4b900fb7c
commit
7dde69a9f2
8 changed files with 124 additions and 28 deletions
|
@ -3,4 +3,5 @@
|
|||
roles:
|
||||
- common
|
||||
- bank
|
||||
|
||||
vars:
|
||||
bank_revbank_git: https://github.com/bitlair/revbank.git
|
||||
|
|
3
roles/bank/defaults/main.yaml
Normal file
3
roles/bank/defaults/main.yaml
Normal file
|
@ -0,0 +1,3 @@
|
|||
bank_user: bank
|
||||
bank_revbank_git: https://github.com/revspace/revbank.git
|
||||
bank_local_tty: no
|
2
roles/bank/handlers/main.yaml
Normal file
2
roles/bank/handlers/main.yaml
Normal file
|
@ -0,0 +1,2 @@
|
|||
---
|
||||
- import_tasks: ../../common/handlers/main.yaml
|
52
roles/bank/tasks/login.yaml
Normal file
52
roles/bank/tasks/login.yaml
Normal file
|
@ -0,0 +1,52 @@
|
|||
---
|
||||
- name: Add user
|
||||
user:
|
||||
name: bank
|
||||
password: $6$idklol$QrOE/21LDR0vhZBAXwgA7AvnmR6Ju4ZqzAzgeazC08i2yw9kyQjgwu.uuV692iL/cyE7AteDYUxCpcorONXom. # "bank"
|
||||
home: /home/{{ bank_user }}
|
||||
shell: /home/{{ bank_user }}/revbank.git/revbank
|
||||
update_password: always
|
||||
|
||||
- name: Allow password auth for bank user
|
||||
blockinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
insertafter: EOF
|
||||
block: |-
|
||||
Match User bank
|
||||
PasswordAuthentication yes
|
||||
notify: reload sshd
|
||||
|
||||
- name: Clear motd
|
||||
copy:
|
||||
content: ""
|
||||
dest: /etc/motd
|
||||
|
||||
- name: Remove autologin
|
||||
file:
|
||||
path: /etc/systemd/system/getty@tty1.service.d/override.conf
|
||||
state: absent
|
||||
notify: daemon reload
|
||||
when: not bank_local_tty
|
||||
|
||||
- when: bank_local_tty
|
||||
block:
|
||||
- name: Locate agetty
|
||||
command: command -v agetty
|
||||
register: agetty_location_cmd
|
||||
|
||||
- set_fact:
|
||||
agetty_location: "{{ agetty_location_cmd.stdout_lines | join }}"
|
||||
|
||||
- name: Create getty dir
|
||||
file:
|
||||
path: /etc/systemd/system/getty@tty1.service.d
|
||||
state: directory
|
||||
|
||||
- name: Autologin User
|
||||
template:
|
||||
src: tty_autologin.conf
|
||||
dest: /etc/systemd/system/getty@tty1.service.d/override.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: daemon reload
|
|
@ -1,29 +1,6 @@
|
|||
---
|
||||
- tags: bank
|
||||
block:
|
||||
- name: Install dependencies
|
||||
apt:
|
||||
name: [ libterm-readline-gnu-perl, libcurses-ui-perl ]
|
||||
state: present
|
||||
- tags: [ bank, bank_login ]
|
||||
import_tasks: login.yaml
|
||||
|
||||
- name: Add user
|
||||
user:
|
||||
name: bank
|
||||
password: $6$idklol$QrOE/21LDR0vhZBAXwgA7AvnmR6Ju4ZqzAzgeazC08i2yw9kyQjgwu.uuV692iL/cyE7AteDYUxCpcorONXom. # "bank"
|
||||
home: /home/bank
|
||||
shell: /home/bank/revbank.git/revbank
|
||||
update_password: always
|
||||
|
||||
- name: Allow password auth for bank user
|
||||
blockinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
insertafter: EOF
|
||||
block: |-
|
||||
Match User bank
|
||||
PasswordAuthentication yes
|
||||
notify: reload sshd
|
||||
|
||||
- name: Clear motd
|
||||
copy:
|
||||
content: ""
|
||||
dest: /etc/motd
|
||||
- tags: [ bank, bank_revbank ]
|
||||
import_tasks: revbank.yaml
|
||||
|
|
52
roles/bank/tasks/revbank.yaml
Normal file
52
roles/bank/tasks/revbank.yaml
Normal file
|
@ -0,0 +1,52 @@
|
|||
---
|
||||
- name: Install dependencies
|
||||
apt:
|
||||
name: [ git, libterm-readline-gnu-perl, libcurses-ui-perl, qrencode ]
|
||||
state: present
|
||||
|
||||
- name: Clone revbank source
|
||||
git:
|
||||
repo: "{{ bank_revbank_git }}"
|
||||
version: master
|
||||
dest: /home/{{ bank_user }}/revbank.git
|
||||
accept_hostkey: yes
|
||||
|
||||
- name: Create data files
|
||||
command: cp /home/{{ bank_user }}/revbank.git/{{ item }} /home/{{ bank_user }}/{{ item }}
|
||||
args:
|
||||
creates: /home/{{ bank_user }}/{{ item }}
|
||||
with_items:
|
||||
- revbank.accounts
|
||||
- revbank.market
|
||||
- revbank.products
|
||||
|
||||
- name: Ensure data file permissions
|
||||
file:
|
||||
path: /home/{{ bank_user }}/{{ item }}
|
||||
state: touch
|
||||
owner: "{{ bank_user }}"
|
||||
group: "{{ bank_user }}"
|
||||
mode: 0644
|
||||
with_items:
|
||||
- revbank.accounts
|
||||
- revbank.market
|
||||
- revbank.products
|
||||
|
||||
- name: Link plugins
|
||||
file:
|
||||
state: link
|
||||
path: /home/{{ bank_user }}/{{ item }}
|
||||
src: /home/{{ bank_user }}/revbank.git/{{ item }}
|
||||
with_items:
|
||||
- plugins
|
||||
- revbank.plugins
|
||||
|
||||
- name: Create git data dir
|
||||
file:
|
||||
path: /home/{{ bank_user }}/data.git
|
||||
state: directory
|
||||
|
||||
- name: Install git cronjob
|
||||
template:
|
||||
src: git.cron
|
||||
dest: /etc/cron.d/revbank-git
|
4
roles/bank/templates/git.cron
Normal file
4
roles/bank/templates/git.cron
Normal file
|
@ -0,0 +1,4 @@
|
|||
SHELL=/bin/bash
|
||||
|
||||
#m h dom mon dow user command
|
||||
0 * * * * {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git push --mirror && git gc --auto)
|
5
roles/bank/templates/tty_autologin.conf
Normal file
5
roles/bank/templates/tty_autologin.conf
Normal file
|
@ -0,0 +1,5 @@
|
|||
# Managed by Ansible
|
||||
|
||||
[Service]
|
||||
ExecStart=
|
||||
ExecStart=-{{ agetty_location }} --autologin {{ bank_user }} %I $TERM
|
Loading…
Add table
Reference in a new issue