bank: Include Revbank setup

2022-11-17 20:11:34 +01:00 · 2022-11-17 20:11:34 +01:00 · 7dde69a9f2
commit 7dde69a9f2
parent a4b900fb7c
8 changed files with 124 additions and 28 deletions
--- a/bank.yaml
+++ b/bank.yaml
@ -3,4 +3,5 @@
  roles:
    - common
    - bank
-
+  vars:
+    bank_revbank_git: https://github.com/bitlair/revbank.git
--- a/roles/bank/defaults/main.yaml
+++ b/roles/bank/defaults/main.yaml
@ -0,0 +1,3 @@
+bank_user: bank
+bank_revbank_git: https://github.com/revspace/revbank.git
+bank_local_tty: no
--- a/roles/bank/handlers/main.yaml
+++ b/roles/bank/handlers/main.yaml
@ -0,0 +1,2 @@
+---
+- import_tasks: ../../common/handlers/main.yaml
--- a/roles/bank/tasks/login.yaml
+++ b/roles/bank/tasks/login.yaml
@ -0,0 +1,52 @@
+---
+- name: Add user
+  user:
+    name: bank
+    password: $6$idklol$QrOE/21LDR0vhZBAXwgA7AvnmR6Ju4ZqzAzgeazC08i2yw9kyQjgwu.uuV692iL/cyE7AteDYUxCpcorONXom. # "bank"
+    home: /home/{{ bank_user }}
+    shell: /home/{{ bank_user }}/revbank.git/revbank
+    update_password: always
+
+- name: Allow password auth for bank user
+  blockinfile:
+    path: /etc/ssh/sshd_config
+    insertafter: EOF
+    block: |-
+      Match User bank
+          PasswordAuthentication yes
+  notify: reload sshd
+
+- name: Clear motd
+  copy:
+    content: ""
+    dest: /etc/motd
+
+- name: Remove autologin
+  file:
+    path: /etc/systemd/system/getty@tty1.service.d/override.conf
+    state: absent
+  notify: daemon reload
+  when: not bank_local_tty
+
+- when: bank_local_tty
+  block:
+    - name: Locate agetty
+      command: command -v agetty
+      register: agetty_location_cmd
+
+    - set_fact:
+        agetty_location: "{{ agetty_location_cmd.stdout_lines | join }}"
+
+    - name: Create getty dir
+      file:
+        path: /etc/systemd/system/getty@tty1.service.d
+        state: directory
+
+    - name: Autologin User
+      template:
+        src: tty_autologin.conf
+        dest: /etc/systemd/system/getty@tty1.service.d/override.conf
+        owner: root
+        group: root
+        mode: 0644
+      notify: daemon reload
--- a/roles/bank/tasks/main.yaml
+++ b/roles/bank/tasks/main.yaml
@ -1,29 +1,6 @@
 ---
- tags: bank
-  block:
-    - name: Install dependencies
-      apt:
-        name: [ libterm-readline-gnu-perl, libcurses-ui-perl ]
-        state: present
+- tags: [ bank, bank_login ]
+  import_tasks: login.yaml

-    - name: Add user
-      user:
-        name: bank
-        password: $6$idklol$QrOE/21LDR0vhZBAXwgA7AvnmR6Ju4ZqzAzgeazC08i2yw9kyQjgwu.uuV692iL/cyE7AteDYUxCpcorONXom. # "bank"
-        home: /home/bank
-        shell: /home/bank/revbank.git/revbank
-        update_password: always
-
-    - name: Allow password auth for bank user
-      blockinfile:
-        path: /etc/ssh/sshd_config
-        insertafter: EOF
-        block: |-
-          Match User bank
-              PasswordAuthentication yes
-      notify: reload sshd
-
-    - name: Clear motd
-      copy:
-        content: ""
-        dest: /etc/motd
+- tags: [ bank, bank_revbank ]
+  import_tasks: revbank.yaml
--- a/roles/bank/tasks/revbank.yaml
+++ b/roles/bank/tasks/revbank.yaml
@ -0,0 +1,52 @@
+---
+- name: Install dependencies
+  apt:
+    name: [ git, libterm-readline-gnu-perl, libcurses-ui-perl, qrencode ]
+    state: present
+
+- name: Clone revbank source
+  git:
+    repo: "{{ bank_revbank_git }}"
+    version: master
+    dest: /home/{{ bank_user }}/revbank.git
+    accept_hostkey: yes
+
+- name: Create data files
+  command: cp /home/{{ bank_user }}/revbank.git/{{ item }} /home/{{ bank_user }}/{{ item }}
+  args:
+    creates: /home/{{ bank_user }}/{{ item }}
+  with_items:
+    - revbank.accounts
+    - revbank.market
+    - revbank.products
+
+- name: Ensure data file permissions
+  file:
+    path: /home/{{ bank_user }}/{{ item }}
+    state: touch
+    owner: "{{ bank_user }}"
+    group: "{{ bank_user }}"
+    mode: 0644
+  with_items:
+    - revbank.accounts
+    - revbank.market
+    - revbank.products
+
+- name: Link plugins
+  file:
+    state: link
+    path: /home/{{ bank_user }}/{{ item }}
+    src: /home/{{ bank_user }}/revbank.git/{{ item }}
+  with_items:
+    - plugins
+    - revbank.plugins
+
+- name: Create git data dir
+  file:
+    path: /home/{{ bank_user }}/data.git
+    state: directory
+
+- name: Install git cronjob
+  template:
+    src: git.cron
+    dest: /etc/cron.d/revbank-git
--- a/roles/bank/templates/git.cron
+++ b/roles/bank/templates/git.cron
@ -0,0 +1,4 @@
+SHELL=/bin/bash
+
+#m   h  dom mon dow user             command
+ 0   *  *   *   *   {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git push --mirror && git gc --auto)
--- a/roles/bank/templates/tty_autologin.conf
+++ b/roles/bank/templates/tty_autologin.conf
@ -0,0 +1,5 @@
+# Managed by Ansible
+
+[Service]
+ExecStart=
+ExecStart=-{{ agetty_location }} --autologin {{ bank_user }} %I $TERM