ansible/roles/bank-terminal/tasks/main.yaml

---
- name: Client
  tags: bank_terminal_client
  block:
    - name: Add user
      ansible.builtin.user:
        name: "bank-terminal"
        home: "/home/{{ bank_terminal_user }}"
        shell: "/home/{{ bank_terminal_user }}/login"
        generate_ssh_key: yes
        ssh_key_type: "ed25519"

    - name: Locate agetty
      ansible.builtin.command:
        cmd: which agetty
      register: agetty_location_cmd

    - name: Set agetty var
      ansible.builtin.set_fact:
        agetty_location: "{{ agetty_location_cmd.stdout_lines | join }}"

    - name: Install login script
      ansible.builtin.template:
        src: "login"
        dest: "/home/{{ bank_terminal_user }}/login"
        owner: "bank-terminal"
        group: "bank-terminal"
        mode: "0755"

    - name: Autologin User
      ansible.builtin.template:
        src: "tty_autologin.conf"
        dest: "/etc/systemd/system/getty@tty1.service.d/override.conf"
        owner: "root"
        group: "root"
        mode: "0644"
      notify: daemon_reload

    - name: Clear MOTD
      ansible.builtin.copy:
        content: ""
        dest: "/etc/motd"

    # Set console font so the Revbank QR codes are rendered correctly.
    - name: Console setup
      ansible.builtin.lineinfile:
        path: "/etc/default/console-setup"
        line: '{{ item.k }}="{{ item.v }}"'
        regexp: "^#?{{ item.k }}"
      with_items:
        - { k: CHARMAP, v: UTF-8 }
        - { k: CODESET, v: Uni2 }
        - { k: FONTFACE, v: VGA }
        - { k: FONTSIZE, v: 8x14 }
        - { k: FONT, v: CyrKoi-TerminusBold28x14.psf.gz }
      notify: console_setup

    - name: Console Setup Management Note
      ansible.builtin.lineinfile:
        path: "/etc/default/console-setup"
        line: "# Managed by Ansible"
        insertafter: "CONFIGURATION FILE"

    - name: Read pubkey
      ansible.builtin.command: /bin/cat /home/{{ bank_terminal_user }}/.ssh/id_ed25519.pub
      changed_when: no
      register: pubkey

    - ansible.builtin.debug:
        msg:
          - Please ensure that the pubkey below is is authorized on the bank server.
          - "{{ pubkey.stdout_lines | join }}"