xenobyte/sukaato-ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added tags to several tasks, and added tasks that allow import of GPG private keys to remote host

Browse Source
This commit is contained in:
Alex Tavarez
2025-09-06 13:50:14 -04:00
parent 6091dfffa1
commit d7b22019b5
1 changed files with 32 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
playbooks/init_login.yml
View File

@@ -15,6 +15,13 @@
# ansible_password: "{{ passwords[0].password }}" # ansible_password: "{{ passwords[0].password }}"
# ansible_ssh_pass: "{{ passwords[0].username }}" # ansible_ssh_pass: "{{ passwords[0].username }}"
# ansible_ssh_password: "{{ passwords[0].username }}" # ansible_ssh_password: "{{ passwords[0].username }}"
ansible_python_interpreter: “{{ ansible_playbook_python }}”
personal_computers: locals # @NOTE can change to *_households group or {{ name }}_{{ surname }} group name
vars_prompt:
- name: gpg_import_passwords
prompt: Enter space-wrapped colon -separated list of GPG private key passwords
unsafe: yes
private: yes
tasks: tasks:
- name: Disable shell access for root - name: Disable shell access for root
ansible.builtin.include_role: ansible.builtin.include_role:
@@ -41,6 +48,7 @@
state: present state: present
tags: tags:
- default - default
- source_sys_bashrc
- name: Create global bash functions - name: Create global bash functions
become: yes become: yes
ansible.builtin.copy: ansible.builtin.copy:
@@ -55,6 +63,7 @@
state: present state: present
tags: tags:
- default - default
- source_sys_bashrc
- name: Register bash aliases and functions to global bashrc - name: Register bash aliases and functions to global bashrc
become: yes become: yes
ansible.builtin.blockinfile: ansible.builtin.blockinfile:
@@ -77,6 +86,7 @@
state: present state: present
tags: tags:
- default - default
- source_sys_bashrc
- name: Start XDG configuration tasks if in servers group - name: Start XDG configuration tasks if in servers group
when: "'servers' in group_names and ansible_connection != 'local'" when: "'servers' in group_names and ansible_connection != 'local'"
become: yes become: yes
@@ -105,9 +115,10 @@
state: present state: present
tags: tags:
- default - default
- create_xdg_config
- servers_exclusive - servers_exclusive
- name: Start XDG configuration tasks if in locals group - name: Start XDG configuration tasks if current host in specified group
when: "'locals' in group_names or ansible_connection == 'local'" when: "personal_computers in group_names or ansible_connection == 'local'"
become: yes become: yes
block: block:
- name: Create XDG user home directory environment variables - name: Create XDG user home directory environment variables
@@ -134,9 +145,10 @@
state: present state: present
tags: tags:
- default - default
- create_xdg_config
- locals_exclusive - locals_exclusive
- name: Start SSH configuration tasks if in locals group - name: Start SSH configuration tasks if current host in specified group
when: "'locals' in group_names or ansible_connection == 'local'" when: "personal_computers in group_names or ansible_connection == 'local'"
become: yes become: yes
block: block:
- name: Create user SSH configuration - name: Create user SSH configuration
@@ -152,5 +164,20 @@
state: present state: present
tags: tags:
- default - default
- create_ssh_config
- locals_exclusive - locals_exclusive
- name: Import GPG private keys
ansible.builtin.include_role:
name: lockdown
defaults_from: main
vars_from: main
handlers_from: main
tasks_from: gpg
vars:
gpg_keys_origin_host: localhost
gpg_origin_private_key_passwords: "{{ gpg_import_passwords | split(' : ') }}"
tags:
- default
- import_gpg_privkeys