From c36aefa7067858f912ca4f75c07e7147c70f1047 Mon Sep 17 00:00:00 2001 From: L3D Date: Wed, 10 Apr 2024 15:31:24 +0200 Subject: [PATCH] Adding l3d.users collection --- .gitmodules | 3 +++ .../ansible_collections/community/general | 2 +- collections/ansible_collections/l3d/avahi | 2 +- collections/ansible_collections/l3d/time | 2 +- collections/ansible_collections/l3d/users | 1 + group_vars/all.yml | 24 ++++++++++++++++--- group_vars/work.yml | 15 ++++++++++++ roles/akku-warning | 2 +- roles/amdgpu_firmware | 2 +- roles/do1jlr.htop | 2 +- roles/do1jlr.i3wm | 2 +- roles/dotfiles | 2 +- roles/gantsign.bat | 2 +- roles/l3d.etesync_dav | 2 +- roles/l3d.gopass | 2 +- roles/l3d.ntp | 2 +- roles/l3d.packages | 2 +- roles/no-sleep | 2 +- site.yml | 12 ++++++---- 19 files changed, 62 insertions(+), 21 deletions(-) create mode 160000 collections/ansible_collections/l3d/users create mode 100644 group_vars/work.yml diff --git a/.gitmodules b/.gitmodules index 8ae3471..642305c 100644 --- a/.gitmodules +++ b/.gitmodules @@ -71,3 +71,6 @@ [submodule "collections/ansible_collections/l3d/time"] path = collections/ansible_collections/l3d/time url = https://github.com/roles-ansible/ansible_collection_time.git +[submodule "collections/ansible_collections/l3d/users"] + path = collections/ansible_collections/l3d/users + url = https://github.com/roles-ansible/ansible_collection_users.git diff --git a/collections/ansible_collections/community/general b/collections/ansible_collections/community/general index cd77d67..9307b76 160000 --- a/collections/ansible_collections/community/general +++ b/collections/ansible_collections/community/general @@ -1 +1 @@ -Subproject commit cd77d67efb7d2f1f79d48d5a03f427d4445cd59e +Subproject commit 9307b76e744661ef8d62bf829f02393100e8ba91 diff --git a/collections/ansible_collections/l3d/avahi b/collections/ansible_collections/l3d/avahi index e3c7dd6..d2929df 160000 --- a/collections/ansible_collections/l3d/avahi +++ b/collections/ansible_collections/l3d/avahi @@ -1 +1 @@ -Subproject commit e3c7dd6cd8f9f0b41b18d526ef3c97856701dd63 +Subproject commit d2929df23e12f1ec56f56f346ef412ec9b73cf7a diff --git a/collections/ansible_collections/l3d/time b/collections/ansible_collections/l3d/time index 1a200d3..9d0e8ff 160000 --- a/collections/ansible_collections/l3d/time +++ b/collections/ansible_collections/l3d/time @@ -1 +1 @@ -Subproject commit 1a200d3fb93c0ee1745e5a62f93ac0e27f63482a +Subproject commit 9d0e8ffc6382c44e5ae26edbb21484294341698c diff --git a/collections/ansible_collections/l3d/users b/collections/ansible_collections/l3d/users new file mode 160000 index 0000000..406e3cf --- /dev/null +++ b/collections/ansible_collections/l3d/users @@ -0,0 +1 @@ +Subproject commit 406e3cf339a07c7933e98b88d49e74e88671d26b diff --git a/group_vars/all.yml b/group_vars/all.yml index 43ae0cc..dd77de6 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,9 +1,27 @@ --- # -# roles/dotfiles +# l3d.users +# l3d.users.user +# -> define users +l3d_users__default_users: + - name: 'l3d' + state: 'present' + shell: '/bin/bash' + create_home: true + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + exklusive_pubkeys: true + admin: true + admin_commands: 'ALL' + admin_nopassword: false + admin_ansible_login: true + - name: 'alice' + state: 'absent' + # -# enable keychain as ssh agent -dotfiles__additional_user_bashrc_lines: +# l3d.users +# l3d.users.user +# -> enable keychain as ssh agent +l3d_users__dotfiles__additional_user_bashrc_lines: - '[[ $- == *i* ]] && eval $(keychain --eval --quiet id_ed25519)' - '_gopass_bash_autocomplete() {' - ' local cur opts base' diff --git a/group_vars/work.yml b/group_vars/work.yml new file mode 100644 index 0000000..653e6d3 --- /dev/null +++ b/group_vars/work.yml @@ -0,0 +1,15 @@ +--- +# +# l3d.users +# l3d.users.user +l3d_users__local_users: + - name: 'lilian' + state: 'present' + shell: '/bin/bash' + create_home: true + pubkeys: "{{ lookup('url', 'https://github.com/do1jlr.keys', split_lines=False) }}" + exklusive_pubkeys: true + admin: true + admin_commands: 'ALL' + admin_nopassword: false + admin_ansible_login: true diff --git a/roles/akku-warning b/roles/akku-warning index a8b5881..43d9f17 160000 --- a/roles/akku-warning +++ b/roles/akku-warning @@ -1 +1 @@ -Subproject commit a8b5881aa7939e18eadb9c324a6653f22c2e9064 +Subproject commit 43d9f1776e575ffe91cf3602ac6f0877c0933794 diff --git a/roles/amdgpu_firmware b/roles/amdgpu_firmware index a50791c..fa3a60f 160000 --- a/roles/amdgpu_firmware +++ b/roles/amdgpu_firmware @@ -1 +1 @@ -Subproject commit a50791cf09a0c67903cee4e9a04f464d667e720e +Subproject commit fa3a60f5107f945f761e48d6cfebb8c6682443f9 diff --git a/roles/do1jlr.htop b/roles/do1jlr.htop index a0e1442..d4fe10a 160000 --- a/roles/do1jlr.htop +++ b/roles/do1jlr.htop @@ -1 +1 @@ -Subproject commit a0e1442ce37af5d3395a40332a73b8be970a2e76 +Subproject commit d4fe10a8a535b42232fb214d75c61e95d74bcdf8 diff --git a/roles/do1jlr.i3wm b/roles/do1jlr.i3wm index 4c8b9fc..ed08078 160000 --- a/roles/do1jlr.i3wm +++ b/roles/do1jlr.i3wm @@ -1 +1 @@ -Subproject commit 4c8b9fc9a933471dc867415d06f212823a947a3f +Subproject commit ed08078c367b986a0409c2e6ab49f553d123c3cf diff --git a/roles/dotfiles b/roles/dotfiles index 6fb8ebd..348ea9a 160000 --- a/roles/dotfiles +++ b/roles/dotfiles @@ -1 +1 @@ -Subproject commit 6fb8ebd6645f8f518d27acd7834184e50f9163b1 +Subproject commit 348ea9a127fe5133d2f3dee9e9050ba5cd5732c3 diff --git a/roles/gantsign.bat b/roles/gantsign.bat index b263e5e..dae043f 160000 --- a/roles/gantsign.bat +++ b/roles/gantsign.bat @@ -1 +1 @@ -Subproject commit b263e5e140ee3c5e868f9392b2e4a2eaa37eaf79 +Subproject commit dae043fe28360b16b86645b0eecca80c489ac5c6 diff --git a/roles/l3d.etesync_dav b/roles/l3d.etesync_dav index 2425294..5059bd9 160000 --- a/roles/l3d.etesync_dav +++ b/roles/l3d.etesync_dav @@ -1 +1 @@ -Subproject commit 242529420b856b5923529e50652a9b2e553e1aca +Subproject commit 5059bd985a4a410b49bd3f2baf35679e779d6fdf diff --git a/roles/l3d.gopass b/roles/l3d.gopass index dee7dc2..bf76fcc 160000 --- a/roles/l3d.gopass +++ b/roles/l3d.gopass @@ -1 +1 @@ -Subproject commit dee7dc268691ade0c384efa9fe1daa2b805e7cf8 +Subproject commit bf76fcc81e5687009d6897b1a80e8f5d19b9ab47 diff --git a/roles/l3d.ntp b/roles/l3d.ntp index 09864d0..c3fabc5 160000 --- a/roles/l3d.ntp +++ b/roles/l3d.ntp @@ -1 +1 @@ -Subproject commit 09864d03a24a4ba3049e4825c3e045295ed2a670 +Subproject commit c3fabc5fc6f5f56818cee53d85b249ef26cd12dd diff --git a/roles/l3d.packages b/roles/l3d.packages index 152db3c..43229cf 160000 --- a/roles/l3d.packages +++ b/roles/l3d.packages @@ -1 +1 @@ -Subproject commit 152db3c48833176f3bca746b0e556c158e6bc523 +Subproject commit 43229cf0d9561248625ada346c86e03f6fee4b71 diff --git a/roles/no-sleep b/roles/no-sleep index 04b2945..7ab63e1 160000 --- a/roles/no-sleep +++ b/roles/no-sleep @@ -1 +1 @@ -Subproject commit 04b2945454d98e6e917a5e1fcdb7d6d7158840e1 +Subproject commit 7ab63e19e065c9dd55504a6d89fe006c13eed9df diff --git a/site.yml b/site.yml index ebdf8ca..5c3120b 100644 --- a/site.yml +++ b/site.yml @@ -4,6 +4,14 @@ roles: - {role: ansible_version, tags: always} +- name: Generic Workstation Preperation + hosts: all + roles: + - {role: l3d.users.user, tags: user} + - {role: l3d.users.admin, tags: admin} + - {role: l3d.users.sshd, tags: sshd} + - {role: l3d.users.dotfiles, tags: dotfiles} + - name: Generic Workstation Preperation hosts: all roles: @@ -21,10 +29,6 @@ # - name: user specific setup # hosts: private # roles: -# - {role: dotfiles, tags: [default, dotfiles, fancy]} -# - {role: manage_users, tags: [ssh, manage, manage_users]} -# - {role: authorized_keys, tags: [ssh, auth, authorized_keys]} -# - {role: sshd, tags: [ssh, sshd]} # - {role: akku-warning, tags: [akku, akku_warning, akku-warning]} # - {role: no-sleep, tags: no_sleep}