0003-bootstrap.yaml-is-a-playbook-for-preparing-a-remote-.patch
bootstrap.yaml | ||
---|---|---|
1 |
--- |
|
2 |
- name: Initialize a container for Publik developer installation |
|
3 |
hosts: all |
|
4 |
gather_facts: False |
|
5 | ||
6 |
tasks: |
|
7 |
- raw: dpkg -s python || (apt update && apt install -y python python-simplejson python-apt) |
|
8 |
- raw: dpkg -s sudo || apt install -y sudo |
|
9 |
- raw: dpkg -s postgresql || apt install -y postgresql |
|
10 |
- raw: dpkg -s git || apt install -y git |
|
11 | ||
12 |
- lineinfile: |
|
13 |
path: /etc/postgresql/9.6/main/pg_hba.conf |
|
14 |
line: 'local all postgres trust' |
|
15 |
insertbefore: '# DO NOT DISABLE!' |
|
16 | ||
17 |
- lineinfile: |
|
18 |
path: /etc/postgresql/9.6/main/pg_hba.conf |
|
19 |
line: 'local all all peer' |
|
20 |
insertafter: 'local all postgres trust' |
|
21 | ||
22 |
- raw: systemctl restart postgresql |
|
23 | ||
24 |
- user: |
|
25 |
name: "{{user}}" |
|
26 |
groups: sudo |
|
27 |
append: yes |
|
28 |
shell: /bin/bash |
|
29 | ||
30 |
# it is strange we need to fix permissions here (ansible 2.4) |
|
31 |
- file: |
|
32 |
path: "~{{user}}" |
|
33 |
state: directory |
|
34 |
owner: "{{user}}" |
|
35 |
group: "{{user}}" |
|
36 | ||
37 |
- lineinfile: |
|
38 |
dest: /etc/sudoers |
|
39 |
regexp: "^%{{user}}" |
|
40 |
line: "{{user}} ALL=(ALL) NOPASSWD: ALL" |
|
41 |
validate: 'visudo -cf %s' |
|
42 | ||
43 |
- file: |
|
44 |
path: "~{{user}}/.ssh" |
|
45 |
state: directory |
|
46 |
owner: "{{user}}" |
|
47 |
mode: 0700 |
|
48 |
- copy: |
|
49 |
src: "~/.ssh/id_rsa.pub" |
|
50 |
dest: "~{{user}}/.ssh/authorized_keys" |
|
51 |
owner: "{{user}}" |
|
52 |
mode: 0600 |
|
53 | ||
54 |
- lineinfile: |
|
55 |
path: /etc/hosts |
|
56 |
regexp: '^127.0.42.1' |
|
57 |
line: '127.0.42.1 dev-hobo.local.publik agent-combo.local.publik user-combo.local.publik demarches-wcs.local.publik connexion-authentic.local.publik' |
group_vars/all | ||
---|---|---|
5 | 5 |
ssl_certificate: "/etc/ssl/certs/*.local.publik.crt" |
6 | 6 |
ssl_certificate_key: "/etc/ssl/private/*.local.publik.key" |
7 | 7 |
venv: "/home/{{user}}/envs/publik-env" |
8 |
user: publik
|
|
8 |
user: your_user_name
|
|
9 | 9 |
apps: |
10 | 10 |
authentic: |
11 | 11 |
db_name: authentic_multitenant |
12 |
- |