diff options
author | Christian Pointner <equinox@spreadspace.org> | 2017-12-10 03:10:30 +0100 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2017-12-10 03:10:30 +0100 |
commit | 84667fd186fc2fe72d44afd1a595112b5adf54db (patch) | |
tree | 8cd88603de0c14f926d5e2cac523c4d255a4a5a3 /roles | |
parent | added very basic docker and kubernetes roles (diff) |
initial config for thetys
Diffstat (limited to 'roles')
-rw-r--r-- | roles/docker/tasks/main.yaml | 22 | ||||
-rw-r--r-- | roles/kubernetes-base/tasks/main.yaml | 28 | ||||
-rw-r--r-- | roles/sshserver/tasks/main.yaml | 12 | ||||
-rw-r--r-- | roles/zsh/tasks/main.yaml | 6 |
4 files changed, 68 insertions, 0 deletions
diff --git a/roles/docker/tasks/main.yaml b/roles/docker/tasks/main.yaml index 89d7815d..c07888f7 100644 --- a/roles/docker/tasks/main.yaml +++ b/roles/docker/tasks/main.yaml @@ -1,4 +1,26 @@ --- +- name: prepare /var/lib/docker as LVM + when: docker_lvm is defined + block: + + - name: create logical volume + lvol: + vg: "{{ docker_lvm.vg }}" + lv: "{{ docker_lvm.lv }}" + size: "{{ docker_lvm.size }}" + + - name: create filesystem + filesystem: + fstype: "{{ docker_lvm.fs }}" + dev: "/dev/mapper/{{ docker_lvm.vg }}-{{ docker_lvm.lv }}" + + - name: mount filesytem + mount: + src: "/dev/mapper/{{ docker_lvm.vg }}-{{ docker_lvm.lv }}" + path: /var/lib/docker + fstype: "{{ docker_lvm.fs }}" + state: mounted + - name: install apt https transport apt: name: apt-transport-https diff --git a/roles/kubernetes-base/tasks/main.yaml b/roles/kubernetes-base/tasks/main.yaml index 163e2cef..f00c736b 100644 --- a/roles/kubernetes-base/tasks/main.yaml +++ b/roles/kubernetes-base/tasks/main.yaml @@ -1,4 +1,26 @@ --- +- name: prepare /var/lib/kubelet as LVM + when: kubelet_lvm is defined + block: + + - name: create logical volume + lvol: + vg: "{{ kubelet_lvm.vg }}" + lv: "{{ kubelet_lvm.lv }}" + size: "{{ kubelet_lvm.size }}" + + - name: create filesystem + filesystem: + fstype: "{{ kubelet_lvm.fs }}" + dev: "/dev/mapper/{{ kubelet_lvm.vg }}-{{ kubelet_lvm.lv }}" + + - name: mount filesytem + mount: + src: "/dev/mapper/{{ kubelet_lvm.vg }}-{{ kubelet_lvm.lv }}" + path: /var/lib/kubelet + fstype: "{{ kubelet_lvm.fs }}" + state: mounted + - name: install apt https transport apt: name: apt-transport-https @@ -23,3 +45,9 @@ apt: name: "{{ item }}" state: present + +- name: add dummy user with uid 1000 + user: + name: app + uid: 1000 + password: "!" diff --git a/roles/sshserver/tasks/main.yaml b/roles/sshserver/tasks/main.yaml index d2c5c9f0..fd92f12d 100644 --- a/roles/sshserver/tasks/main.yaml +++ b/roles/sshserver/tasks/main.yaml @@ -25,3 +25,15 @@ regexp: "^AllowUsers" line: "AllowUsers {{ ' '.join([ 'root' ] | union(sshserver_allowusers_group | default([])) | union(sshserver_allowusers_host | default([]))) }}" notify: restart ssh + +- name: install ssh keys for root + authorized_key: + user: root + key: "{{ sshserver_root_keys }}" + exclusive: yes + +- name: delete root password + user: + name: root + password: "!" + diff --git a/roles/zsh/tasks/main.yaml b/roles/zsh/tasks/main.yaml index 93bb1abf..409274a9 100644 --- a/roles/zsh/tasks/main.yaml +++ b/roles/zsh/tasks/main.yaml @@ -19,3 +19,9 @@ name: "{{ item }}" shell: /bin/zsh with_items: "{{ [ 'root' ] | union(zsh_loginshell_user | default([])) }}" + +- name: set zsh the default shell for adduser + lineinfile: + regexp: '^#?DSHELL=' + line: 'DSHELL=/bin/zsh' + path: /etc/adduser.conf |