diff --git a/ansible/.gitignore b/ansible/.gitignore new file mode 100644 index 0000000..f436f12 --- /dev/null +++ b/ansible/.gitignore @@ -0,0 +1 @@ +.vault-pass.txt diff --git a/ansible/inventory.ini b/ansible/inventory.ini new file mode 100644 index 0000000..3bb4618 --- /dev/null +++ b/ansible/inventory.ini @@ -0,0 +1,2 @@ +[ovh] +ovh1 ansible_host=5.39.72.167 ansible_user=ubuntu diff --git a/ansible/k3s.yml b/ansible/k3s.yml new file mode 100644 index 0000000..7d622a9 --- /dev/null +++ b/ansible/k3s.yml @@ -0,0 +1,16 @@ +--- +- hosts: ovh1 + become: true + + tasks: + - name: Ensure curl is installed (dependency) + apt: + name: curl + state: present + update_cache: yes + + - name: Install k3s + shell: | + curl -sfL https://get.k3s.io | sh - + args: + creates: /usr/local/bin/k3s diff --git a/ansible/secrets.yml b/ansible/secrets.yml new file mode 100644 index 0000000..ee1d25f --- /dev/null +++ b/ansible/secrets.yml @@ -0,0 +1,11 @@ +$ANSIBLE_VAULT;1.1;AES256 +63356666643433623733663036346135353432626266663936656632636538336332316562386364 +6433646535396264383431306236656338316534636465620a353962313033643530383362323635 +36663931303537333837613361336163643032386239633435313335376236623163343933393630 +3664613137643232640a346665656434316563363638646333626366353765383139666237383864 +63383835343264623861386666653564636637663038653733326463396164643734653030326435 +36656663616537363530383961373135663537653162323763336265343437306663353639343439 +62313938666561363234396330366131323564373362303138363661663539356164323262383030 +64663065643966383230633932663230646332623636336232376632623130323332663731346364 +31633036663531623562336262383435623166656539323635343266636239303432333236393461 +6137623730386236623664643433626133626233303333343431 diff --git a/ansible/user_setup.yml b/ansible/user_setup.yml new file mode 100644 index 0000000..742d69c --- /dev/null +++ b/ansible/user_setup.yml @@ -0,0 +1,31 @@ +--- +- hosts: all + become: true + vars_files: + - secrets.yml + + vars: + username: rob + ssh_public_key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILFA4qzpM12PphDNlACS9F8oJpDVGxNanMdKfnokN30F rob@rob-x1" + + tasks: + - name: Ensure group exists + group: + name: "{{ username }}" + state: present + + - name: Create user and add to group + user: + name: "{{ username }}" + password: "{{ rob_password_hash }}" + group: "{{ username }}" + create_home: yes + shell: /bin/bash + groups: sudo + append: yes + + - name: Set authorized SSH key + authorized_key: + user: "{{ username }}" + state: present + key: "{{ ssh_public_key }}"