feat: add ansible config for dedicated server

2025-04-26 11:40:14 +02:00 · 2025-04-26 11:40:14 +02:00 · 1fedfbcafb
commit 1fedfbcafb
parent 16ab22f24c
5 changed files with 61 additions and 0 deletions
--- a/ansible/.gitignore
+++ b/ansible/.gitignore
@ -0,0 +1 @@
+.vault-pass.txt
--- a/ansible/inventory.ini
+++ b/ansible/inventory.ini
@ -0,0 +1,2 @@
+[ovh]
+ovh1 ansible_host=5.39.72.167 ansible_user=ubuntu
--- a/ansible/k3s.yml
+++ b/ansible/k3s.yml
@ -0,0 +1,16 @@
+---
+- hosts: ovh1
+  become: true
+
+  tasks:
+  - name: Ensure curl is installed (dependency)
+    apt:
+      name: curl
+      state: present
+      update_cache: yes
+
+  - name: Install k3s
+    shell: |
+      curl -sfL https://get.k3s.io | sh -
+    args:
+      creates: /usr/local/bin/k3s
--- a/ansible/secrets.yml
+++ b/ansible/secrets.yml
@ -0,0 +1,11 @@
+$ANSIBLE_VAULT;1.1;AES256
+63356666643433623733663036346135353432626266663936656632636538336332316562386364
+6433646535396264383431306236656338316534636465620a353962313033643530383362323635
+36663931303537333837613361336163643032386239633435313335376236623163343933393630
+3664613137643232640a346665656434316563363638646333626366353765383139666237383864
+63383835343264623861386666653564636637663038653733326463396164643734653030326435
+36656663616537363530383961373135663537653162323763336265343437306663353639343439
+62313938666561363234396330366131323564373362303138363661663539356164323262383030
+64663065643966383230633932663230646332623636336232376632623130323332663731346364
+31633036663531623562336262383435623166656539323635343266636239303432333236393461
+6137623730386236623664643433626133626233303333343431
--- a/ansible/user_setup.yml
+++ b/ansible/user_setup.yml
@ -0,0 +1,31 @@
+---
+- hosts: all
+  become: true
+  vars_files:
+  - secrets.yml
+
+  vars:
+    username: rob
+    ssh_public_key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILFA4qzpM12PphDNlACS9F8oJpDVGxNanMdKfnokN30F rob@rob-x1"
+
+  tasks:
+  - name: Ensure group exists
+    group:
+      name: "{{ username }}"
+      state: present
+
+  - name: Create user and add to group
+    user:
+      name: "{{ username }}"
+      password: "{{ rob_password_hash }}"
+      group: "{{ username }}"
+      create_home: yes
+      shell: /bin/bash
+      groups: sudo
+      append: yes
+
+  - name: Set authorized SSH key
+    authorized_key:
+      user: "{{ username }}"
+      state: present
+      key: "{{ ssh_public_key }}"