From a92b116dcc995a108e73f041cddd955591d4866f 2023-08-04 16:24:18 From: x Date: 2023-08-04 16:24:18 Subject: [PATCH] feat: improve initial setup --- diff --git a/initial_server_setup/README.md b/initial_server_setup/README.md index b6253a1f214f3ea4589e2c4b0efd61785ef809cf..0c35031af0ee2dfc699386fe5f80dce04d287081 100644 --- a/initial_server_setup/README.md +++ b/initial_server_setup/README.md @@ -21,7 +21,7 @@ It installs the following packages: ### Hostname -It changes the hostname and verifies that IPv4 and IPv6 entries exist in `/etc/hostname`. +It changes the hostname and verifies that IPv4 and IPv6 entries (w/ `freifunk.lu` suffix) exist in `/etc/hostname`. ### Users @@ -32,3 +32,13 @@ It creates the following users: - metalgamer - xbr - fflux + +#### User configuration + +Each user has: + +- a default password +- a home directory +- `bash` as their default shell. + +Freifunk team members, unlike `fflux`, also have the `sudo` group. diff --git a/initial_server_setup/initial_setup.yml b/initial_server_setup/initial_setup.yml index 9e29ab15f91a24d1e4c95dafecf11006145e4fbc..c1e6ff2fd9b7ad9e5621901983541943b7bb2f95 100644 --- a/initial_server_setup/initial_setup.yml +++ b/initial_server_setup/initial_setup.yml @@ -1,55 +1,41 @@ --- # Defining the remote server where the package will be deployed -- hosts: test +- name: Initial Server Setup + hosts: test remote_user: root - become: yes - become_method: sudo + become: true + become_method: ansible.builtin.sudo vars: password: Welcome1234 ipv4: var=hostvars[initial]['ansible_default_ipv4']['address'] old_hostname: filter=ansible_hostname tasks: + - name: Update + Upgrade packages + become: true + ansible.builtin.apt: + upgrade: true + update_cache: true + tags: basic -# Update and install aptitude packadge - - name: "APT: Install aptitude package" - apt: - name: aptitude - force_apt_get: yes - - - name: "Update packages" - apt: - update_cache: yes # apt-get update - upgrade: full - - - name: UpdateRaw - shell: apt-get update -y - - name: UpgradeRaw - shell: apt-get upgrade -y - -# Installing the sudo, git, vim and python3 packadges on ther servers - - name: Install a list of packages - apt: + - name: Install some basic packages + ansible.builtin.apt: pkg: - - sudo - - git - - vim - - python3 - - python3-pip - -# Updating all packages to their latest version - - name: Update all packages to their latest version - apt: - name: "*" - state: latest + - sudo + - git + - vim + - python3 + - python3-pip + tags: basic -# Change Hostname + # Change Hostname - name: "Update Hostnames" - hostname: + ansible.builtin.hostname: name: "{{ new_hostname }}" + tags: hostname -# Updaet /etc/hosts + # Update /etc/hosts - name: Make sure an IPV4 entry in /etc/hosts exists - lineinfile: + ansible.builtin.lineinfile: path: /etc/hosts regexp: "^{{ ansible_default_ipv4.address }}" line: "{{ ansible_default_ipv4.address }} {{ new_hostname }} {{ new_hostname }}.freifunk.lu" @@ -57,69 +43,53 @@ tags: network,hostname,dns - name: Make sure an IPV6 entry in /etc/hosts exists - lineinfile: + ansible.builtin.lineinfile: path: /etc/hosts regexp: "^{{ ansible_default_ipv6.address }}" line: "{{ ansible_default_ipv6.address }} {{ new_hostname }} {{ new_hostname }}.freifunk.lu" state: present tags: network,hostname,dns -# Create Freifunk Users + # Create Freifunk Users - name: Create a login user fantawams - user: + ansible.builtin.user: name: fantawams password: "{{ password | password_hash('sha512') }}" - groups: # Empty by default, here we give it some groups - - sudo + groups: + - sudo state: present - shell: /bin/bash # Defaults to /bin/bash - system: no # Defaults to no - createhome: yes # Defaults to yes - home: /home/fantawams # Defaults to /home/ + tags: users - name: Create a login user orimpe - user: + ansible.builtin.user: name: orimpe password: "{{ password | password_hash('sha512') }}" groups: # Empty by default, here we give it some groups - - sudo + - sudo state: present - shell: /bin/bash # Defaults to /bin/bash - system: no # Defaults to no - createhome: yes # Defaults to yes - home: /home/orimpe # Defaults to /home/ + tags: users - name: Create a login user metalgamer - user: + ansible.builtin.user: name: metalgamer password: "{{ password | password_hash('sha512') }}" groups: # Empty by default, here we give it some groups - - sudo + - sudo state: present - shell: /bin/bash # Defaults to /bin/bash - system: no # Defaults to no - createhome: yes # Defaults to yes - home: /home/metalgamer # Defaults to /home/ + tags: users - - name: Create a login user xbr - user: - name: xbr + - name: Create a login user xbr + ansible.builtin.user: + name: xbr password: "{{ password | password_hash('sha512') }}" groups: # Empty by default, here we give it some groups - - sudo + - sudo state: present - shell: /bin/bash # Defaults to /bin/bash - system: no # Defaults to no - createhome: yes # Defaults to yes - home: /home/xbr # Defaults to /home/ + tags: users - name: Create a login user fflux - user: + ansible.builtin.user: name: fflux password: "{{ password | password_hash('sha512') }}" -# groups: # Empty by default, here we give it some groups state: present - shell: /bin/bash # Defaults to /bin/bash - system: no # Defaults to no - createhome: yes # Defaults to yes - home: /home/fflux # Defaults to /home/ + tags: users