Commit | Line | Data |
---|---|---|
3ea0152b MJ |
1 | --- |
2 | # Include variables and define needed variables. | |
3 | - name: Include OS-specific variables. | |
9e2e4e6b MJ |
4 | include_vars: "{{ item }}" |
5 | with_first_found: | |
6 | - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml" | |
7 | - "{{ ansible_distribution }}.yml" | |
8 | - "{{ ansible_os_family }}.yml" | |
3ea0152b MJ |
9 | |
10 | # Setup/install tasks. | |
11 | - include: setup-RedHat.yml | |
9e2e4e6b | 12 | when: ansible_os_family in ['RedHat', 'Rocky'] |
3ea0152b MJ |
13 | |
14 | - include: setup-Debian.yml | |
15 | when: ansible_os_family == 'Debian' | |
16 | ||
1be0d012 MJ |
17 | - include: setup-Alpine.yml |
18 | when: ansible_os_family == 'Alpine' | |
19 | ||
599b56d0 MJ |
20 | - include: setup-Suse.yml |
21 | when: ansible_os_family == 'Suse' | |
22 | ||
5e186c3f MJ |
23 | - name: Set up authorized_keys for the root user |
24 | authorized_key: | |
25 | user: 'root' | |
c0d69812 MJ |
26 | key: "{% for key in query('fileglob', 'public_keys/*.pub') %}{{ lookup('file', key) ~ '\n'}}{% endfor %}" |
27 | exclusive: true | |
5e186c3f | 28 | |
a517d31d MJ |
29 | - name: Remove ubuntu user |
30 | user: | |
31 | name: ubuntu | |
32 | state: absent | |
33 | remove: yes | |
34 | ||
422aaa6e MJ |
35 | - name: Remove debian user |
36 | user: | |
37 | name: debian | |
38 | state: absent | |
39 | remove: yes | |
40 | ||
33436c91 | 41 | - name: Create jenkins user |
83d6ed6c | 42 | when: jenkins_user | bool |
33436c91 MJ |
43 | user: |
44 | name: 'jenkins' | |
45 | ||
46 | - name: Set up authorized_keys for the jenkins user | |
83d6ed6c | 47 | when: jenkins_user | bool |
33436c91 MJ |
48 | authorized_key: |
49 | user: 'jenkins' | |
50 | key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDA3fwpioVLDoCQsQkYK5bOwPb8N0EXeYm2MleBQTfqxtKaqWWbmUtFXAiyclKHRspjcAiIKwwqLyhPopHBqJzmXnB0GsfGmxXJ6wSBgKJ4kdBVRM+nKlK0wCl1oQkFeV/Xl3jzt1Ey96XiNWlesfkvgcMCpsJzQ7/xRb9IcghskzlQbLOwDNir/156JgAYUYvOLqNCcE+xcgPxJGanfZDXTLkfBYxaeaB8isBPeEU6fhPvu/W055M1uB7E0qhcbFtuKCBu1Fg4jzsW4yDU8+ZB1b5mAXwEAuMbVGMrOf4rjtTpGpQd6XFsXpFT28NU1u5j2cUbtANJalkNDX/UY6XJ jenkins@ci-master-02' | |
51 | ||
a517d31d MJ |
52 | #- name: Create sudoers.d directory. |
53 | # file: | |
54 | # path: /etc/sudoers.d | |
55 | # owner: root | |
56 | # group: root | |
57 | # mode: 0755 | |
58 | # state: directory | |
59 | # | |
60 | #- name: Set includedir in /etc/sudoers. | |
61 | # lineinfile: | |
62 | # dest: /etc/sudoers | |
63 | # line: "#includedir /etc/sudoers.d" | |
64 | # state: present | |
65 | # validate: "/usr/sbin/visudo -cf %s" | |
66 | # | |
67 | #- name: Create jenkins sudoers file. | |
68 | # copy: | |
69 | # dest: "/etc/sudoers.d/jenkins" | |
70 | # content: "jenkins ALL=NOPASSWD: ALL" | |
71 | # mode: 0440 | |
72 | # owner: root | |
73 | # group: root | |
74 | # validate: "/usr/sbin/visudo -cf %s" | |
75 | ||
76 | - name: Remove jenkins sudoers file | |
3ea0152b | 77 | file: |
a517d31d MJ |
78 | path: "/etc/sudoers.d/jenkins" |
79 | state: absent |