|
6 | 6 | git_user: Utkarsh Upadhyay |
7 | 7 | git_email: musically.ut@gmail.com |
8 | 8 |
|
| 9 | + sshd: ssh |
| 10 | + sshd_config: /etc/ssh/sshd_config |
| 11 | + |
| 12 | + handlers: |
| 13 | + - name: restart sshd |
| 14 | + service: name=sshd state=restarted |
| 15 | + |
9 | 16 | tasks: |
10 | | - |
| 17 | + |
11 | 18 | # User management |
12 | 19 |
|
13 | 20 | - name: Install sudo |
14 | 21 | package: |
15 | 22 | name: sudo |
16 | 23 | state: present |
| 24 | + tags: |
| 25 | + - user |
17 | 26 |
|
18 | 27 | - name: Make sure we have a 'wheel' group |
19 | 28 | group: |
20 | 29 | name: wheel |
21 | 30 | state: present |
| 31 | + tags: |
| 32 | + - user |
22 | 33 |
|
23 | 34 | - name: Allow 'wheel' group to have passwordless sudo |
24 | 35 | lineinfile: |
|
27 | 38 | regexp: '^%wheel' |
28 | 39 | line: '%wheel ALL=(ALL) NOPASSWD: ALL' |
29 | 40 | validate: 'visudo -cf %s' |
| 41 | + tags: |
| 42 | + - user |
30 | 43 |
|
31 | 44 | - name: "Create/add {{ user_name }} to wheel group" |
32 | | - user: |
| 45 | + user: |
33 | 46 | name: "{{ user_name }}" |
34 | | - groups: wheel |
| 47 | + groups: wheel |
35 | 48 | shell: /bin/bash |
36 | | - append: yes |
37 | | - state: present |
| 49 | + append: yes |
| 50 | + state: present |
38 | 51 | createhome: yes |
| 52 | + tags: |
| 53 | + - user |
39 | 54 |
|
40 | 55 | - name: "Set up authorized keys for the {{ user_name }} user" |
41 | | - authorized_key: |
| 56 | + authorized_key: |
42 | 57 | user: "{{ user_name }}" |
43 | 58 | key: "{{ item }}" |
44 | 59 | with_file: |
45 | 60 | - keys/id_ed25519.pub |
| 61 | + tags: |
| 62 | + - user |
| 63 | + |
| 64 | + - name: Disable empty password login |
| 65 | + lineinfile: dest={{ sshd_config }} regexp="^#?PermitEmptyPasswords" line="PermitEmptyPasswords no" |
| 66 | + notify: restart sshd |
| 67 | + tags: |
| 68 | + - user |
| 69 | + |
| 70 | + - name: Disable remote root login |
| 71 | + lineinfile: dest={{ sshd_config }} regexp="^#?PermitRootLogin" line="PermitRootLogin no" |
| 72 | + notify: restart sshd |
| 73 | + tags: |
| 74 | + - user |
| 75 | + |
| 76 | + - name: Disable password login |
| 77 | + lineinfile: dest={{ sshd_config }} regexp="^(#\s*)?PasswordAuthentication " line="PasswordAuthentication no" |
| 78 | + notify: restart sshd |
| 79 | + tags: |
| 80 | + - user |
46 | 81 |
|
47 | 82 | # Install dev tools |
48 | 83 |
|
49 | 84 | - name: Install VIM |
50 | 85 | package: |
51 | 86 | name: vim |
52 | 87 | state: present |
| 88 | + tags: |
| 89 | + - dev |
53 | 90 |
|
54 | 91 | - name: Install git |
55 | 92 | package: |
56 | 93 | name: git |
57 | 94 | state: present |
| 95 | + tags: |
| 96 | + - dev |
58 | 97 |
|
59 | 98 | - name: Install tmux |
60 | 99 | package: |
61 | 100 | name: tmux |
62 | 101 | state: present |
| 102 | + tags: |
| 103 | + - dev |
63 | 104 |
|
64 | 105 | - name: Install htop |
65 | 106 | package: |
66 | 107 | name: htop |
67 | 108 | state: present |
| 109 | + tags: |
| 110 | + - dev |
68 | 111 |
|
69 | 112 | - name: Ensure local/z dir exists |
70 | 113 | become: true |
71 | 114 | become_user: "{{ user_name }}" |
72 | | - file: |
| 115 | + file: |
73 | 116 | path: "/home/{{ user_name }}/.local/z" |
74 | 117 | state: directory |
| 118 | + tags: |
| 119 | + - dev |
75 | 120 |
|
76 | 121 | - name: Install z.sh |
77 | 122 | become: true |
78 | 123 | become_user: "{{ user_name }}" |
79 | | - get_url: |
| 124 | + get_url: |
80 | 125 | url: https://raw.githubusercontent.com/rupa/z/master/z.sh |
81 | 126 | dest: "/home/{{ user_name }}/.local/z/z.sh" |
| 127 | + tags: |
| 128 | + - dev |
82 | 129 |
|
83 | 130 | - name: Install nvm.sh |
84 | 131 | become: true |
|
88 | 135 | args: |
89 | 136 | warn: false |
90 | 137 | creates: "/home/{{ user_name }}/.nvm/nvm.sh" |
| 138 | + tags: |
| 139 | + - dev |
91 | 140 |
|
92 | 141 | - name: Install Node 12 |
93 | 142 | become_user: "{{ user_name }}" |
|
97 | 146 | args: |
98 | 147 | creates: "/home/{{ user_name }}/.nvm/versions/node/v12*" |
99 | 148 | executable: bash |
| 149 | + tags: |
| 150 | + - dev |
100 | 151 |
|
101 | 152 | # Prepare VIM |
102 | 153 |
|
|
107 | 158 | args: |
108 | 159 | warn: false |
109 | 160 | creates: "/home/{{ user_name }}/.vim/autoload/plug.vim" |
| 161 | + tags: |
| 162 | + - dev |
110 | 163 |
|
111 | 164 | # Copy configuration files |
112 | 165 |
|
|
115 | 168 | src: dotfiles/vimrc |
116 | 169 | dest: "/home/{{ user_name }}/.vimrc" |
117 | 170 | owner: "{{ user_name }}" |
| 171 | + tags: |
| 172 | + - dev |
118 | 173 |
|
119 | 174 | - name: Install vim plugins |
120 | 175 | become: true |
121 | 176 | become_user: "{{ user_name }}" |
122 | 177 | shell: "vim +PlugInstall +qall" |
| 178 | + tags: |
| 179 | + - dev |
123 | 180 |
|
124 | 181 | - name: Copy bashrc |
125 | 182 | copy: |
126 | 183 | src: dotfiles/bashrc |
127 | 184 | dest: "/home/{{ user_name }}/.bashrc" |
128 | 185 | owner: "{{ user_name }}" |
| 186 | + tags: |
| 187 | + - dev |
129 | 188 |
|
130 | 189 | - name: Copy tmux.conf |
131 | 190 | copy: |
132 | 191 | src: dotfiles/tmux.conf |
133 | 192 | dest: "/home/{{ user_name }}/.tmux.conf" |
134 | 193 | owner: "{{ user_name }}" |
| 194 | + tags: |
| 195 | + - dev |
135 | 196 |
|
136 | 197 | - name: Copy gitconfig |
137 | 198 | copy: |
138 | 199 | src: dotfiles/gitconfig |
139 | 200 | dest: "/home/{{ user_name }}/.gitconfig" |
140 | 201 | owner: "{{ user_name }}" |
| 202 | + tags: |
| 203 | + - dev |
141 | 204 |
|
142 | 205 | - name: Fix user's full name in gitconfig |
143 | 206 | become_user: "{{ user_name }}" |
144 | 207 | become: true |
145 | 208 | shell: "git config --global user.name '{{ git_user }}'" |
| 209 | + tags: |
| 210 | + - dev |
146 | 211 |
|
147 | 212 | - name: Fix user's email in gitconfig |
148 | 213 | become_user: "{{ user_name }}" |
149 | 214 | become: true |
150 | 215 | shell: "git config --global user.email '{{ git_email }}'" |
| 216 | + tags: |
| 217 | + - dev |
151 | 218 |
|
152 | 219 | - name: Copy gitignore |
153 | 220 | copy: |
154 | 221 | src: dotfiles/gitignore |
155 | 222 | dest: "/home/{{ user_name }}/.gitignore" |
156 | 223 | owner: "{{ user_name }}" |
| 224 | + tags: |
| 225 | + - dev |
157 | 226 |
|
158 | 227 | - name: Ensure ~/bin dir exists |
159 | 228 | become: true |
160 | 229 | become_user: "{{ user_name }}" |
161 | | - file: |
| 230 | + file: |
162 | 231 | path: "/home/{{ user_name }}/bin" |
163 | 232 | state: directory |
| 233 | + tags: |
| 234 | + - dev |
164 | 235 |
|
165 | 236 | - name: Copy conda.sh |
166 | 237 | copy: |
167 | 238 | src: dotfiles/conda.sh |
168 | 239 | dest: "/home/{{ user_name }}/bin/conda.sh" |
169 | 240 | owner: "{{ user_name }}" |
| 241 | + tags: |
| 242 | + - dev |
| 243 | + |
170 | 244 |
|
171 | | - |
172 | 245 | # Install powerline fonts |
173 | 246 |
|
174 | 247 | - name: Fetch Powerline fonts |
175 | 248 | become: true |
176 | 249 | become_user: "{{ user_name }}" |
177 | | - git: |
| 250 | + git: |
178 | 251 | repo: https://github.com/powerline/fonts.git |
179 | 252 | dest: "/home/{{ user_name }}/powerline-fonts" |
| 253 | + tags: |
| 254 | + - dev |
180 | 255 |
|
181 | 256 | - name: Install fonts |
182 | 257 | become: true |
183 | 258 | become_user: "{{ user_name }}" |
184 | 259 | shell: ./install.sh |
185 | | - args: |
| 260 | + args: |
186 | 261 | chdir: "/home/{{ user_name }}/powerline-fonts" |
187 | 262 | creates: "/home/{{ user_name }}/.local/share/fonts/Anonymice Powerline.ttf" |
| 263 | + tags: |
| 264 | + - dev |
| 265 | + |
188 | 266 |
|
189 | | - |
190 | 267 | # Install Miniconda.sh |
191 | | - |
| 268 | + |
192 | 269 | - name: Download miniconda |
193 | 270 | become: true |
194 | 271 | become_user: "{{ user_name }}" |
195 | | - get_url: |
| 272 | + get_url: |
196 | 273 | url: https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh |
197 | 274 | dest: "/home/{{ user_name }}/miniconda.sh" |
| 275 | + tags: |
| 276 | + - dev |
198 | 277 |
|
199 | 278 | - name: Install miniconda |
200 | 279 | become: true |
201 | 280 | become_user: "{{ user_name }}" |
202 | 281 | shell: "bash /home/{{ user_name }}/miniconda.sh -b -p /home/{{ user_name }}/miniconda3" |
203 | 282 | args: |
204 | 283 | creates: "/home/{{ user_name }}/miniconda3" |
| 284 | + tags: |
| 285 | + - dev |
0 commit comments