setup generic ffmwu server
This commit is contained in:
parent
7f3a15b821
commit
88fc423cc1
6 changed files with 54 additions and 22 deletions
10
ffmwu-servers.yml
Executable file
10
ffmwu-servers.yml
Executable file
|
@ -0,0 +1,10 @@
|
|||
#!/usr/bin/ansible-playbook
|
||||
---
|
||||
|
||||
#- hosts: ff-servers
|
||||
- hosts: wasserfloh.freifunk-mwu.de
|
||||
remote_user: admin
|
||||
strategy: linear
|
||||
|
||||
roles:
|
||||
- ffmwu-server
|
23
roles/ffmwu-prereqs/tasks/main.yml
Executable file
23
roles/ffmwu-prereqs/tasks/main.yml
Executable file
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
|
||||
- name: assert IPv4 DNS entry
|
||||
local_action: shell dig A {{ inventory_hostname }} | egrep '^{{ inventory_hostname }}'
|
||||
changed_when: False
|
||||
|
||||
- name: assert IPv6 DNS entry
|
||||
local_action: shell dig AAAA {{ inventory_hostname }} | egrep '^{{ inventory_hostname }}'
|
||||
changed_when: False
|
||||
|
||||
- name: test access to admin account (ssh key neccessary!)
|
||||
command: "true"
|
||||
changed_when: False
|
||||
|
||||
- name: test access to root account
|
||||
command: "true"
|
||||
changed_when: False
|
||||
become: True
|
||||
become_user: root
|
||||
|
||||
- name: fail on wrong OS type and version # TODO: include debian
|
||||
fail: msg="unsupported OS type or version - {{ ansible_distribution }} {{ ansible_distribution_major_version }}"
|
||||
when: not ( ansible_distribution=="Ubuntu" and ansible_distribution_major_version|int==14 )
|
3
roles/ffmwu-server/meta/main.yml
Normal file
3
roles/ffmwu-server/meta/main.yml
Normal file
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
dependencies:
|
||||
- ffmwu-prereqs
|
5
roles/ffmwu-server/tasks/main.yml
Normal file
5
roles/ffmwu-server/tasks/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
|
||||
- name: ensure all wanted ssh keys exclusively
|
||||
authorized_key: exclusive=True state=present user=admin
|
||||
key={{ mwu_s_admin_keys }}
|
11
roles/ffmwu-server/vars/main.yml
Normal file
11
roles/ffmwu-server/vars/main.yml
Normal file
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
|
||||
mwu_s_admin_keys: |
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEA2ProGXZXgOu1qAkY1COL4vvIdMpBAi/eg7/SvQRUrm1H8typyJHJPOvaMO8ozm9r4HQ7hZRL6Mf25IhTx9HFvlKwEbMpqUrIudBV/r07E0q4fjWWEY3OTUjSOUkArviKnYzhM8zYD9pSq6gXcCBXVGgNZsIEIeESvct/p8gB2dPI0DB81HEimCWHu1ge6KqClukxQZtmszT8rQZKWFK/yJkEBdAJtfcZSJg0IhqfJ7Zhuu4qPc8uAy7EkdsaidbU09tWVxdhHD27JAh3gFr62f+L4D9OKhl96sopEqkJmsYQe9GgjoUiKYD4DAvOWU3MmNsgc6xwRmgsaYcQaHVZEy/uF2XCLN1Ahq6UI6R/RDrMkxNVR+AF6BKagPGiId9UTNWM1BvARAMBjakptW6rU3Bwb8In3vItQT9rhG6RQcCBuAqLphXXqlGNsPDeY1E/T9uYRfeS6MIE+3VwuC2Q/NVWMXa2np9JgCjC29ur1w1+BiBeU3iwv+shHqq0zoNyX/EizkPuG8IyK1MrVY1sOUVcQzFFV+PMn8DMWgJpm0eeXJyxa3KBTovtINsFCWfDWtojkB0aC5/XKZAbVC4pOKNRROctRpcdLERNqV9dZ5TkIriB1N2/Z48hjQPimjlFrR8+v1pt37YP/2lvAbOf1sTysu8ey9pFTt7jiiTR5NM= kaba
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9iZOonZ/WGmtgpZgs9vibpq6HJhpvuciBa8vzjysIYYiqNGgLvtZxw/2Af0/ykTdsP09A28RVGJXel6u8I2b16a0e+H2yBbUn8pXFow8xODPXezN0J/U7CDb8mRF9SkBJEzqVt1ndchJWU/qTi/nqbPfNaurB8EXkIDGcmDiCci25RVBDUvSSQBP+XIxQICJgeJ66CYcrD1Sry65H8tVSsWr6+fruNFZQRYyxAFu/7wW3J/RfFJQJFF9WNRzspChsjYRqrYdZCCx6GZ0qQxK4hwqfVbv3cPjZGFfcLrQaOCUMIiDUVEVmmdp0phE7eYDYewxD2Yaw1+fIJ+hWal6F moritz@wwwserv.de
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAgwquzleAfo0ZccCikwh9aD0cBA0XrvEmQIB06XUUyn kokel
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGom9IEjz5utkAWg2wSm0uk+JC0A2tFlz2coAAvA2/An prisma@oimelmobil
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQD4s/bIf+tU8/3ClsC3D6Rw7+9lr6Jmt0E1e6S+UVlKGJU9cvYNSQGSKpm7lCaIVUe+j4I4BES/Bkj+ZXvKIpUGTx7R/YnwO+95pS/oiu73QyBORnTeuBfCtz5eQJurD/9Z9OV5VtkleKVGSVwTeiBV+aKD1CrKYLiu5PGxyZsv981TZ6G2uxO3VG+M2OXd0ARV6/Lb5Aw8Xw9bHA4WqVKE6RFVb8va/E+O0hZO0q0ww57P3pfrReSozkZAv7tk/o4wTl+4sPMWhvi/X+KBvHkeiz5lo6eFSZfXzmCTvO8Xb6T8fgMf6fYWUr9+DpmYvjZ5/bBPojbhkQ09JyEirocueYxBqZM7riOeVYG7I941TIWiBpeACv+eGZMFYYNhb8zLW4/Oozk1CKs0Axb3B227+HXWkuB3lh2GKPQBS6lgRWsoCrHGzH1HGLDlt1ucAOwQgI5gJFY+SEjAe7pW+namiR33QaWqoksozwqJCK/1sRB2YUkW5wQ8+YW1hBoudly8sYXxBnwhXygduCmzGAhlTyUN2oLr8X+5UW2jo6jdON1WH8mENfPJc4OSEU1ZHOzeg0d5/48GzrIWWDE9wJzjagLYLA9vK763gM16Y0tG7ZXA5x2UfS1FGM5Yv+jcn0qagBS/bAI27Sa4ZuXXrrBpzzUrEcf/34w63X003PQi3Q== ungenannter@niki
|
||||
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAEo1sehLaRTeibVbUVuwRQyw7Zi58AzfqGwwRVUKejBWVDqZrFdxP6BpK9BqeVSo46n+Z5RJtOFU+F7wTsMPdRnbwHO/ZOljWV/RoKrNU3ZMRZnI3WWGT4u6zrmkO3rdLshLk8Z5lGIKJQg/vaqUbsHHgPI5BmDxfVyXM70M3922lx41w== juventas
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTwobxZo1wyRFUDZ32jM9AvCDUMTghSDAQMdffOrOaD8AAvVuaFzR6/yNvPHUhMOIb4CQPnaXGiTYumXRXRJrA9X2AgMSRuubySrpwkqRIje9HvQ1WfDdo4OWPYj/ArAlgxUqmLAyEjolmM8TY2aRvCPCrtE39oFfx5eCfLGkh0hn6wOGN7Gz8bh8P9n10ihYLrHhQsjEplXOX28b+9UojjjZX0Sfwk82u+/8f1y3ebT6kcPQx5OKqWU2GGbLgOOptkrguSu+vmF4KyxR9ayEqY2OpNdr7G+xp+4DC1pJhnIWq+GbcsH8xQVMDZPYaUjJQOiduRB0U5CqclSc22d39 belzebub
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/aWNpOlttng5NKzYCnSAIYacPxTB9n9DeUNBmJVC6qd8OTSgAQxYAy4xezgGoNZVDHzIo7ptZgo15XUf4kNQ/p7Qcc4zR5N6ZixY38ZVMMOcxy8bZxVZ7FJBfkLQ3N7Kk1CSXYcxfa0uW9PXkODyatXjeNRNPSxmdNeNdvCMhWmxZDBTM5qwO75SgxmoY3PfCji0Q7hy8guUVVkK0LajPGfKNZ4hyCh0fvi9cSkfzsCbWhcA+eflpgpbQMNXpSVWXcMNViKkIAOjxLQgIgT8tVvM36Rphgit8fF6xt1r8z+KaGzS2M8BVn9vsN7eHulv9vtENsm9pO3eo+5io/DPDgp/ThaRj7BohRlm7a18Mg3Gbe0Tq1LWHI3uTiHSL9sstwUpjND9AeB2NAtq0qHyECIGrnjXwULa7gwcgodE0TA2lLgWaZeUKrsQ//SWgZmOzEQjDVKMiOTSxzkQ2b37XUuYyQXXDuAzE3ksBNeySLWotEBUHuryePEfouV/l7+fbeFDxidZbT9OXB1JnLWyrCLD9V2oRZmE+wKYOagvlj8FY+q+xlL84QUKof0Ati80YoBkfgveEbQPgR7jhOh/V3fqz2DdceAhRHXTwf7SWTYSHyntXKD0o/2ZOHZHKgu0NuUmpaOnf/jyltrlRTqk9IO/vGxsfVub1sBSBPP7IwQ== stonie
|
|
@ -5,25 +5,5 @@
|
|||
remote_user: admin
|
||||
strategy: free
|
||||
|
||||
tasks:
|
||||
- name: assert IPv4 DNS entry
|
||||
local_action: shell dig A {{ inventory_hostname }} | egrep '^{{ inventory_hostname }}'
|
||||
changed_when: False
|
||||
|
||||
- name: assert IPv6 DNS entry
|
||||
local_action: shell dig AAAA {{ inventory_hostname }} | egrep '^{{ inventory_hostname }}'
|
||||
changed_when: False
|
||||
|
||||
- name: test access to admin account (ssh key neccessary!)
|
||||
command: "true"
|
||||
changed_when: False
|
||||
|
||||
- name: test access to root account
|
||||
command: "true"
|
||||
changed_when: False
|
||||
become: True
|
||||
become_user: root
|
||||
|
||||
- name: fail on wrong OS type and version # TODO: include debian
|
||||
fail: msg="unsupported OS type or version - {{ ansible_distribution }} {{ ansible_distribution_major_version }}"
|
||||
when: not ( ansible_distribution=="Ubuntu" and ansible_distribution_major_version|int==14 )
|
||||
roles:
|
||||
- ffmwu-prereqs
|
||||
|
|
Loading…
Reference in a new issue