From 5ca71615178dc1dc0f853df6bf9c991e6d50a286 Mon Sep 17 00:00:00 2001 From: Wojciech Kozlowski Date: Mon, 27 Feb 2023 21:10:28 +0100 Subject: [PATCH] Add tmux to music user --- playbooks/music.yml | 16 ++++---- .../roles/music/rip/meta/argument_specs.yml | 6 --- .../roles/music/rip/tasks/include/user.yml | 37 ------------------- playbooks/roles/music/rip/tasks/main.yml | 5 --- .../roles/music/user/meta/argument_specs.yml | 16 ++++++++ playbooks/roles/music/user/tasks/main.yml | 34 +++++++++++++++++ playbooks/system.yml | 2 + roles | 2 +- 8 files changed, 62 insertions(+), 56 deletions(-) delete mode 100644 playbooks/roles/music/rip/tasks/include/user.yml create mode 100644 playbooks/roles/music/user/meta/argument_specs.yml create mode 100644 playbooks/roles/music/user/tasks/main.yml diff --git a/playbooks/music.yml b/playbooks/music.yml index f95e6c1..348a112 100644 --- a/playbooks/music.yml +++ b/playbooks/music.yml @@ -4,15 +4,17 @@ roles: - role: "music/datasets" tags: "music:datasets" + - role: "music/user" + tags: "music:user" + vars: + music_user_public_key_file: "\ + {% if (the_nine_worlds_production | bool) %}\ + ~/.ssh/yggdrasil.pub\ + {% else %}\ + ~/.ssh/debian-virt.pub\ + {% endif %}" - role: "music/rip" tags: "music:rip" - vars: - music_rip_public_key_file: "\ - {% if (the_nine_worlds_production | bool) %}\ - ~/.ssh/yggdrasil.pub\ - {% else %}\ - ~/.ssh/debian-virt.pub\ - {% endif %}" - role: "backups/snapshots/user" vars: backups_snapshots_user_name: "{{ music_user_name }}" diff --git a/playbooks/roles/music/rip/meta/argument_specs.yml b/playbooks/roles/music/rip/meta/argument_specs.yml index 6649ec3..72ecaf2 100644 --- a/playbooks/roles/music/rip/meta/argument_specs.yml +++ b/playbooks/roles/music/rip/meta/argument_specs.yml @@ -5,9 +5,6 @@ argument_specs: music_user_name: type: "str" required: true - music_user_password: - type: "str" - required: true music_user_samba_password: type: "str" required: true @@ -17,6 +14,3 @@ argument_specs: music_user_data_directory: type: "str" required: true - music_rip_public_key_file: - type: "str" - required: true diff --git a/playbooks/roles/music/rip/tasks/include/user.yml b/playbooks/roles/music/rip/tasks/include/user.yml deleted file mode 100644 index 3e57a11..0000000 --- a/playbooks/roles/music/rip/tasks/include/user.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -- name: "user : create user" - ansible.builtin.user: - name: "{{ music_user_name }}" - create_home: true - home: "{{ music_user_home_directory }}" - password: "{{ music_user_password }}" - register: music_rip_user_create - -- name: "rip : set default shell" - ansible.builtin.user: - name: "{{ music_user_name }}" - shell: "/usr/bin/bash" - -- block: - - - name: "user : set home directory ownership" - ansible.builtin.file: - path: "{{ music_user_home_directory }}" - state: "directory" - owner: "{{ music_user_name }}" - group: "{{ music_user_name }}" - recurse: true - - - name: "user : ensure XDG_RUNTIME_DIR is set" - ansible.builtin.shell: | - echo '\nexport XDG_RUNTIME_DIR=/run/user/$(id -u)' >> \ - {{ music_user_home_directory }}/.bashrc - - when: - music_rip_user_create.changed - -- name: "user : set authorized key" - ansible.posix.authorized_key: - user: "{{ music_user_name }}" - state: "present" - key: "{{ lookup('ansible.builtin.file', music_rip_public_key_file) }}" diff --git a/playbooks/roles/music/rip/tasks/main.yml b/playbooks/roles/music/rip/tasks/main.yml index 79e4351..3042178 100644 --- a/playbooks/roles/music/rip/tasks/main.yml +++ b/playbooks/roles/music/rip/tasks/main.yml @@ -1,9 +1,4 @@ --- -- name: "play:music : role:rip : tasks:user" - ansible.builtin.import_tasks: "include/user.yml" - tags: - - "music:rip:user" - - name: "play:music : role:rip : tasks:directories" ansible.builtin.import_tasks: "include/directories.yml" tags: diff --git a/playbooks/roles/music/user/meta/argument_specs.yml b/playbooks/roles/music/user/meta/argument_specs.yml new file mode 100644 index 0000000..a734064 --- /dev/null +++ b/playbooks/roles/music/user/meta/argument_specs.yml @@ -0,0 +1,16 @@ +--- +argument_specs: + main: + options: + music_user_name: + type: "str" + required: true + music_user_password: + type: "str" + required: true + music_user_home_directory: + type: "str" + required: true + music_user_public_key_file: + type: "str" + required: true diff --git a/playbooks/roles/music/user/tasks/main.yml b/playbooks/roles/music/user/tasks/main.yml new file mode 100644 index 0000000..273a8cc --- /dev/null +++ b/playbooks/roles/music/user/tasks/main.yml @@ -0,0 +1,34 @@ +--- +- name: "create user" + ansible.builtin.user: + name: "{{ music_user_name }}" + create_home: true + home: "{{ music_user_home_directory }}" + password: "{{ music_user_password }}" + register: music_user_create + +- name: "set default shell" + ansible.builtin.user: + name: "{{ music_user_name }}" + shell: "/usr/bin/bash" + +- name: "set home directory ownership" + ansible.builtin.file: + path: "{{ music_user_home_directory }}" + state: "directory" + owner: "{{ music_user_name }}" + group: "{{ music_user_name }}" + recurse: true + when: + music_user_create.changed + +- ansible.builtin.import_role: + name: "system/base/user" + vars: + system_base_user_become_user: "{{ music_user_name }}" + +- name: "set authorized key" + ansible.posix.authorized_key: + user: "{{ music_user_name }}" + state: "present" + key: "{{ lookup('ansible.builtin.file', music_user_public_key_file) }}" diff --git a/playbooks/system.yml b/playbooks/system.yml index 167fce4..5ae8f86 100644 --- a/playbooks/system.yml +++ b/playbooks/system.yml @@ -98,6 +98,8 @@ tags: - "system:base" - "system:base:user" + vars: + system_base_user_become_user: "{{ system_base_ssh_user }}" - name: "system : asgard:&zfs" hosts: "asgard:&zfs" diff --git a/roles b/roles index 483780a..e91babd 160000 --- a/roles +++ b/roles @@ -1 +1 @@ -Subproject commit 483780a828ed5d2b8a197bbf1c8270a9c994f00d +Subproject commit e91babde35eb600750e0dad30e28c4f0b4455e8e