-
Notifications
You must be signed in to change notification settings - Fork 3
/
site-prepare.yml
96 lines (77 loc) · 3.48 KB
/
site-prepare.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
---
- hosts: all
user: tchpc
sudo: True
tasks:
- authorized_key: user=tchpc key="{{ lookup('file', '~/.ssh/id_rsa.pub' ) }}" state=present
- group_by: key="{{ansible_distribution_release}}"
- hosts: Carbon
sudo: True
user: tchpc
#accelerate: True
pre_tasks:
#- user: name=root state=present password={{ rootpw }}
#- authorized_key: user=tchpc key='$FILE(../private/keys/{{ item }}.pub )' state=present
- authorized_key: user=tchpc key="{{ lookup('file', '../private/keys/' + item + '.pub' ) }}" state=present
with_items: users
- copy: src=files/sudoers.d-root-tchpc dest=/etc/sudoers.d/user-tchpc owner=root group=root mode=0440
roles:
- proxy
- common
- hosts: precise
sudo: True
user: tchpc
#accelerate: True
pre_tasks:
- user: name=root state=present password={{ rootpw }}
- user: name=tchpc state=present password={{ rootpw }}
#- authorized_key: user=tchpc key='$FILE(../private/keys/{{ item }}.pub )' state=present
- authorized_key: user=tchpc key="{{ lookup('file', '../private/keys/' + item + '.pub' ) }}" state=present
with_items: users
- authorized_key: user=vagrant key="{{ lookup('file', '../private/keys/' + item + '.pub' ) }}" state=present
with_items: users
ignore_errors: True
- authorized_key: user=root key="{{ lookup('file', '../private/keys/' + item + '.pub' ) }}" state=present
with_items: sudo_users
- copy: src=files/sudoers.d-root-tchpc dest=/etc/sudoers.d/user-tchpc owner=root group=root mode=0440
#- apt: update_cache=yes cache_valid_time=3600
roles:
- proxy
- common
- hosts: passenger
sudo: True
user: tchpc
#accelerate: True
tasks:
- copy: src=/srv/infrastructure/private/keys/dri-deploy dest=/home/{{rvm_user}}/.ssh/id_rsa owner={{rvm_user}} group={{rvm_user}} mode=0600
- copy: src=/srv/infrastructure/private/keys/dri-deploy.pub dest=/home/{{rvm_user}}/.ssh/id_rsa.pub owner={{rvm_user}} group={{rvm_user}} mode=0600
- hosts: nuig_rnag;radosgw;inspire_ireland
sudo: True
user: tchpc
#accelerate: True
tasks:
- authorized_key: user={{rvm_user}} key="{{ lookup('file', '/srv/infrastructure/private/keys/dri-deploy.pub') }}"
ignore_errors: True
- template: src=files/insecure_config_proxy dest=/home/{{rvm_user}}/.ssh/config mode=0600 owner={{rvm_user}} group={{rvm_user}}
ignore_errors: True
- authorized_key: user=root key="{{ lookup('file', '/srv/infrastructure/private/keys/dri-deploy.pub') }}"
- authorized_key: user=tchpc key="{{ lookup('file', '/srv/infrastructure/private/keys/dri-deploy.pub') }}"
- hosts: buildbot-master;buildbot-slave
sudo: True
user: tchpc
#accelerate: True
tasks:
- template: src=templates/hosts.buildbot dest=/home/{{rvm_user}}/hosts.buildbot owner={{rvm_user}} group={{rvm_user}} mode=0600
- file: path=/srv/infrastructure/private/shibboleth state=directory owner={{rvm_user}} group={{rvm_user}}
- copy: src=/srv/infrastructure/private/shibboleth/{{item}} dest=/srv/infrastructure/private/shibboleth/{{item}} owner={{rvm_user}} group={{rvm_user}}
with_items:
- idp.crt
- idp.jks
- idp.key
- idp-metadata.xml
- saml.crt
- saml.pem
- file: path=/srv/infrastructure/private/ceph state=directory owner={{rvm_user}} group={{rvm_user}}
- copy: src=/srv/infrastructure/private/ceph/{{item}} dest=/srv/infrastructure/private/ceph/{{item}} owner={{rvm_user}} group={{rvm_user}}
with_items:
- keyring.dri-hydrahead