65 lines
1.5 KiB
YAML
65 lines
1.5 KiB
YAML
|
---
|
||
|
|
|
||
|
|
- name: Install the package
|
||
|
|
become: true
|
||
|
|
ignore_errors: true
|
||
|
|
package:
|
||
|
|
name: Aether
|
||
|
|
state: present
|
||
|
|
|
||
|
|
- name: Validate the user
|
||
|
|
vars:
|
||
|
|
service_account: aether
|
||
|
|
include_tasks: ../roles/common/service_account.yml
|
||
|
|
|
||
|
|
- name: Ensure the Aether identity is protected.
|
||
|
|
become: true
|
||
|
|
file:
|
||
|
|
path: "{{ item }}"
|
||
|
|
state: directory
|
||
|
|
owner: aether
|
||
|
|
group: aether
|
||
|
|
mode: 0700
|
||
|
|
loop:
|
||
|
|
- /home/aether/.ssh
|
||
|
|
- /usr/local/etc/Aether
|
||
|
|
- /usr/local/etc/Aether/backup-entries
|
||
|
|
- /usr/local/backup
|
||
|
|
|
||
|
|
- name: Ensure the Aether identity exists
|
||
|
|
delegate_to: Core # Core will track the identity that will then be shared to everyone else.
|
||
|
|
become: true
|
||
|
|
command:
|
||
|
|
creates: /home/aether/.ssh/aether
|
||
|
|
chdir: /home/aether/.ssh/
|
||
|
|
cmd: ssh-keygen -t ed25519 -N "" -f ./aether
|
||
|
|
|
||
|
|
- name: Read the Aether identity
|
||
|
|
become: true
|
||
|
|
delegate_to: Core
|
||
|
|
command: cat /home/aether/.ssh/aether
|
||
|
|
register: aether_key
|
||
|
|
|
||
|
|
- name: Read the Aether public identity
|
||
|
|
become: true
|
||
|
|
delegate_to: Core
|
||
|
|
command: cat /home/aether/.ssh/aether.pub
|
||
|
|
register: aether_pubkey
|
||
|
|
|
||
|
|
- include_tasks: source.yml
|
||
|
|
when: "{{ inventory_hostname }} is 'Core'"
|
||
|
|
|
||
|
|
- include_tasks: client.yml
|
||
|
|
when: "{{ inventory_hostname }} is 'Core'"
|
||
|
|
|
||
|
|
- name: Ensure the Aether identity files are protected.
|
||
|
|
become: true
|
||
|
|
file:
|
||
|
|
path: "{{ item }}"
|
||
|
|
owner: aether
|
||
|
|
group: aether
|
||
|
|
mode: 0600
|
||
|
|
loop:
|
||
|
|
- /home/aether/.ssh/aether
|
||
|
|
- /home/aether/.ssh/aether.pub
|