majic-ansible-roles Files · roles/bootstrap/tasks/main.yml

Files @ 922cda0a1834

Branch filter:

Location: majic-ansible-roles/roles/bootstrap/tasks/main.yml

922cda0a1834 753 B text/x-yaml Show Annotation Show as Raw Download as Raw

branko

MAR-58: Updated roles, LDAP modules, and test site to be compatible with Ansible 2.0.x and 2.1.x. Switched from using sudo/sudo_user to become/become_user. Fixed referencing of variables within roles, mainly for with_items/with_dicts calls. Improved handling of options in ldap_entry module to avoid deprecation of passing dict-like arguments to ldap_entry module. Minor fix to ldap_permissions module.

---

- name: Install sudo
  apt: name=sudo state=installed

- name: Set-up the Ansible group
  group: name=ansible system=yes

- name: Set-up the Ansible user
  user: name=ansible system=yes group=ansible shell=/bin/bash

- name: Set-up authorized key for the Ansible user
  authorized_key: user=ansible key="{{ ansible_key }}"

- name: Set-up password-less sudo for the ansible user
  copy: src=ansible_sudo dest=/etc/sudoers.d/ansible mode=640 owner=root group=root

- name: Revoke rights for Ansible user to log-in as root to server via ssh
  authorized_key: user=root key="{{ ansible_key }}" state=absent

- name: Explicitly run all handlers
  include: ../handlers/main.yml
  when: "handlers | default(False) | bool() == True"
  tags:
    - handlers