forked from larroy/ec2_launch_scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathplaybook.yml
163 lines (136 loc) · 3.5 KB
/
playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
--- # Ansible playbook to provision instances for myself
- name: provisioning with Ansible
hosts: all
gather_facts: no
become: true
become_user: root
tasks:
# - apt: {update_cache: yes}
- apt:
dpkg_options: 'force-confold,force-confdef'
name:
- vim-nox
- fish
- nmon
- silversearcher-ag
- tree
- git
- openssh-client
- bwm-ng
- htop
# - openjdk-9-jdk-headless
- python3-virtualenv
- python3-pip
- mc
- links
- lynx
- iptables-persistent
- nmap
- build-essential
- cmake
- ninja-build
- curl
- libatlas-base-dev
- libjemalloc-dev
- liblapack-dev
- libopenblas-dev
- libopencv-dev
- libzmq3-dev
- software-properties-common
- sudo
- unzip
- wget
- sysstat
- awscli
- apt:
state: absent
name:
- btrfs-progs
- btrfs-tools
#
# Wait for raid setup to finish
#
- name: Wait for userdata to finish
wait_for:
path: /tmp/userdata_complete
state: present
timeout: 1200
sleep: 3
#
# User setup
#
- name: Add wheel group
group:
name: wheel
state: present
- name: Add user {{ user_name }} to group wheel
user:
name: "{{ user_name }}"
groups: wheel
shell: /bin/bash
- name: sync homedir/ to /home/{{ user_name }}
synchronize:
src: homedir/
dest: /home/{{ user_name }}/
- name: Configure /home/{{ user_name }}
file:
path: /home/{{ user_name }}
recurse: yes
owner: "{{ user_name }}"
group: "{{ user_name }}"
- name: Set authorized key taken from file
authorized_key:
user: "{{ user_name }}"
state: present
key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}"
- file:
path: /home/{{ user_name }}/.ssh/
mode: 0700
# - file:
# path: /home/{{ user_name }}/.ssh/id_rsa
# mode: 0600
- name: set permissions in /home/{{ user_name }}/bin
file:
path: /home/{{ user_name }}/bin
mode: "u=rwx,g=rx,o=rx"
recurse: yes
- name: Allow 'wheel' group to have passwordless sudo
lineinfile:
dest: /etc/sudoers
state: present
regexp: '^%wheel'
line: '%wheel ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'
#
# Docker Install
#
- command: lsb_release -cs
register: lsb_release
- debug:
msg: "{{ lsb_release.stdout }}"
- apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
- apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ lsb_release.stdout }} stable
- name: Create new docker data folder in /home/docker (uses ephemeral storage)
file:
path: /home/docker
state: directory
- name: Put docker images folder in /home
mount:
path: /var/lib/docker
src: /home/docker
fstype: none
opts: bind
state: mounted
- apt:
name:
- docker-ce
- user:
name: "{{ user_name }}"
groups: docker
append: yes
- pip:
name: docker
executable: pip3
- apt: autoremove=yes