1 changed files with 69 additions and 0 deletions
@ -0,0 +1,69 @@ |
|||
## -- this is all the basic ansible config to ensure it can begin pulling configs down. |
|||
|
|||
## --- firstly, we need our own ssh keys in authorized keys |
|||
## ++ no longer needed. |
|||
#cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys |
|||
|
|||
## -- add in a couple of keys here, just for backups |
|||
echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3Z5QcAbTioCTWahnGnLmv0Q5NLbBW6UjvPUAQIjGjt2ZtMndiqM5lMGHgu52i3by35vEXfqGweCzAeypgvLKMklWaJVKa0ZlYDZ+BmtovwYDrCLPHEMR3AgxkZKa7dqOrcQNsQ7iFMJ1OJc61eLlBOVEtDDFLzoaUtE1K9tYB86SXRmizNN8zigvb4yCVMG01rNvFvBhCKRItdvmVYtsWff8HYjaTyxwUTJVkrPHyv5H0J1f5S67fI2QjqttrOWVWs331DZ8lREbMxpys9Yx/Ig9zYve76NxDYhp7VeEP+yv8KIKl1YwhMWzrIBMg6I4bnnxQFmQLDLT8uzMHfL9cw== dave@quark.tombstones.org.uk" >> /root/.ssh/authorized_keys |
|||
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxF3WIKvNLH7upOzFMI9K6bNXa9nSQg7sxx2kUuorh6ok+nv9pNO5aTLF2VdRFhBgpqPmQPAjC0Cp7Xd2cdfx4jEA3jxgyaeSelQBBGtw0FlyOqsiYdxwsHcU6qjsppT1FVU4iXyiWqlSiH/94dBnhIH++Flf+qSweSUOiehZ9fS212Ee4ilKpqkZFbDQtnQHU37cdETXv0/3CyGSI9fxFRzK4npZhes7p6VRJliVu/u3OX/R2oqaE8WTvfXS9+hC1zp8PU7Gzx8bAzCxB8redzDnYbouG23A3hbhZvcMqenP9e5DuWu5FSEfngDYkQIl8OvMAxY75zNVPL1pRsA6p Dave@FENDER" >> /root/.ssh/authorized_keys |
|||
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCmO9RGpc0ASgD+bLMZOiQkWOnChsLOAdQXvhtb52+ZZpJvcMBRxYca3zbfGjY1O/9SjuHr1ynJU+2xkkA3X9OTbyX8jIctDrdgxtIOprSV9OJmm01DsafCMQ1lj2AweKG53kVzpq3+bZ+hFY/cbcoErlPFetkUaspaiFBdX8c36E+VM4+cvJB/KirLI7rXIxPDC8cAEIfe//9iwpQAr14OQP4MvlKySLKcquWk0WuLCkISiI6GYlyTWu91V/T3y7/AkmOyZWOgMlqqgqOGkSBctG/bM8LCydD4iQ9SRpw7x+pEocqnRPpRL2ua4qT25RJhIsxd9MyDOHAazV8Nwdo+c1Sa5gFAZIfsHDpJ7Drp/BFGYIszhFsCo76fUGpFRMAN4NR5v27dlX9xqaIt4al6L94asS8tOu/XH6qDgvyhQFmNh2HJiO1lACfgky1TEUXS8ugSa3x8FOdh0C5INUTAVUpmwSNs7f40gfyyDqwiYF6E9Gj2mvFIo+TeoGYWzfM= maarten@lilith" >> /root/.ssh/authorized_keys |
|||
|
|||
## -- set permissions correctly |
|||
chmod 600 /root/.ssh/authorized_keys |
|||
|
|||
## add remote SSH fingerprint for localhost: |
|||
# ssh-keyscan -H 127.0.0.1 >> /root/.ssh/known_hosts |
|||
## .. apparently "localhost" thought it was config.tombstones.org.uk... |
|||
|
|||
|
|||
## ============ ansible stuff =========== |
|||
## Ansible install |
|||
yum -y install ansible policycoreutils-python |
|||
|
|||
## now add some files in: |
|||
|
|||
cat << EODEP >> /etc/ansible/hosts |
|||
## -- add this in for ansible to be able to self-manage updates |
|||
[me] |
|||
localhost |
|||
EODEP |
|||
|
|||
#cat << EODEP >> /var/lib/ansible-managed/inventory.yaml |
|||
## -- add this in for ansible to be able to self-manage updates |
|||
#self: |
|||
# myself: |
|||
## hosts: |
|||
# ansible_host: localhost |
|||
#EODEP |
|||
|
|||
## pull down some files |
|||
cd /usr/local/sbin |
|||
|
|||
## -- seems wget was already installed... |
|||
wget https://config.tombstones.org.uk:23000/tombstones/files/raw/branch/master/usr.local.sbin/synch-from-repos.sh |
|||
wget https://config.tombstones.org.uk:23000/tombstones/files/raw/branch/master/usr.local.sbin/apply-ansible.sh |
|||
chmod 750 *.sh |
|||
|
|||
## --- now clone the repos accordingly... |
|||
|
|||
## -- this is where all the self-management stuff will lie |
|||
mkdir /var/lib/ansible |
|||
cd /var/lib/ansible |
|||
git clone deploy:/tombstones/10-ansible-common.git |
|||
|
|||
|
|||
## -- initial run |
|||
## -- seems it needs to be an absolute path |
|||
## .. but still didn't work. Cronned to run on reboot (as firewallD isn't running) |
|||
##/usr/local/sbin/apply-ansible.sh >> /var/log/ansible-init.log 2>&1 |
|||
|
|||
|
|||
#ansible-playbook albert-init.yaml >> /var/log/ansible-run.log |
|||
##ansible-playbook playbook.yaml >> /var/log/ansible-run.log |
|||
|
|||
## .. can use ansible-playbook *.yaml |
|||
## also need to cron this... |
|||
|
|||
## -- just to provide "netstat" |
|||
yum -y install net-tools |
|||
Loading…
Reference in new issue