123 lines
2.6 KiB
YAML
123 lines
2.6 KiB
YAML
# Dependencies
|
|
- name: install necessary packages
|
|
apt: name='{{ item }}' state=latest
|
|
with_items:
|
|
- reprepro
|
|
- dpkg-sig
|
|
- gpgv2
|
|
become: true
|
|
|
|
- name: create groups
|
|
group: name="{{ item }}"
|
|
with_items:
|
|
- '{{ reprepro_users }}'
|
|
- '{{ package_group }}'
|
|
become: true
|
|
|
|
- name: create users
|
|
user:
|
|
name="{{ item }}"
|
|
shell=/bin/bash
|
|
home="/home/{{ item }}"
|
|
createhome=yes
|
|
group="{{ package_group }}"
|
|
state=present
|
|
with_items:
|
|
- '{{ reprepro_users }}'
|
|
become: true
|
|
|
|
- name: unarchive the gnupg key ring
|
|
unarchive:
|
|
src: ../files/gnupg.tgz
|
|
dest: '/home/{{ apt_user }}'
|
|
group: '{{ apt_user }}'
|
|
owner: '{{ apt_user }}'
|
|
become: true
|
|
|
|
- name: copy the add_debs.sh file
|
|
copy:
|
|
src: ../files/add_debs.sh
|
|
dest: '/home/{{ apt_user }}/add_debs.sh'
|
|
group: '{{ apt_user }}'
|
|
owner: '{{ apt_user }}'
|
|
mode: 0500
|
|
become: true
|
|
|
|
- name: create add_debs.sh cronjob
|
|
cron:
|
|
name: add_debs.sh
|
|
minute: '*/3'
|
|
user: '{{ apt_user }}'
|
|
job: '/home/{{ apt_user}}/add_debs.sh >> adddebs.log 2>&1'
|
|
become: true
|
|
|
|
- name: create pub dir for apt user
|
|
file:
|
|
path="/home/{{ apt_user }}/pub"
|
|
owner="{{ apt_user }}"
|
|
group="www-data"
|
|
mode=0750
|
|
state=directory
|
|
become: true
|
|
|
|
- name: unarchive the pub conf
|
|
unarchive:
|
|
src: ../files/conf.tgz
|
|
dest: '/home/{{ apt_user }}/pub'
|
|
group: '{{ apt_user }}'
|
|
owner: 'www-data'
|
|
become: true
|
|
|
|
- name: create .ssh dir for ci user
|
|
file:
|
|
path="/home/{{ ci_user }}/.ssh"
|
|
owner="{{ ci_user }}"
|
|
group="{{ ci_user }}"
|
|
mode=0700
|
|
state=directory
|
|
become: true
|
|
|
|
- name: create authorized_keys for ci user
|
|
template:
|
|
src: authorized_keys
|
|
dest: "/home/{{ ci_user }}/.ssh/authorized_keys"
|
|
mode: 0600
|
|
owner: '{{ ci_user }}'
|
|
group: '{{ ci_user }}'
|
|
become: true
|
|
|
|
- name: chmod home dir ci user
|
|
file:
|
|
path="{{ item }}"
|
|
owner="{{ ci_user }}"
|
|
group="{{ package_group }}"
|
|
mode=0710
|
|
state=directory
|
|
with_items:
|
|
- "/home/{{ ci_user }}"
|
|
become: true
|
|
|
|
- name: create upload dir for ci user
|
|
file:
|
|
path="{{ item }}"
|
|
owner="{{ ci_user }}"
|
|
group="{{ package_group }}"
|
|
mode=0770
|
|
state=directory
|
|
with_items:
|
|
- "/home/{{ ci_user }}/upload"
|
|
- "/home/{{ ci_user }}/upload/development"
|
|
- "/home/{{ ci_user }}/upload/testing"
|
|
- "/home/{{ ci_user }}/upload/acceptation"
|
|
- "/home/{{ ci_user }}/upload/production"
|
|
become: true
|
|
|
|
- name: update sudoers
|
|
lineinfile:
|
|
dest: /etc/sudoers
|
|
regexp: '^di-apt'
|
|
line: "di-apt ALL=(root) NOPASSWD: /bin/chmod g+w /home/{{ ci_user }}/upload/*"
|
|
state: present
|
|
backup: yes
|
|
become: true
|