Ongoing baseline establishment work

Create provision playbook with modular platform-interop framework Implement first version of update-system playbook Implement var organization Implement basic structure of inventory file
2018-11-27 01:30:55 -05:00
parent ba4ce45f96
commit 2901a1685d
13 changed files with 242 additions and 124 deletions
--- a/vars/global.yml
+++ b/vars/global.yml
@@ -0,0 +1,2 @@
+---
+ansible_user: ansible
--- a/vars/network.yml
+++ b/vars/network.yml
@@ -0,0 +1,8 @@
+---
+domain: net.enp.one
+
+router:
+  address: router.tre2.local
+  static:
+    server: DOMAIN
+    subnet: 10.42.101.0/24
--- a/vars/packages.yml
+++ b/vars/packages.yml
@@ -0,0 +1,29 @@
+---
+packages_global:
+  - cmake
+  - curl
+  - gcc
+  - gcc-c++
+  - git
+  - libselinux-python
+  - make
+  - nano
+  - openssl-devel
+  - policycoreutils-python
+  - python-devel
+  - python-firewall
+  - python-virtualenv
+  - unzip
+  - vim
+  - vim-minimal
+
+packages_dnf:
+  - python3-devel
+
+packages_yum:
+  - bash-completion
+  - bash-completion-extras
+  - nc
+  - nfs-utils
+  - python36u
+  - wget
--- a/vars/users.yml
+++ b/vars/users.yml
@@ -0,0 +1,64 @@
+---
+users:
+  # - name: username (required)
+  #   fullname: user's full name (optional)
+  #   password: quoted hash of password (required)
+  #   autorized: array of keys allowed to ssh into account (optional)
+  #   keys: array of keys given to the account to use on workstations (optional)
+  #   admin: boolean whether to give sudo privleges (optional)
+
+  - name: root
+    authorized: ['all']
+    password: ""
+    admin: True
+
+# Automation users
+
+  - name: ansible
+    authorized: ['all']
+    password: ""
+    admin: True
+
+# Service accounts
+
+  - name: svc_gitea
+    authorized: ['potentia', 'vm-host-gitea']
+    password: ""
+    admin: False
+
+  - name: svc_plex
+    authorized: ['potentia', 'vm-host-plex']
+    password: ""
+    admin: False
+
+# Actual user accounts
+
+  - name: enpaul
+    fullname: Ethan N. Paul
+    authorized: ['workstations', 'servers', 'vms']
+    password: "$6$mTfv47Xr1/bmYU80$W90AQisMUGjYQF5KOo67hHQl8sgxQH4HPwi.Bh6qUYcwIdG9ICyqAnBYrmtfFohGYvjU7jC/3AXPUWY8vnWLJ/"
+    admin: True
+
+  - name: kaisersjr
+    fullname: Sultan Jilani
+    authorized: ['workstations']
+    password: ""
+    admin: False
+
+  - name: notsoninja
+    fullname: Johnathan W. Adams
+    authorized: ['workstations']
+    password: ""
+    admin: False
+
+  - name: avalonburned
+    fullname: Christine K. Deidrich
+    authorized: ['workstations']
+    password: ""
+    admin: False
+
+  - name: sglagovitch
+    fullname: Sophia Glagovitch
+    authorized: ['workstations']
+    password: "$6$JC4neE6pXlGAbwSA$13t55k38QHhAHYrt0Ybg51ADknX0lyRpyQOHwREUBeZ8kfxaVcOISt3EcwwSxxWWzwzW5hfRgbC82n3O.zcHr1"
+    admin: False