Move non-auth tasks to new role commonconnect

cc017903 · jurgenhaas · bc469898 · bc469898 · bc469898 · cc017903
Commit cc017903 authored 8 years ago by jurgenhaas
--- a/defaults/main.yml
+++ b/defaults/main.yml
-commonauth_extras: []
-auth_keys: []
-static_ipv4: '192.168.1.1'
--- a/tasks/commonauth.yml
+++ b/tasks/commonauth.yml
---
-# file: roles/commonauth/tasks/commonauth.yml
-
- set_fact: append=yes
-  tags: always
- set_fact: append=no
-  tags: 'Reset'
-
- name: "Create The /etc/hosts File"
-  template:
-    src='etc_hosts'
-    dest='/etc/hosts'
-    owner='root'
-    group='root'
-    mode='644'
-
- name: "Create All Required Users"
-  user:
-    name='{{ item }}'
-    group='root'
-    groups="{{ users[item].groups|default('www-data') }}"
-    append={{ append }}
-    home='/home/{{ item }}'
-    generate_ssh_key=yes
-    ssh_key_bits=2048
-    password='{{ initial_password }}'
-    update_password='on_create'
-  with_flattened:
-    - '{{ admins }}'
-    - '{{ jailusers }}'
-  tags: 'SetPermissions'
-
- name: "Copy SSH Config For Server-To-Server Communication For Admins"
-  template:
-    src='ssh_config'
-    dest='/home/{{ item }}/.ssh/config'
-    owner='{{ item }}'
-    group='root'
-    mode='644'
-  with_flattened:
-    - '{{ admins }}'
-    - '{{ jailusers }}'
-
- name: "Install Public Key For Extra Users"
-  authorized_key:
-    user='{{ item.username }}'
-    key="{{ lookup('file', inventory_dir + '/files/keys/' + item.keyname + '.d2s.pub') }}"
-  with_items: '{{ auth_keys }}'
-  tags: 'Keys'
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -7,11 +7,35 @@

 - block:

-  - include: commonauth.yml
-    when: '"commonauth" not in excluded_roles and role_commonauth_completed is not defined'
+  - set_fact: append=yes
+    tags: always
+  - set_fact: append=no
+    tags: 'Reset'

-  - name: 'Commonauth | Remember that this role had been run'
+  - name: "Create All Required Users"
+    user:
+      name='{{ item }}'
+      group='root'
+      groups="{{ users[item].groups|default('www-data') }}"
+      append={{ append }}
+      home='/home/{{ item }}'
+      generate_ssh_key=yes
+      ssh_key_bits=2048
+      password='{{ initial_password }}'
+      update_password='on_create'
+    with_flattened:
+      - '{{ admins }}'
+      - '{{ jailusers }}'
+    tags: 'SetPermissions'
+
+  - name: "Install Public Key For Extra Users"
+    authorized_key:
+      user='{{ item.username }}'
+      key="{{ lookup('file', inventory_dir + '/files/keys/' + item.keyname + '.d2s.pub') }}"
+    with_items: '{{ auth_keys|default([]) }}'
+    tags: 'Keys'
+
+  - name: 'Remember that this role had been run'
    set_fact: role_commonauth_completed=true
-    when: role_commonauth_completed is not defined

-  when: '"commonauth" not in excluded_roles'
+  when: '"commonauth" not in excluded_roles and role_commonauth_completed is not defined'
--- a/templates/etc_hosts
+++ b/templates/etc_hosts
-127.0.0.1 localhost.localdomain localhost
-::1       localhost6.localdomain6 localhost6
-127.0.0.1 localhost
-::1	      localhost ip6-localhost ip6-loopback
-fe00::0	  ip6-localnet
-ff00::0	  ip6-mcastprefix
-ff02::1	  ip6-allnodes
-ff02::2	  ip6-allrouters
-
-127.0.0.1 {{inventory_hostname}}
-{% for host in groups['all'] %}
-{% if hostvars[host] is defined %}
-{% if default_proxy is defined and default_proxy %}
-{% if hostvars[host]['default_domain'] is defined %}
-{{hostvars[default_proxy]['proxy_address']}} {{hostvars[host]['default_domain']}}
-{% endif %}
-{% if hostvars[host]['proxy_domains'] is defined %}
-{% for domain in hostvars[host]['proxy_domains'] %}
-{{hostvars[default_proxy]['proxy_address']}} {{domain}}
-{% endfor %}
-{% endif %}
-{% if hostvars[host]['proxy_ssl_domains'] is defined %}
-{% for domain in hostvars[host]['proxy_ssl_domains'] %}
-{{hostvars[default_proxy]['proxy_address']}} {{domain}}
-{% endfor %}
-{% endif %}
-{% endif %}
-{% if hostvars[host]['static_ipv4'] is defined %}
-{% set ip = hostvars[host]['static_ipv4']|default() %}
-{% elif hostvars[host]['ansible_default_ipv4'] is defined %}
-{% set ip = hostvars[host]['ansible_default_ipv4']['address'] %}
-{% else %}
-{% set ip = false %}
-{% endif %}
-{%  if ip %}
-{{ ip }} {{ host }}
-{% for drupal in hostvars[host]['drupal_settings']|default([]) %}
-{% for domain in drupal.domains|default([]) %}
-{{ ip }} {{ domain.domain }}
-{% for alias in domain.aliases|default([]) %}
-{{ ip }} {{ alias }}
-{% endfor %}
-{% endfor %}
-{% endfor %}
-{% endif %}
-{% endif %}
-{% endfor %}
-
-{% for host in commonauth_extras %}
-{{host.ip}}{% for name in host['names'] %} {{name}}{% endfor %}
-
-{% endfor %}
--- a/templates/ssh_config
+++ b/templates/ssh_config
-# See all parameters at http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config
-
-StrictHostKeyChecking no
-ForwardAgent yes
-
-{% for host in commonauth_extras %}
-{% if host.certfile is defined %}
-{% for name in host.names %}
-Host {{ name }}
-  IdentityFile ~/.ssh/{{ host.certfile }}
-
-{% endfor %}
-{% endif %}
-{% endfor %}
-Host *
-  IdentityFile ~/.ssh/id_rsa