-
Notifications
You must be signed in to change notification settings - Fork 340
/
main.yml
82 lines (75 loc) · 3.69 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
---
# Copyright (C) 2015-2017 Robin Schneider <ypid@riseup.net>
# Copyright (C) 2017 DebOps <https://debops.org/>
# SPDX-License-Identifier: GPL-3.0-only
- name: Ensure specified packages are in there desired state
ansible.builtin.package:
name: '{{ q("flattened", (dropbear_initramfs__base_packages
+ dropbear_initramfs__packages)) }}'
state: '{{ "present" if (dropbear_initramfs__deploy_state == "present") else "absent" }}'
register: dropbear_initramfs__register_packages
until: dropbear_initramfs__register_packages is succeeded
tags: [ 'role::dropbear_initramfs:pkgs' ]
- name: Configure network in initramfs using kernel command line
ansible.builtin.template:
src: 'etc/initramfs-tools/conf.d/role.conf.j2'
dest: '/etc/initramfs-tools/conf.d/50_debops.dropbear_initramfs.conf'
mode: '0644'
when: (dropbear_initramfs__deploy_state == "present")
notify: [ 'Update initramfs' ]
- name: Configure dropbear options
ansible.builtin.template:
src: 'etc/dropbear-initramfs/config.j2'
dest: '/etc/dropbear-initramfs/config'
mode: '0644'
when: (dropbear_initramfs__deploy_state == "present")
notify: [ 'Update initramfs' ]
- name: Configure to bring up additional interfaces/addresses in initramfs
ansible.builtin.template:
src: 'etc/initramfs-tools/scripts/local-top/debops_dropbear_initramfs.j2'
dest: '/etc/initramfs-tools/scripts/local-top/debops_dropbear_initramfs'
mode: '0755'
when: (dropbear_initramfs__deploy_state == "present")
notify: [ 'Update initramfs' ]
- name: Configure to bring down additional interfaces/addresses in initramfs
ansible.builtin.template:
src: 'etc/initramfs-tools/scripts/local-bottom/debops_dropbear_initramfs.j2'
dest: '/etc/initramfs-tools/scripts/local-bottom/debops_dropbear_initramfs'
mode: '0755'
when: (dropbear_initramfs__deploy_state == "present")
notify: [ 'Update initramfs' ]
- name: Configure authorized ssh keys
ansible.posix.authorized_key:
key: "{{ (item.key
if item.key is string
else (item.key | unique | join('\n') | string))
if item.key | d() else '' }}"
user: '{{ item.user | d("root") }}'
path: '{{ "/etc/initramfs-tools/root/.ssh/authorized_keys"
if ("dropbear" in dropbear_initramfs__base_packages)
else "/etc/dropbear-initramfs/authorized_keys" }}'
key_options: '{{ (item.key_options if item.key_options is string else item.key_options | join(","))
if item.key_options is defined
else ((dropbear_initramfs__authorized_keys_key_options
if dropbear_initramfs__authorized_keys_key_options is string
else dropbear_initramfs__authorized_keys_key_options | join(","))
if dropbear_initramfs__authorized_keys_key_options != omit else "")
}}'
state: '{{ (item.state | d("present")) if (dropbear_initramfs__deploy_state == "present") else "absent" }}'
exclusive: '{{ item.exclusive | d(omit) }}'
comment: '{{ item.comment | d(omit) }}'
manage_dir: False
notify: [ 'Update initramfs' ]
loop: '{{ q("flattened", dropbear_initramfs__combined_authorized_keys) }}'
loop_control:
label: '{{ {"key": item.key} }}'
- name: Remove files in deploy state absent
ansible.builtin.file:
path: '{{ item }}'
state: 'absent'
when: (dropbear_initramfs__deploy_state == 'absent')
notify: [ 'Update initramfs' ]
with_items:
- '/etc/initramfs-tools/conf.d/50_debops.dropbear_initramfs.conf'
- '/etc/initramfs-tools/scripts/local-top/debops_dropbear_initramfs'
- '/etc/initramfs-tools/scripts/local-bottom/debops_dropbear_initramfs'