diff options
author | Ismaël Bouya <ismael.bouya@fretlink.com> | 2018-11-21 01:54:14 +0100 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@fretlink.com> | 2018-11-21 02:17:57 +0100 |
commit | 39749dd76fb02744f26c68054a9955cbe3e26849 (patch) | |
tree | e235402070f5fa99735732a0defb33be104023b6 | |
parent | df352b462703d68c9cfd2fa5ad85514ce0bd71fa (diff) | |
download | Ansible-39749dd76fb02744f26c68054a9955cbe3e26849.tar.gz Ansible-39749dd76fb02744f26c68054a9955cbe3e26849.tar.zst Ansible-39749dd76fb02744f26c68054a9955cbe3e26849.zip |
Add a tag to prevent gpg-related actions during the home bootstrap
-rw-r--r-- | post_init.yml | 17 | ||||
-rw-r--r-- | roles/gnupg/tasks/main.yml | 7 | ||||
-rw-r--r-- | roles/init/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/tools/tasks/main.yml | 1 | ||||
-rw-r--r-- | site.yml | 2 |
5 files changed, 24 insertions, 5 deletions
diff --git a/post_init.yml b/post_init.yml new file mode 100644 index 0000000..8a5c408 --- /dev/null +++ b/post_init.yml | |||
@@ -0,0 +1,17 @@ | |||
1 | --- | ||
2 | - hosts: home | ||
3 | tasks: | ||
4 | - file: | ||
5 | path: "$HOME/{{ item }}" | ||
6 | state: absent | ||
7 | loop: | ||
8 | - .bash_profile | ||
9 | - .bash_history | ||
10 | - Bureau | ||
11 | - Documents | ||
12 | - Images | ||
13 | - Modèles | ||
14 | - Musique | ||
15 | - Public | ||
16 | - Téléchargements | ||
17 | - Vidéos | ||
diff --git a/roles/gnupg/tasks/main.yml b/roles/gnupg/tasks/main.yml index 954c029..84957cf 100644 --- a/roles/gnupg/tasks/main.yml +++ b/roles/gnupg/tasks/main.yml | |||
@@ -22,13 +22,14 @@ | |||
22 | changed_when: false | 22 | changed_when: false |
23 | check_mode: no | 23 | check_mode: no |
24 | - name: check existing secret key | 24 | - name: check existing secret key |
25 | tags: ["no_bootstrap"] | ||
25 | shell: "gpg --list-secret-keys | grep '{{ gpg_useremail }}'" | 26 | shell: "gpg --list-secret-keys | grep '{{ gpg_useremail }}'" |
26 | changed_when: false | 27 | changed_when: false |
27 | ignore_errors: true | 28 | ignore_errors: true |
28 | register: gpgkeys | 29 | register: gpgkeys |
29 | check_mode: no | 30 | check_mode: no |
30 | - name: Ask for gpg password | 31 | - name: Ask for gpg password |
31 | when: gpgkeys.stdout == "" | 32 | when: gpgkeys is defined and gpgkeys.stdout == "" |
32 | block: | 33 | block: |
33 | - name: Ask for gpg password | 34 | - name: Ask for gpg password |
34 | pause: | 35 | pause: |
@@ -44,7 +45,7 @@ | |||
44 | assert: | 45 | assert: |
45 | that: gpg_password_confirm.user_input == gpg_password.user_input | 46 | that: gpg_password_confirm.user_input == gpg_password.user_input |
46 | - name: Generate gpg key | 47 | - name: Generate gpg key |
47 | when: gpgkeys.stdout == "" | 48 | when: gpgkeys is defined and gpgkeys.stdout == "" |
48 | block: | 49 | block: |
49 | - name: Copy default template for gpg key generation | 50 | - name: Copy default template for gpg key generation |
50 | template: | 51 | template: |
@@ -63,7 +64,7 @@ | |||
63 | - name: get keygrip | 64 | - name: get keygrip |
64 | shell: "gpg -K --with-colons {{ gpg_useremail }} | grep '^grp' | cut -d':' -f10" | 65 | shell: "gpg -K --with-colons {{ gpg_useremail }} | grep '^grp' | cut -d':' -f10" |
65 | register: keygrip | 66 | register: keygrip |
66 | when: gpgkeys.stdout == "" | 67 | when: gpgkeys is defined and gpgkeys.stdout == "" |
67 | notify: | 68 | notify: |
68 | - notify add key to immae@immae.eu | 69 | - notify add key to immae@immae.eu |
69 | - send key to immae@immae.eu | 70 | - send key to immae@immae.eu |
diff --git a/roles/init/tasks/main.yml b/roles/init/tasks/main.yml index e60bb2a..c06a078 100644 --- a/roles/init/tasks/main.yml +++ b/roles/init/tasks/main.yml | |||
@@ -31,7 +31,7 @@ | |||
31 | when: pam_environment.changed | 31 | when: pam_environment.changed |
32 | - name: Add new lines in bashrc_temp | 32 | - name: Add new lines in bashrc_temp |
33 | lineinfile: | 33 | lineinfile: |
34 | line: "{{ ('export ' ~ item) if item != '' and item.0 != '#' else '' }}" | 34 | line: "{{ ('export ' ~ item) | regex_replace('@{HOME}', '${HOME}') if item != '' and item.0 != '#' else '' }}" |
35 | dest: $XDG_STATE_HOME/bash/bashrc_temp | 35 | dest: $XDG_STATE_HOME/bash/bashrc_temp |
36 | insertafter: EOF | 36 | insertafter: EOF |
37 | create: true | 37 | create: true |
diff --git a/roles/tools/tasks/main.yml b/roles/tools/tasks/main.yml index d8ce64f..82b575b 100644 --- a/roles/tools/tasks/main.yml +++ b/roles/tools/tasks/main.yml | |||
@@ -84,6 +84,7 @@ | |||
84 | name: monitor_home.service | 84 | name: monitor_home.service |
85 | enabled: true | 85 | enabled: true |
86 | - name: Clone password store | 86 | - name: Clone password store |
87 | tags: ["no_bootstrap"] | ||
87 | git: | 88 | git: |
88 | dest: "$XDG_DATA_HOME/pass" | 89 | dest: "$XDG_DATA_HOME/pass" |
89 | repo: gitolite@git.immae.eu:perso/Immae/Prive/Password_store | 90 | repo: gitolite@git.immae.eu:perso/Immae/Prive/Password_store |
@@ -23,4 +23,4 @@ | |||
23 | - tools | 23 | - tools |
24 | - cron | 24 | - cron |
25 | - role: contexts/fretlink | 25 | - role: contexts/fretlink |
26 | tags: ["fretlink"] | 26 | tags: ["no_bootstrap", "fretlink"] |