Here you can find some scripts that makes my working environments consistent.
For now supported OS is Debian 10. To provision your machinem run:
ansible-playbook -u <user> -i hosts -K playbook.yml --ask-vault-pass
You will be asked to type respectively root password and vault password
where passphrase to decrypt hosts.yml file is stored.
.
βββ .gitlab-ci.yml
βββ hosts
βββ playbook.yml
βββ README.md
βββ roles
βββ config
β βββ default
β β βββ mails.yml
β βββ mails.yml
β βββ tasks
β β βββ main.yml
β βββ templates
β βββ settings.org.j2
βββ dev
β βββ tasks
β βββ main.yml
βββ hardening
β βββ tasks
β βββ main.yml
βββ spacemacs
β βββ files
β β βββ .spacemacs
β βββ tasks
β βββ main.yml
βββ ssh
β βββ defaults
β β βββ hosts.yml
β βββ hosts.yml
β βββ tasks
β β βββ main.yml
β βββ templates
β βββ config.j2
βββ where_is_my_env
β βββ tasks
β βββ main.yml
βββ yubikey
βββ files
β βββ gpg-agent.conf
β βββ yubikey
βββ tasks
βββ main.ymlThere are several roles which I consider useful:
- dev -- contains CLI tools that I use to develop stuff, compilers, docker engine and some python3 packages
- spacemacs -- reponsible for installing (spac)emacs
- ssh -- set up all of my SSH connections to remote servers which I use on daily basis
- where_is_my_env -- set up my window/graphical interface
- yubikey -- installs packages for yubikey support and makes possible to use yubikey in SSH authentication
The hosts.yml and mails.yml files are encrypted using ansible-vault. To
present file stucture, the following files were added:
roles/ssh/defaults/hosts.ymlroles/config/default/mails.yml
To decrypt <encrypted>.yml file run: ansible-vault decrypt <path>.yml
To encrypt <decrypted>.yml file run: ansible-vault encrypt <path>.yml