[First commit with podman setup]

2026-01-20 20:29:05 +01:00
parent 151eba6ffd
commit 7f760cf4a6
15 changed files with 262 additions and 294 deletions
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -1,38 +1,54 @@
 #* USERS 
+users:
+  - username: bot
+    name: bot user
+    # groups: ['wheel','systemd-journal']
+    # uid: 1000
+    home: /home/bot
+    # profile: |
+    #   alias ll='ls -lah'
+    ssh_key:
+      - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7/ReeTsubS/KwTRaR/5k/6d5CEef0XTXvyRwfVBjwW"
+  - username: dbtest
+    name: dbtest user
+    # groups: ['wheel','systemd-journal']
+    # uid: 1000

-management_user_list:
-  - name: stephane
-    shell: '/bin/bash'
-    authorized_keys:
-      - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQClVS1uxDfwS6OusQ4qgcZ6hBc8YRBE8MyXu0sUfGN7S3itjI3W2ixD18v80el8dVQVR12jCY0ueavgoV1cHrfGWkFoLKi+QrA4MuSNUChj0NBbyLTmdwPvne8LRv3ttCbRSJ/6bIEveX8y/7kGn/R1NDFlfE6b5R8ersBUKCQM6YxblAkv/XH8cJlQXhr1nLhVOl/ae+Q/pTCbgioB8qrmGEuMvOLmavcFf7IJbJcSgeiXSOnyIRl2n64X6lbRK+MRZ61pF6vAOXA+Ixyt/fAbO7sjqU0+cEhU5Br5/VcqG4Bc5nhWimtXIHPry3aLV5PtN6K9/i3eA5F6Jpa82JzmUMEbWSBIga02yIw9GjRyAI6ccH/kJGuB6QN5/YwGHpOF2f0FGiEAbUz41mLngN3SsXL1pdV2hT3x56/GIcGe6p/f1cytwVCyOaE7W87B05w5JYb1sSFj6QuGW0rHWfnHT5SY87Mk/H8VgZPaPbm+hSjLIQRAmUYQR+Rub1o9bXE= stephane"
-        exclusive: yes
-    sudo:
-      hosts: ALL
-      as: ALL
-      commands: ALL
-      nopasswd: ALL
-
-
-#* GO 
-
-golang_gopath: /usr/local/go
-# golang_download_dir: /home/stephane/.ansible/tmp/downloads
+sudo_sudoers_files:
+  - path: /etc/sudoers.d/bot
+    user_specifications:
+      - users:
+          - bot
+        hosts:
+          - ALL
+        operators:
+          - ALL
+        commands:
+          - "NOPASSWD: ALL"

 #* PACKAGES

 package_repo:
  - python3-pip
-  #! argocd control plane
-  - sshpass
+  - podman
+  - lsof
+#   - libsemanage
+
+# package_pip:
+#   - python3-libsemanage
+


 #* FIREWALL

 firewall_allowed_tcp_ports:
  - "22"
+  - "2222"
  - "80"
+  - "8080"
  - "443"
  - "9100"
+  - "32222"
  # #! Kubernetes control plane ports 
  # - "6443"
  # - "2379"
@@ -43,23 +59,4 @@ firewall_allowed_tcp_ports:
  # - "9090"
  # - "3000"
  # - "9323"
-#! Kubernetes Worker ports 
-
-
-
-#* NETBIRD 
-
-netbird_setup_key: 33BE5022-D0CF-4ED9-84FF-B93E53519FDD
-netbird_register: true
-
-#* TLS 
-
-node_exporter_tls_server_config:
-  cert_file: /etc/node_exporter/tls.cert
-  key_file: /etc/node_exporter/tls.key
-
-#* NODE_EXPORTER
-
-# node_exporter_basic_auth_users:
-#   randomuser: examplepassword
-node_exporter_web_listen_address: "{{ host_private_address }}:9100"
+#! Kubernetes Worker ports