Add whens to main tasks and use template for sudoers file

ff565dd4 · rlacko · 597f35bf · ff565dd4 · ff565dd4 · ff565dd4
Commit ff565dd4 authored Sep 16, 2021 by rlacko 💬
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -2,6 +2,12 @@
 timezone: Europe/Budapest
 na: "https://git.sch.bme.hu/kszk/sysadmin/kubernetes/base-ansible-role"
 hostname: "{{ inventory_hostname }}"
+update: yes
+setup_basic_packages: yes
+disable_floppy: yes
+disable_multipath: yes
+vmware_multipath: yes
+motd_text: KSZK Host

 ssh:
  port: 10022

--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -8,33 +8,40 @@
  tags: [hostname]

 - name: Upgrade packages
+  when: update is defined and update
  import_tasks: update.yml
  tags: [update]

 - name: Setup admin users
+  when: user is defined
  include_tasks: setup_user.yml
  loop: "{{ users }}"
  loop_control:
    loop_var: user

 - name: Install basic packages
+  when: setup_basic_packages is defined and setup_basic_packages
  import_tasks: packages.yml
  tags: [packages]

 - name: Setup Message of the day (MOTD)
+  when: motd_text is defined
  import_tasks: "motd.yml"
  tags: [motd]

 - name: Setup SSH
+  when: ssh is defined
  import_tasks: "ssh.yml"
  tags: [ssh]

 - name: Disable floppy
+  when: disable_floppy is defined and disable_floppy
  include_tasks: floppy.yaml

 - name: Fix multipath UUID VMWare errors
+  when: vmware_multipath is defined and vmware_multipath
  include_tasks: multipath.yaml

 - name: Update netplan config
-  include_tasks: netplan.yaml
  when: netplan is defined
+  include_tasks: netplan.yaml
--- a/tasks/motd.yml
+++ b/tasks/motd.yml
 ---
+- name: Install figlet for creating motd
+  package:
+    state: present
+    name:
+      - figlet
+
+- name: Generate motd ascii from text
+  command: figlet {{ motd_text }}
+  register: motd_ascii_art
+  changed_when: false

 - name: Remove parts of factory banner
  file:
@@ -11,5 +21,5 @@
 - name: Place motd file.
  template:
    src: etc/update-motd.d/motd.sh
-    dest: /etc/update-motd.d/40-kszk-banner
+    dest: /etc/update-motd.d/40-custom-banner
    mode: 0755
--- a/tasks/setup_user.yml
+++ b/tasks/setup_user.yml
@@ -21,21 +21,13 @@
      - sudo
  when: user.sudo

- set_fact:
-    sudoer_file: "/etc/sudoers.d/{{ user.name }}"
-
- name: sudoers file for the user
-  file:
-    path: "{{ sudoer_file }}"
-    state: touch
-    mode: "0600"
+- name: Insert sudoer file content
+  template:
+    src: etc/sudoers.d/user.j2
+    dest: /etc/sudoers.d/{{ user.name }}
+    mode: 0600
    owner: root
    group: root
-
- name: Insert sudoer file content
-  copy:
-    dest: "{{ sudoer_file }}"
-    content: "{{ user.name }} ALL=(ALL) NOPASSWD:ALL"
  when: user.passwordless_sudo

 - name: "Set password to be expired"

--- a/templates/etc/sudoers.d/user.j2
+++ b/templates/etc/sudoers.d/user.j2
+{{ user.name }} ALL=(ALL) NOPASSWD:ALL
--- a/templates/etc/update-motd.d/motd.sh
+++ b/templates/etc/update-motd.d/motd.sh
@@ -6,12 +6,9 @@

 # source: http://patorjk.com/software/taag/#p=display&f=Standard&t=KSZK%20server
 cat <<EOF
-  _  ______ ______  __                               
- | |/ / ___|__  / |/ /  ___  ___ _ ____   _____ _ __ 
- | ' /\___ \ / /| ' /  / __|/ _ \ '__\ \ / / _ \ '__|
- | . \ ___) / /_| . \  \__ \  __/ |   \ V /  __/ |   
- |_|\_\____/____|_|\_\ |___/\___|_|    \_/ \___|_|   
-
+{% for line in  motd_ascii_art.stdout.split('\n') %}
+{{ line | replace("`","\\`") }}
+{% endfor %}
 EOF

 echo "! ! !"