初始提交之一

2023-03-03 16:20:24 +08:00 · 2023-03-03 16:20:24 +08:00 · 313c65b0ca
parent 0eca95bdca
commit 313c65b0ca
4 changed files with 91 additions and 0 deletions
--- a/home-devices.yml
+++ b/home-devices.yml
@ -0,0 +1,30 @@
+---
+- name: Maintain required packages
+  hosts: linux
+  become: true
+  tasks:
+    - name: Core Apps
+      apt:
+        name:
+          - wget
+          - curl
+          - sudo
+        state: latest
+    - name: VPN
+      apt:
+        name:
+          - tailscale
+        state: latest
+    - name: Docker dependencies
+      apt:
+        name:
+          - apt-transport-https
+          - ca-certificates
+          - software-properties-common
+        state: latest
+
+- name: Install docker
+  ansible.builtin.import_playbook: src/docker.yml
+
+- name: Run sudo without password
+  ansible.builtin.import_playbook: src/sudonopass.yml
--- a/inventory.ini
+++ b/inventory.ini
@ -0,0 +1,3 @@
+[linux]
+10.10.10.11 ansible_connection=ssh ansible_user=root ansible_ssh_private_key_file=~/.ssh/id_rsa
+; 10.10.10.12 ansible_connection=ssh ansible_user=sunrui ansible_ssh_private_key_file=~/.ssh/id_rsa
--- a/src/docker.yml
+++ b/src/docker.yml
@ -0,0 +1,45 @@
+---
+- name: Maintain Docker and Docker Compose
+  hosts: linux
+  become: true
+  vars:
+    docker_edition: ce  # Use ce for community edition or ee for enterprise edition
+    docker_channel: stable  # Use stable, edge or test channel
+    docker_compose_version: "v2.3.3"  # Specify the version of docker-compose to install
+
+  tasks:
+    - name: Add Docker GPG key
+      apt_key:
+        url: https://download.docker.com/linux/ubuntu/gpg
+        state: present
+        keyring: /usr/share/keyrings/docker-archive-keyring.gpg
+
+    - name: Add Docker repository
+      apt_repository:
+        repo: deb [arch={{ ansible_architecture }} signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} {{ docker_channel }}
+        state: present
+
+    - name: Install Docker and docker-compose
+      apt:
+        name:
+          - "docker-{{ docker_edition }}"
+          - "docker-{{ docker_edition }}-cli"
+          - containerd.io
+
+    - name: Start and enable Docker service
+      service:
+        name: docker
+        state: started
+        enabled: true
+
+    - name: Add user to docker group
+      user:
+        name: "sunrui"
+        groups: docker
+        append: true
+
+    - name: Download docker-compose binary
+      get_url:
+        url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
+        dest: /usr/local/bin/docker-compose
+        mode: '0755'
--- a/src/sudonopass.yml
+++ b/src/sudonopass.yml
@ -0,0 +1,13 @@
+---
+- name: Add user to sudoers file
+  hosts: all
+  become: true
+  vars:
+    username: "sunrui"  # User name that can run sudo without password
+  tasks:
+    - name: Add user to sudoers file with NOPASSWD option
+      lineinfile:
+        dest: /etc/sudoers
+        line: '{{ username }} ALL=(ALL) NOPASSWD:ALL'
+        state: present
+        validate: 'visudo -cf %s'