A => .gitignore +1 -0
A => README.org +2 -0
@@ 1,2 @@
+* ccw.icu infra
+Ansible Playbook I use to provision my Alpine Linux server
A => ansible.cfg +6 -0
@@ 1,6 @@
+[defaults]
+inventory = hosts.yml
+
+[ssh_connections]
+# significantly speed up ssh
+pipelining = true
A => group_vars/all/vars.yml +7 -0
@@ 1,7 @@
+username: user
+base_packages:
+ - pfetch
+ - neovim
+ - exa
+ - htop
+ - doas
A => run.yml +6 -0
@@ 1,6 @@
+---
+- hosts: all
+ become: yes
+
+ tasks:
+ - import_tasks: tasks/essential.yml
A => tasks/essential.yml +40 -0
@@ 1,40 @@
+- name: Disable SSH password auth
+ lineinfile:
+ path: /etc/ssh/sshd_config
+ regexp: "^#PasswordAuthentication yes"
+ line: "PasswordAuthentication no"
+ register: sshd_config
+
+- name: Restart sshd
+ service:
+ name: sshd
+ state: restarted
+ when: sshd_config.changed
+
+- name: Enable ssh on boot
+ service:
+ name: sshd
+ enabled: true
+ state: started
+
+- name: Use alpine edge branch/version
+ replace:
+ path: /etc/apk/repositories
+ regexp: "^http(s)?://dl-cdn.alpinelinux.org/alpine/([^/]+)"
+ replace: "https://dl-cdn.alpinelinux.org/alpine/edge"
+
+- name: Enable Testing repo
+ lineinfile:
+ path: /etc/apk/repositories
+ line: "https://dl-cdn.alpinelinux.org/alpine/edge/testing"
+ search_string: "https://dl-cdn.alpinelinux.org/alpine/edge/testing"
+
+- name: Update Packages
+ community.general.apk:
+ update_cache: true
+ upgrade: true
+
+- name: Install essential packages
+ community.general.apk:
+ name: "{{ base_packages }}"
+ state: latest