From a3885fe5cebc8e7fd5a96df3182a37273a9cb685 Mon Sep 17 00:00:00 2001 From: Rasmus Rosengren Date: Wed, 25 Aug 2021 00:06:22 +0200 Subject: [PATCH] Add script, live iso check, and fix some bugs --- .gitignore | 1 + ansible.sh | 30 ++++++++++++++++++++++++++++++ inventory/hosts.yml | 5 ----- main.yml | 35 +++++++++++++++++++++++++++++------ roles/cleanup/tasks/main.yml | 4 ++++ roles/mullvad/tasks/main.yml | 2 +- 6 files changed, 65 insertions(+), 12 deletions(-) create mode 100755 ansible.sh delete mode 100644 inventory/hosts.yml diff --git a/.gitignore b/.gitignore index 52bb496..2f1f485 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ vars/all.yml .ssh +inventory diff --git a/ansible.sh b/ansible.sh new file mode 100755 index 0000000..1748640 --- /dev/null +++ b/ansible.sh @@ -0,0 +1,30 @@ +#!/usr/bin/env bash +set -e + +if [ ! -f .ssh/id_ed25519.pub ]; then + echo "Generating new ssh key pair..." + ssh-keygen -t ed25519 -f .ssh/id_ed25519 -N "" +fi + +echo "Installing dependencies..." +ansible-galaxy install -r requirements.yml + +new_ip_addr=true +if [ -f inventory ]; then + current_ip_addr=$(cat inventory | awk 'NR==2') + read -p "Target ip is $current_ip_addr, do you want to change it? (y/N): " res + [[ $res =~ [Yy] ]] || new_ip_addr=false +fi + +echo $new_ip_addr + +if [ $new_ip_addr ]; then + read -p "Target ip address: " ip_addr + echo "[all]" > inventory + echo $ip_addr >> inventory +fi + +exit 1 + +echo "Running playbook, this may take 5 to 10 minutes..." +ansible-playbook main.yml -k diff --git a/inventory/hosts.yml b/inventory/hosts.yml deleted file mode 100644 index 8bb98f3..0000000 --- a/inventory/hosts.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -all: - hosts: - : - ansible_user: root diff --git a/main.yml b/main.yml index 9f63a19..8157f6a 100644 --- a/main.yml +++ b/main.yml @@ -1,19 +1,36 @@ --- - name: Install system. hosts: all - - roles: - - passwordless_connection - - prep - - disksetup - - configure + user: root tasks: + - name: Check if live iso. + command: arch-chroot + failed_when: false + register: _check_arch_chroot + changed_when: false + + - name: Set arch chroot fact. + set_fact: + is_live_iso: "{{ _check_arch_chroot.rc == 1 }}" + + - name: Include tasks. + include_role: + name: "{{ item }}" + with_items: + - passwordless_connection + - prep + - disksetup + - configure + when: is_live_iso + - name: Reboot system reboot: + when: is_live_iso - name: Configure system. hosts: all + user: root roles: - kewlfft.aur @@ -34,3 +51,9 @@ - yubikey - u2f - cleanup + + tasks: + - name: Reboot system. + reboot: + reboot_timeout: 5 + failed_when: false diff --git a/roles/cleanup/tasks/main.yml b/roles/cleanup/tasks/main.yml index 3aeb2ea..2192543 100644 --- a/roles/cleanup/tasks/main.yml +++ b/roles/cleanup/tasks/main.yml @@ -4,6 +4,10 @@ path: /etc/NetworkManager/system-connections/static.nmconnection state: absent +- name: Read temporary public key. + set_fact: + tmp_pub_key: "{{ lookup('file', '.ssh/id_ed25519.pub') }}" + - name: Remove temporary key from root's authorized_keys. authorized_key: state: absent diff --git a/roles/mullvad/tasks/main.yml b/roles/mullvad/tasks/main.yml index 5a0a301..6d9688d 100644 --- a/roles/mullvad/tasks/main.yml +++ b/roles/mullvad/tasks/main.yml @@ -35,5 +35,5 @@ changed_when: true - name: Connect. - command: mullvad connect + command: mullvad connect --wait changed_when: true