diff --git a/roles/base/tasks/network.yml b/roles/base/tasks/network.yml index 404db19..7efaa9c 100644 --- a/roles/base/tasks/network.yml +++ b/roles/base/tasks/network.yml @@ -12,8 +12,3 @@ dest: "/etc/network/interfaces.d/{{ item.name }}" loop: "{{ interfaces }}" notify: reboot_host - -- name: Install bridge utilities - apt: - name: bridge-utils - state: present diff --git a/roles/base/tasks/system.yml b/roles/base/tasks/system.yml index fa09a22..d04d51e 100644 --- a/roles/base/tasks/system.yml +++ b/roles/base/tasks/system.yml @@ -10,12 +10,6 @@ dest: /root/.ssh/authorized_keys when: authorized_keys is defined -- name: Install btrfs-tools - apt: - name: btrfs-tools - state: present - when: btrfs_support is defined and btrfs_support | bool == true - - name: Manage filesystem mounts mount: path: "{{ item.path }}" diff --git a/roles/base/tasks/wireguard.yml b/roles/base/tasks/wireguard.yml index 7c6bd3c..698c560 100644 --- a/roles/base/tasks/wireguard.yml +++ b/roles/base/tasks/wireguard.yml @@ -1,25 +1,3 @@ -# Copyright (C) 2021 Kris Lamoureux -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, version 3 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . - -- name: Add Debian Buster backports - copy: - src: buster-backports.list - dest: /etc/apt/sources.list.d/buster-backports.list - owner: root - group: root - mode: '0644' - - name: Install WireGuard apt: name: wireguard diff --git a/roles/bitwarden/defaults/main.yml b/roles/bitwarden/defaults/main.yml index 46c67fe..e9e572c 100644 --- a/roles/bitwarden/defaults/main.yml +++ b/roles/bitwarden/defaults/main.yml @@ -1,5 +1,5 @@ bitwarden_name: bitwarden -bitwarden_root: "{{ docker_root }}/{{ bitwarden_name }}" +bitwarden_root: "/var/lib/{{ bitwarden_name }}" bitwarden_database: "{{ bitwarden_name }}" bitwarden_standalone: false bitwarden_production: false diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml index 370f7a9..44d7474 100644 --- a/roles/docker/defaults/main.yml +++ b/roles/docker/defaults/main.yml @@ -1,3 +1,3 @@ -docker_root: /var/lib/docker-compose +docker_compose_root: /var/lib/compose docker_compose: /usr/bin/docker-compose docker_compose_service: compose diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 7175650..042918d 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -6,7 +6,7 @@ - name: Create docker-compose root file: - path: "{{ docker_root }}" + path: "{{ docker_compose_root }}" state: directory - name: Install docker-compose systemd service diff --git a/roles/docker/templates/docker-compose.service.j2 b/roles/docker/templates/docker-compose.service.j2 index 34e8188..de9d95d 100644 --- a/roles/docker/templates/docker-compose.service.j2 +++ b/roles/docker/templates/docker-compose.service.j2 @@ -6,7 +6,7 @@ After=docker.service [Service] Type=oneshot RemainAfterExit=true -WorkingDirectory={{ docker_root }}/%i +WorkingDirectory={{ docker_compose_root }}/%i ExecStart={{ docker_compose }} up -d --remove-orphans ExecStop={{ docker_compose }} down diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index c3dba03..f48fd62 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -15,4 +15,4 @@ gitea_dbname: "{{ gitea_name }}" gitea_dbuser: "{{ gitea_name }}" # host -gitea_root: "{{ docker_root }}/{{ gitea_name }}" +gitea_root: "{{ docker_compose_root }}/{{ gitea_name }}" diff --git a/roles/gitea/tasks/main.yml b/roles/gitea/tasks/main.yml index d498dea..8a382d8 100644 --- a/roles/gitea/tasks/main.yml +++ b/roles/gitea/tasks/main.yml @@ -46,16 +46,22 @@ src: /home/git/.ssh/id_rsa.pub register: git_rsapub +- name: Get stats on git's authorized_keys file + stat: + path: /home/git/.ssh/authorized_keys + register: git_authkeys + - name: Create git's authorized_keys file file: path: /home/git/.ssh/authorized_keys state: touch + when: not git_authkeys.stat.exists - name: Add git's public SSH key to authorized_keys lineinfile: path: /home/git/.ssh/authorized_keys + regex: "^ssh-rsa" line: "{{ git_rsapub['content'] | b64decode }}" - insertbefore: BOF - name: Create Gitea host script for SSH template: