Start of the ansible server setup

nginx.conf

@@ -15,6 +15,23 @@ server {
   }
 }
 
+server {
+  listen 8080;
+  listen [::]:8080;
+
+  server_name links.ralsina.me;
+
+  location / {
+      proxy_pass http://pinky.ralsina.github.beta.tailscale.net:8086;
+      proxy_set_header X-Forwarded-Host $http_host;
+  }
+  error_page 500 502 503 504 /custom_50x.html;
+  location = /custom_50x.html {
+      root /usr/share/nginx/html;
+      internal;
+  }
+}
+
 server {
   listen 8080;
   listen [::]:8080;

provision-pinky/hosts

@@ -0,0 +1,6 @@
+[servers]
+pinky ansible_user=ralsina
+rocky ansible_user=ralsina
+
+[servers:vars]
+ansible_connection=ssh  

provision-pinky/setup_user.yml

@@ -0,0 +1,51 @@
+# Setup my user with some QoL packages and settings
+- name: Basic Setup
+  hosts: servers
+  become_method: ansible.builtin.sudo
+  tasks:
+  - name: Install some packages
+    become: true
+    ansible.builtin.package:
+      name:
+        - git
+        - vim
+        - htop
+        - fish
+        - rsync
+        - restic
+        - vim
+      state: present
+  - name: Install Debian-specific packages
+    become: true
+    when: ansible_os_family == 'Debian'
+    apt:
+      name:
+        - ncurses-term
+      state: present
+  - name: Add the user ralsina
+    become: true
+    ansible.builtin.user:
+        name: ralsina
+        create_home: true
+        password_lock: true
+        shell: /usr/bin/fish
+  - name: Authorize ssh
+    become: true
+    ansible.posix.authorized_key:
+      user: ralsina
+      state: present
+      key: "{{ lookup('file', '/home/ralsina/.ssh/id_rsa.pub') }}"
+  - name: Make ralsina a sudoer
+    become: true
+    community.general.sudoers:
+      name: ralsina
+      user: ralsina
+      state: present
+      commands: ALL
+      nopassword: true
+  - name: Remove users that come with the system
+    become: true
+    ansible.builtin.user:
+      name: rock
+      state: absent
+      remove: true