From 1fec49211973686691b986e7774dbe102864631e Mon Sep 17 00:00:00 2001 From: Roberto Alsina Date: Wed, 26 Jun 2024 11:05:15 -0300 Subject: [PATCH] Start of the ansible server setup --- nginx.conf | 17 ++++++++++++ provision-pinky/hosts | 6 ++++ provision-pinky/setup_user.yml | 51 ++++++++++++++++++++++++++++++++++ 3 files changed, 74 insertions(+) create mode 100644 provision-pinky/hosts create mode 100644 provision-pinky/setup_user.yml diff --git a/nginx.conf b/nginx.conf index 8f247cd..82f589c 100644 --- a/nginx.conf +++ b/nginx.conf @@ -15,6 +15,23 @@ server { } } +server { + listen 8080; + listen [::]:8080; + + server_name links.ralsina.me; + + location / { + proxy_pass http://pinky.ralsina.github.beta.tailscale.net:8086; + proxy_set_header X-Forwarded-Host $http_host; + } + error_page 500 502 503 504 /custom_50x.html; + location = /custom_50x.html { + root /usr/share/nginx/html; + internal; + } +} + server { listen 8080; listen [::]:8080; diff --git a/provision-pinky/hosts b/provision-pinky/hosts new file mode 100644 index 0000000..9e03793 --- /dev/null +++ b/provision-pinky/hosts @@ -0,0 +1,6 @@ +[servers] +pinky ansible_user=ralsina +rocky ansible_user=ralsina + +[servers:vars] +ansible_connection=ssh \ No newline at end of file diff --git a/provision-pinky/setup_user.yml b/provision-pinky/setup_user.yml new file mode 100644 index 0000000..0113873 --- /dev/null +++ b/provision-pinky/setup_user.yml @@ -0,0 +1,51 @@ +# Setup my user with some QoL packages and settings +- name: Basic Setup + hosts: servers + become_method: ansible.builtin.sudo + tasks: + - name: Install some packages + become: true + ansible.builtin.package: + name: + - git + - vim + - htop + - fish + - rsync + - restic + - vim + state: present + - name: Install Debian-specific packages + become: true + when: ansible_os_family == 'Debian' + apt: + name: + - ncurses-term + state: present + - name: Add the user ralsina + become: true + ansible.builtin.user: + name: ralsina + create_home: true + password_lock: true + shell: /usr/bin/fish + - name: Authorize ssh + become: true + ansible.posix.authorized_key: + user: ralsina + state: present + key: "{{ lookup('file', '/home/ralsina/.ssh/id_rsa.pub') }}" + - name: Make ralsina a sudoer + become: true + community.general.sudoers: + name: ralsina + user: ralsina + state: present + commands: ALL + nopassword: true + - name: Remove users that come with the system + become: true + ansible.builtin.user: + name: rock + state: absent + remove: true