scip/bsdnix
1
0
Fork 0
Code Issues Pull Requests Activity

added:

Browse Source 
- set file permissions
- setup sysctls
- set root password from vault var
- added doas + config
This commit is contained in:
Thomas von Dein
2024-11-18 18:33:33 +01:00
parent c8f169253d
commit 8e23c090d9
7 changed files with 112 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
Makefile
View File

@@ -1,11 +1,11 @@
.PHONY: all deploy check clean create debug
.PHONY: all deploy check clean create debug editvars
TOKEN = $(shell ansible-vault decrypt --vault-password-file \
~/.config/ansible/hcloud.secret --output - \
group_vars/all/vars.yaml | cut -d' ' -f2)
VARS = group_vars/all/vars.yaml
VALL = group_vars/all/all.yaml
TOKEN = $(shell ansible-vault decrypt --output - $(VARS) | grep hetzner_cloud_token | cut -d' ' -f2)
SNAPNAME = $(shell cat group_vars/all/all.yaml | yq .snapshot)
SNAPNAME = $(shell cat $(VALL) | yq .snapshot)
SNAPSHOT = $(shell hcloud image list -t snapshot -o yaml | \
yq '. | map(select(.description == "$(SNAPNAME)")) | .[].id')
@@ -41,3 +41,8 @@ clean:
check:
ansible-playbook -vvv --ask-vault-pass deploy.yaml -i inventory --syntax-check
editvars:
ansible-vault decrypt $(VARS)
vi $(VARS)
ansible-vault encrypt $(VARS)