initial commit

README.md

@@ -0,0 +1,2 @@
+Self configuration of a fresh Raspbian installation on Raspberry Pi.  This is
+very much a work in progress.

hosts

@@ -0,0 +1 @@
+cloverfield ansible_host=192.168.1.153 ansible_connection=local

roles/common/files/etc/timezone

@@ -0,0 +1 @@
+America/Los_Angeles

roles/common/handlers/main.yml

@@ -0,0 +1,3 @@
+---
+- name: changed timezone
+  command: dpkg-reconfigure --frontend noninteractive tzdata

roles/common/tasks/main.yml

@@ -0,0 +1,83 @@
+---
+### Set hostname
+- name: set hostname
+  hostname: name={{ inventory_hostname }}
+  when: inventory_hostname is defined and ansible_nodename is defined
+
+- name: update /etc/hosts with new hostname
+  lineinfile:
+    dest=/etc/hosts
+    regexp="^{{ ansible_default_ipv4.address }}"
+    line="{{ ansible_default_ipv4.address }}{{'\t'}}{{ inventory_hostname }}.local{{'\t'}}{{ inventory_hostname }}"
+    state=present
+
+- name: get rid of default 127.0.1.1 binding
+  lineinfile:
+    dest=/etc/hosts
+    regexp="^127.0.1.1"
+    state=absent
+
+### Configure /etc/hosts
+- name: ensure that all local hosts are in /etc/hosts
+  lineinfile:
+    dest=/etc/hosts
+    line="{{ item.ip }}{{'\t'}}{{ item.name }}.local{{'\t'}}{{ item.name }}"
+    state=present
+  with_items: etc_hosts_contents
+
+### Set timezone
+- name: set /etc/timezone to America/Los_Angeles
+  copy: src=etc/timezone
+        dest=/etc/timezone
+        owner=root
+        group=root
+        mode=0644
+        backup=yes
+  notify:
+      - changed timezone
+
+### Uninstall Raspbian bloat
+- name: remove raspbian bloat
+  apt:
+    name="{{ item }}"
+    state=absent
+  with_items:
+    - wolfram-engine
+    - libreoffice*
+    - scratch
+    - minecraft-pi
+    - python-minecraftpi 
+    - python3-minecraftpi
+    - sonic-pi
+    - dillo
+    - gpiciew
+    - penguinspuzzle
+
+### Install required software
+- name: install basic software environment
+  apt:
+    name="{{ item }}"
+    state=present
+    update_cache=yes
+  with_items:
+    - vim
+
+### Create user accounts
+- name: create users
+  user: name="{{ item.name }}"
+        comment="{{ item.comment }}"
+        group="{{ item.group }}"
+        groups="{{ item.groups }}"
+        uid="{{ item.uid }}"
+        state=present
+  with_items: create_users
+  tags: [ 'users' ]
+
+- name: install ssh pubkeys for new users
+  authorized_key: user="{{ item.name }}"
+                  key="{{ item.pubkey }}"
+                  state=present
+  with_items: create_users
+  tags: [ 'users' ]
+
+### TODO: disable the 'pi' user somehow

roles/common/vars/main.yml

@@ -0,0 +1,16 @@
+---
+### Hosts that must be present in /etc/hosts
+etc_hosts_contents:
+  - { name: 'cloverfield', ip: '192.168.1.153' }
+  - { name: 'clovermill',  ip: '192.168.1.149' }
+
+### Users that must be present on the system
+create_users:
+  - name: glock
+    comment: "Glenn K. Lockwood"
+    uid: 1024
+    group: users
+    # don't include the group from 'group:' above in the 'groups:' below; this
+    # breaks idempotency for some reason
+    groups: "adm,dialout,sudo,audio,video,plugdev,games,input,netdev,spi,i2c,gpio"
+    pubkey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjx1Fevx4XODj8pJy/qRZDwQCRwNl0tJ3gWlDy1dB/AtdapVh5XYDUI99R+JqqzGgME9Bif6p1K6bqClLQh7MeY57L9IyjtqBF2t6/vNeKdOYDYQcBwL1p7vbGNTfKxYF2G4Lw+tRVGr3c+sCvA6r5UUAIhXNXTs7fLZanO6JGwITlJFcxDXPmITEhoXu4yTFqA0j1yp/K7I7dvmlhG/Yq+8P6zTJww1Zpy3aMaJ9gB4KR9jclW67wQZ3kVkFcyJtHXRI/LTzfAitB9W1X0svXysy88DiZsBGm1UmrUuFD3JPRn0SRRYchW5RdZ7MDPYWUDWweZIeuWvWRKzMkB5VJ"

site.yml

@@ -0,0 +1,7 @@
+---
+- hosts: all
+  remote_user: pi
+  sudo: yes
+  sudo_user: root
+  roles:
+    - role: common