AniNIX/Wiki#21 -- effecting renames for policy

roles/ShadowArch/tasks/main.yml

@@ -4,169 +4,7 @@
 
   # This is an AniNIX convention to allow password management by Ansible.
 
-  - name: Test root password
-    ignore_errors: yes
-    register: root_password_test
-    vars:
-      ansible_become_user: "{{ item }}"
-      ansible_become_method: su
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    command: id
-    loop:
-      - root
-      - "{{ ansible_user_id }}"
-
-  - name: Define passwords
-    ignore_errors: yes
-    vars:
-      ansible_become_user: "root"
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    when: root_password_test.rc is not defined or root_password_test.rc != 0
-    command:
-      cmd: /bin/bash -l -c "echo '{{item}}:{{ passwords[inventory_hostname] }}' | chpasswd {{ item }}"
-    loop:
-      - root
-      - "{{ ansible_user_id }}"
-
-  - name: Ensure deploy user has sudo permissions.
-    vars:
-      ansible_become_method: su
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    copy:
-      dest: /etc/sudoers.d/basics
-      content: "{{ ansible_user_id }} ALL=(ALL) NOPASSWD: ALL\n"
-
-  - name: Ensure we include /etc/sudoers.d (Current)
-    vars:
-      ansible_become_method: su
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    when: ansible_architecture != "armv6l"
-    lineinfile:
-      path: /etc/sudoers
-      regexp: "includedir /etc/sudoers.d"
-      line: "@includedir /etc/sudoers.d"
-
-  - name: Ensure we include /etc/sudoers.d (Legacy)
-    vars:
-      ansible_become_method: su
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    when: ansible_architecture == "armv6l"
-    lineinfile:
-      path: /etc/sudoers
-      regexp: "includedir /etc/sudoers.d"
-      line: "#includedir /etc/sudoers.d"
-
-  - name: Set up pacman.conf
-    vars:
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-      ignorepkg: "{{ holdpackages | default('') }}"
-    become: yes
-    template:
-      src: pacman.conf.j2
-      dest: /etc/pacman.conf
-      owner: root
-      group: root
-      mode: 0644
-    when: ansible_os_family == "Archlinux"
-
-  - name: Set mirror
-    become: yes
-    when: ansible_os_family == "Archlinux"
-    copy:
-      content: |
-        Server = {{ mirroruri }}
-      dest: /etc/pacman.d/mirrorlist.shadowarch
-      owner: root
-      group: root
-      mode: 0644
-
-  - name: Import AniNIX GPG key
-    vars:
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    command: /bin/bash -c 'if [ ! -f /usr/share/pacman/keyrings/aninix.gpg ]; then mkdir /tmp/aninix; curl -s https://aninix.net/AniNIX/ShadowArch/raw/branch/main/EtcFiles/aninix.gpg > /tmp/aninix/pubring.gpg; pacman-key --import /tmp/aninix; pacman-key --lsign 904DE6275579CB589D85720C1CC1E3F4ED06F296; fi'
-    when: ansible_os_family == "Archlinux"
-
-  - name: Set up apt sources.list
-    vars:
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    copy:
-      content: |
-        deb http://archive.raspberrypi.org/debian/ bullseye main
-        # Uncomment line below then 'apt-get update' to enable 'apt-get source'
-        #deb-src http://archive.raspberrypi.org/debian/ bullseye main
-      dest: /etc/apt/sources.list.d/raspi.list
-      owner: root
-      group: root
-      mode: 0644
-    when: ansible_os_family == "Debian"
-
-  - name: Base packages
-    vars:
-      ansible_become_method: su
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    package:
-      name:
-        - bash
-        - sudo
-        - git
-        - tmux
-        - vim
-        - sysstat
-        - iotop
-        - lsof
-        - rsync
-        - xfsprogs
-        - man-db
-        - man-pages
-      state: present
-      update_cache: yes
-
-  - name: Install ShadowArch (ArchLinux)
-    vars:
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    pacman:
-      name: ShadowArch
-      state: present
-      update_cache: yes
-    when: ansible_os_family == "Archlinux"
-
-  - name: Set up AniNIX-specific repository location (Other)
-    when: ansible_os_family != "Archlinux"
-    vars:
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    file:
-      path: /opt/aninix
-      state: directory
-
-  - name: Download ShadowArch (Other)
-    vars:
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    ignore_errors: yes
-    git:
-      repo: 'https://foundation.aninix.net/AniNIX/ShadowArch'
-      dest: '/opt/aninix/ShadowArch'
-      update: yes
-    when: ansible_os_family != "Archlinux"
-
-  - name: Install ShadowArch (Other)
-    vars:
-      ansible_become_password: "{{ passwords[inventory_hostname] }}"
-    become: yes
-    command:
-      chdir: '/opt/aninix/ShadowArch'
-      cmd: '/bin/bash -c "make install"'
-    when: ansible_os_family != "Archlinux"
+  - include_tasks: authentication.yml
 
   - name: Set up hostname
     vars:
@@ -175,14 +13,18 @@
     hostname:
       name: "{{ inventory_hostname }}.{{ replica_domain }}"
 
-  - include: archlinux-network.yml
+  - include_tasks: archlinux-network.yml
     when: ansible_os_family == "Archlinux"
 
-  - include: raspbian-network.yml
+  - include_tasks: raspbian-network.yml
     when: ansible_os_family == "Debian"
 
-  - include: dns.yml
+  - include_tasks: dns.yml
 
-  - include: ntp.yml
+  - include_tasks: ntp.yml
 
-  - include: bash.yml
+  - include_tasks: repositories.yml
+
+  - include_tasks: bash.yml
+
+  - include_tasks: shadowarch.yml