aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKyle Isom <kyle@imap.cc>2017-09-11 15:33:37 -0700
committerKyle Isom <kyle@imap.cc>2017-09-11 15:33:37 -0700
commit6b94937a3ace0e9ef71bd6b078d0fa3325e04709 (patch)
tree2282c8e93fa9a052eda4b5bbcd894030025226c7
parent5519dca87bd459cf824935bd89e626eafffb0754 (diff)
downloadansible-6b94937a3ace0e9ef71bd6b078d0fa3325e04709.tar.gz
ansible-6b94937a3ace0e9ef71bd6b078d0fa3325e04709.tar.bz2
ansible-6b94937a3ace0e9ef71bd6b078d0fa3325e04709.zip
Major networking and N22 update.
-rw-r--r--Makefile2
-rw-r--r--roles/base/files/NetworkManager.conf2
-rw-r--r--roles/base/files/dhclient.conf57
-rw-r--r--roles/base/files/resolv.conf2
-rw-r--r--roles/base/tasks/main.yaml10
-rw-r--r--roles/base/tasks/repos.yaml13
-rw-r--r--roles/laptop/files/keyboard2
-rw-r--r--roles/laptop/tasks/main.yaml2
-rw-r--r--roles/laptop/tasks/wireless.yaml75
-rw-r--r--roles/laptop/templates/wireless.j221
10 files changed, 177 insertions, 9 deletions
diff --git a/Makefile b/Makefile
index 5abfb58..fcc356e 100644
--- a/Makefile
+++ b/Makefile
@@ -10,7 +10,7 @@ check-tree:
# sync applies the Ansible configuration.
.PHONY: sync
sync:
- ANSIBLE_NOCOLOR=1 ansible-playbook -i hosts -K laptop.yaml
+ ANSIBLE_NOCOLOR=1 ansible-playbook --ask-vault-pass -K -i hosts laptop.yaml
# snapshot does the following:
# 1. clean the tree (to remove any existing snapshots).
diff --git a/roles/base/files/NetworkManager.conf b/roles/base/files/NetworkManager.conf
index e0c9116..0f5e38a 100644
--- a/roles/base/files/NetworkManager.conf
+++ b/roles/base/files/NetworkManager.conf
@@ -1,6 +1,6 @@
[main]
plugins=ifupdown,keyfile
-dns=unmanaged
+dns=none
[ifupdown]
managed=false
diff --git a/roles/base/files/dhclient.conf b/roles/base/files/dhclient.conf
new file mode 100644
index 0000000..cffe7b3
--- /dev/null
+++ b/roles/base/files/dhclient.conf
@@ -0,0 +1,57 @@
+# Configuration file for /sbin/dhclient.
+#
+# This is a sample configuration file for dhclient. See dhclient.conf's
+# man page for more information about the syntax of this file
+# and a more comprehensive list of the parameters understood by
+# dhclient.
+#
+# Normally, if the DHCP server provides reasonable information and does
+# not leave anything out (like the domain name, for example), then
+# few changes must be made to this file, if any.
+#
+
+option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
+
+send host-name = gethostname();
+request subnet-mask, broadcast-address, time-offset, routers,
+ interface-mtu, rfc3442-classless-static-routes, ntp-servers;
+
+# request subnet-mask, broadcast-address, time-offset, routers,
+# domain-name, domain-name-servers, domain-search, host-name,
+# dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers,
+# netbios-name-servers, netbios-scope, interface-mtu,
+# rfc3442-classless-static-routes, ntp-servers;
+
+#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c;
+#send dhcp-lease-time 3600;
+#supersede domain-name "fugue.com home.vix.com";
+#prepend domain-name-servers 127.0.0.1;
+#require subnet-mask, domain-name-servers;
+#timeout 60;
+#retry 60;
+#reboot 10;
+#select-timeout 5;
+#initial-interval 2;
+#script "/sbin/dhclient-script";
+#media "-link0 -link1 -link2", "link0 link1";
+#reject 192.33.137.209;
+
+#alias {
+# interface "eth0";
+# fixed-address 192.5.5.213;
+# option subnet-mask 255.255.255.255;
+#}
+
+#lease {
+# interface "eth0";
+# fixed-address 192.33.137.200;
+# medium "link0 link1";
+# option host-name "andare.swiftmedia.com";
+# option subnet-mask 255.255.255.0;
+# option broadcast-address 192.33.137.255;
+# option routers 192.33.137.250;
+# option domain-name-servers 127.0.0.1;
+# renew 2 2000/1/12 00:00:01;
+# rebind 2 2000/1/12 00:00:01;
+# expire 2 2000/1/12 00:00:01;
+#}
diff --git a/roles/base/files/resolv.conf b/roles/base/files/resolv.conf
index 89b2741..ca2f725 100644
--- a/roles/base/files/resolv.conf
+++ b/roles/base/files/resolv.conf
@@ -1,3 +1,5 @@
# managed by ansible
nameserver 8.8.8.8
nameserver 8.8.4.4
+nameserver 2001:4860:4860::8888
+nameserver 2001:4860:4860::8844
diff --git a/roles/base/tasks/main.yaml b/roles/base/tasks/main.yaml
index c162b74..d6b16cd 100644
--- a/roles/base/tasks/main.yaml
+++ b/roles/base/tasks/main.yaml
@@ -11,12 +11,15 @@
- atop
- binutils
- curl
+ - e2fsprogs
- elinks
- htop
- iftop
- iotop
+ - lm-sensors
- lynx
- mg
+ - mtr
- network-manager
- nvi
- pm-utils
@@ -45,6 +48,13 @@
dest: /etc/NetworkManager/NetworkManager.conf
owner: root
+- name: tell dhclient not to trust their nameservers
+ become: true
+ copy:
+ src: dhclient.conf
+ dest: /etc/dhcp/dhclient.conf
+ owner: root
+
- name: manage resolv.conf
become: true
copy:
diff --git a/roles/base/tasks/repos.yaml b/roles/base/tasks/repos.yaml
index 5ab3030..b209e63 100644
--- a/roles/base/tasks/repos.yaml
+++ b/roles/base/tasks/repos.yaml
@@ -1,9 +1,10 @@
-- name: add kyle's repo key
- become: true
- apt_key:
- url: https://keys.kyleisom.net/4401FC2C/4401FC2C.asc
- state: present
- validate_certs: yes
+# - name: add kyle's repo key
+# become: true
+# apt_key:
+# id: 0x1F8B07B64401FC2C
+# url: https://keys.kyleisom.net/4401FC2C/4401FC2C.asc
+# state: present
+# validate_certs: yes
- name: add kyle's repo
become: true
diff --git a/roles/laptop/files/keyboard b/roles/laptop/files/keyboard
index 1636b7c..6b7fd92 100644
--- a/roles/laptop/files/keyboard
+++ b/roles/laptop/files/keyboard
@@ -4,6 +4,6 @@
XKBMODEL="pc105"
XKBLAYOUT="us"
XKBVARIANT=""
-XKBOPTIONS="compose:ralt,ctrl:swap_caps"
+XKBOPTIONS="compose:ralt,ctrl:swapcaps"
BACKSPACE="guess"
diff --git a/roles/laptop/tasks/main.yaml b/roles/laptop/tasks/main.yaml
index a939a29..a4d9210 100644
--- a/roles/laptop/tasks/main.yaml
+++ b/roles/laptop/tasks/main.yaml
@@ -1,4 +1,6 @@
# install laptop-specific tooling
+- include: wireless.yaml
+
- name: install laptop-specific tooling
become: true
apt:
diff --git a/roles/laptop/tasks/wireless.yaml b/roles/laptop/tasks/wireless.yaml
new file mode 100644
index 0000000..75643ab
--- /dev/null
+++ b/roles/laptop/tasks/wireless.yaml
@@ -0,0 +1,75 @@
+- name: Set up home network.
+ become: true
+ template:
+ src: wireless.j2
+ dest: /etc/NetworkManager/system-connections/home
+ mode: 0600
+ owner: root
+ vars:
+ context:
+ name: home
+ ssid: !vault |
+ $ANSIBLE_VAULT;1.1;AES256
+ 33653635666537306563323437363536663461663463333563306438343264366461363166356537
+ 6366386338396664346564613136303361663234373062640a346263333963623735346364303365
+ 36366431313931313163373132373231396639626430323765626330663466373763663335663030
+ 3936303465306536370a303434633434323165363833643630663065383837623066313264353936
+ 6361
+ psk: !vault |
+ $ANSIBLE_VAULT;1.1;AES256
+ 62383462306134363764383239636436643734663862643663396436636633373337333532346432
+ 3031643737393139646436333238326534356462633161360a653633386465333566316236623961
+ 36633531343736613663323733666635323739346665363730626265653531393135313866656265
+ 3861646363323033320a323736303362633366346438353139396639623035303134373337656336
+ 3532
+
+- name: Set up iphone network.
+ become: true
+ template:
+ src: wireless.j2
+ dest: /etc/NetworkManager/system-connections/iphone
+ mode: 0600
+ owner: root
+ vars:
+ context:
+ name: iphone
+ ssid: !vault |
+ $ANSIBLE_VAULT;1.1;AES256
+ 34643335316533366531666335343462393032313562323439623835623838323364386336316136
+ 3539643537303134373064616436373666313161376539370a363166616638303163326132663735
+ 39323735636530303138353639656235346365383632396565663065323935343066353638633565
+ 3134373861346366310a343166663433636665653162613930383536636634663037393365383863
+ 6338
+ psk: !vault |
+ $ANSIBLE_VAULT;1.1;AES256
+ 35353961306261323864393466396133326333313936313434303636333566626130323031346437
+ 3762646536366663363661646430653063343666626235390a306336333931623861626436396166
+ 37633362363561613262663438363164633061333236316263616365616433316439316236353666
+ 6637396333316433350a353931663565333333646234646338633561663238323565646338396264
+ 3233
+
+- name: Set up work network.
+ become: true
+ template:
+ src: wireless.j2
+ dest: /etc/NetworkManager/system-connections/work
+ mode: 0600
+ owner: root
+ vars:
+ context:
+ name: work
+ ssid: !vault |
+ $ANSIBLE_VAULT;1.1;AES256
+ 32303439626565663736346566636235656162643037613231313338636539396138663733643030
+ 3538333664636131643139353366363735313566363163390a656337643239336631616462636337
+ 31353165363034393965316238383965646638336364376235343830616635363830636539373739
+ 6534613834306537330a373235616661363530306135393631326161623365306638383233383830
+ 31373132653432373636396563643830386663626132313063646137353965306634
+ psk: !vault |
+ $ANSIBLE_VAULT;1.1;AES256
+ 32366333393735396335643937393736656232653065643439343631643333653134303436386137
+ 3433373731643631303561663965363662356462373536370a356337326366623233323563323433
+ 66323962653062653038303635363233656537383231353935303463386238656265653139643339
+ 3863356536613233640a653135653239633638333135623838616166656232386638353262356138
+ 62303565356333373938666166373231666137353266646337393466663533303935
+
diff --git a/roles/laptop/templates/wireless.j2 b/roles/laptop/templates/wireless.j2
new file mode 100644
index 0000000..0e99baf
--- /dev/null
+++ b/roles/laptop/templates/wireless.j2
@@ -0,0 +1,21 @@
+[connection]
+id={{context.name}}
+uuid={{context.name | to_uuid}}
+interface-name=wlp2s0
+type=wifi
+autoconnect=false
+
+[wifi]
+ssid={{context.ssid}}
+mode=infrastructure
+security=802-11-wireless-security
+
+[wifi-security]
+key-mgmt=wpa-psk
+psk={{context.psk}}
+
+[ipv4]
+method=auto
+
+[ipv6]
+method=auto