Add basic ubuntu ansible playbook.

ansible/roles/ubuntu.yml

@@ -0,0 +1,36 @@
+# Basic Ubuntu machine setup.
+#
+# Usage:
+#
+# 1. $ ansible-playbook ansible/roles/ubuntu.yml -i aaa.bbb.ccc.ddd,
+# 2. $ ssh aaa.bbb.ccc.ddd
+# 3. Install dotfiles!
+---
+- hosts: all
+  remote_user: root
+  vars:
+    user: "{{ lookup('env', 'USER') }}"
+    password: "$6$Som3S@lt$bJOg1GmsbFaHHH1pGTaduyC4QYyGekpniRZKMRxFtzhg.RSH5.s3awqVxZWcV/sWFZ8Ss2K0QclwNQlJXsZH31"
+  tasks:
+    - name: update/upgrade apt
+      apt: upgrade=dist update_cache=yes
+
+    - name: add primary user
+      user: name={{ user }} shell=/bin/bash groups=sudo append=yes password={{ password }}
+
+    - name: upload primary user ssh public key
+      authorized_key: user={{ user }} key="{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
+
+    - name: disable root login (and other sshd_config tweaks)
+      lineinfile: dest=/etc/ssh/sshd_config state={{ item.state }} line="{{ item.line }}"
+      with_items:
+        - { state: absent,  line: "PermitRootLogin yes" }
+        - { state: present, line: "PermitRootLogin without-password" }
+        - { state: present, line: "UseDNS no" }
+        - { state: present, line: "AllowUsers {{ user }}" }
+      notify:
+        - reload ssh
+
+  handlers:
+    - name: reload ssh
+      service: name=ssh state=restarted