From 8173f2f39edc46c1b0a2e1554e8ab54bafafce03 Mon Sep 17 00:00:00 2001
From: darrylgit <darrylsmithup@gmail.com>
Date: Fri, 21 Nov 2014 16:32:13 -0500
Subject: [PATCH] Add basic ubuntu ansible playbook.

---
 ansible/roles/ubuntu.yml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 ansible/roles/ubuntu.yml

diff --git a/ansible/roles/ubuntu.yml b/ansible/roles/ubuntu.yml
new file mode 100644
index 0000000..42d144d
--- /dev/null
+++ b/ansible/roles/ubuntu.yml
@@ -0,0 +1,36 @@
+# Basic Ubuntu machine setup.
+#
+# Usage:
+#
+# 1. $ ansible-playbook ansible/roles/ubuntu.yml -i aaa.bbb.ccc.ddd,
+# 2. $ ssh aaa.bbb.ccc.ddd
+# 3. Install dotfiles!
+---
+- hosts: all
+  remote_user: root
+  vars:
+    user: "{{ lookup('env', 'USER') }}"
+    password: "$6$Som3S@lt$bJOg1GmsbFaHHH1pGTaduyC4QYyGekpniRZKMRxFtzhg.RSH5.s3awqVxZWcV/sWFZ8Ss2K0QclwNQlJXsZH31"
+  tasks:
+    - name: update/upgrade apt
+      apt: upgrade=dist update_cache=yes
+
+    - name: add primary user
+      user: name={{ user }} shell=/bin/bash groups=sudo append=yes password={{ password }}
+
+    - name: upload primary user ssh public key
+      authorized_key: user={{ user }} key="{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
+
+    - name: disable root login (and other sshd_config tweaks)
+      lineinfile: dest=/etc/ssh/sshd_config state={{ item.state }} line="{{ item.line }}"
+      with_items:
+        - { state: absent,  line: "PermitRootLogin yes" }
+        - { state: present, line: "PermitRootLogin without-password" }
+        - { state: present, line: "UseDNS no" }
+        - { state: present, line: "AllowUsers {{ user }}" }
+      notify:
+        - reload ssh
+
+  handlers:
+    - name: reload ssh
+      service: name=ssh state=restarted