cloud-init is kinda neat

2024-11-01 08:33:07 +01:00 · 2023-06-01 21:27:56 -05:00 · 2023-06-01 21:27:56 -05:00 · 787c160256
commit 787c160256
parent 7573638bbb
5 changed files with 37 additions and 31 deletions
--- a/cloud-init/debian-mail.yml
+++ b/cloud-init/debian-mail.yml
@ -0,0 +1,33 @@
+#cloud-config
+users:
+  - name: debian
+    ssh_authorized_keys:
+      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIOmibToJQ8JZpSFLH3482oxvpD56QAfu4ndoofbew5t jas@si.local
+    sudo: 'ALL=(ALL) NOPASSWD: ALL'
+    shell: /bin/bash
+    lock_passwd: true
+apt:
+  sources_list: |
+    deb http://deb.debian.org/debian $RELEASE main
+    deb http://deb.debian.org/debian $RELEASE-updates main
+    deb http://deb.debian.org/debian-security/ $RELEASE-security main
+    deb http://deb.debian.org/debian $RELEASE-backports
+package_update: true
+package_upgrade: true
+packages:
+  - debian-keyring
+  - debsig-verify
+  - notmuch
+  - offlineimap3
+  - pass
+  - python3-dev
+  - ssh
+  - wget
+rsyslog:
+  configs:
+    - content: "*.* @10.0.0.41:514"
+      filename: 99-forward.conf
+  remotes:
+    moonshadow: 10.0.0.41
+timezone: America/Chicago
+      
--- a/hosts.ini
+++ b/hosts.ini
@ -1,2 +1,2 @@
 [homelab]
-10.227.115.230
+debian-mail
--- a/roles/debian-mail/files/pm-bridge-tty
+++ b/roles/debian-mail/files/pm-bridge-tty
@ -5,7 +5,7 @@
 #
 # This script should be daemonized (forked to bg) or used as the value of
 # the ExecStart= directive in a systemd service file.
-set -euxo pipefail
+set -exo pipefail

 # If "init" is supplied as arg $1, initialize the bridge.
 if [[ "$1" == "init" ]]; then
@ -33,5 +33,5 @@ else
    # Start protonmail-bridge in a fake tty, so it does not quit because of EOF.
    rm -f /tmp/faketty
    mkfifo /tmp/faketty
-    protonmail-bridge --cli "$@" < /tmp/faketty
+    cat /tmp/faketty | protonmail-bridge --cli "$@"
 fi
--- a/roles/debian-mail/tasks/main.yml
+++ b/roles/debian-mail/tasks/main.yml
@ -1,23 +1,6 @@
 ---
 # tasks file for debian-mail

- name: Disable APT downloading language translations
-  ansible.builtin.lineinfile:
-    path: /etc/apt/apt.conf.d/99translations
-    line: 'Acquire::Languages "none";'
-    create: true
-
- name: Add Debian backports
-  ansible.builtin.apt_repository:
-    repo: deb http://deb.debian.org/debian bookworm-backports main
-    state: present
-    update_cache: true
-
- name: Install packages
-  ansible.builtin.apt:
-    name: "{{ packages }}"
-    state: present
-
 - name: Fetch bridge_pubkey.gpg
  ansible.builtin.get_url:
    url: https://proton.me/download/bridge/bridge_pubkey.gpg
@ -135,7 +118,6 @@
 - name: Message to Ansible user
  ansible.builtin.debug:
    msg:
-      - "Set passwd for debian"
      - "Run 'pm-bridge-tty init' to initialize the bridge."
      - "Login to Proton Mail with your user credentials."
      - "Wait for the sync to finish."
@ -143,3 +125,4 @@
      - "Run 'notmuch setup'"
      - "Run 'sudo systemctl enable --now pm-bridge-tty.service'"
      - "Run 'sudo systemctl start offlineimap-oneshot.service'"
+      - "Run 'sudo systemctl enable offlineimap-oneshot.timer'"
--- a/roles/debian-mail/vars/main.yml
+++ b/roles/debian-mail/vars/main.yml
@ -1,10 +0,0 @@
---
-# vars file for debian-mail
-
-packages:
-  - debian-keyring
-  - debsig-verify
-  - notmuch
-  - offlineimap3
-  - pass
-  - wget