56 lines
1.3 KiB
YAML
56 lines
1.3 KiB
YAML
---
|
|
- name: Bootstrap the Hack Manhattan OpenBSD router
|
|
hosts: foo.hackmanhattan.com-bootstrap
|
|
gather_facts: false
|
|
|
|
tasks:
|
|
- name: Set up installurl
|
|
raw: "echo http://cdn.openbsd.org/pub/OpenBSD > /etc/installurl"
|
|
|
|
- name: Find latest python3 package
|
|
raw: "pkg_info -Q python"
|
|
register: python3
|
|
|
|
- name: Set fact for python3 package
|
|
set_fact:
|
|
python3: "{% for pkg in python3.stdout.split('\n') if pkg.startswith('python-3.') %}{{ pkg.split()[0] }}{% endfor %}"
|
|
|
|
- name: Install various packages we want
|
|
raw: "pkg_add {{ item }}"
|
|
with_items:
|
|
- "{{ python3 }}"
|
|
- curl
|
|
- htop
|
|
- iperf3
|
|
- flashrom
|
|
- neovim
|
|
- wget
|
|
- zsh
|
|
- pftop
|
|
- vnstat
|
|
- smartmontools
|
|
- miniupnpd
|
|
register: installed
|
|
changed_when: '"No change in " + item not in installed.stdout'
|
|
|
|
- name: Configure doas
|
|
raw: "echo permit keepenv nopass :wheel > /etc/doas.conf"
|
|
|
|
- name: Disable audio/MIDI server
|
|
raw: "rcctl disable sndiod"
|
|
|
|
- name: Stop audio/MIDI server
|
|
raw: "rcctl stop sndiod"
|
|
|
|
- name: Make /tmp a reserved in-memory filesystem
|
|
raw: "sed -i -e 's%.*/tmp ffs.*%swap /tmp mfs rw,nodev,nosuid,-s=200m 0 0%' /etc/fstab"
|
|
|
|
- name: Unmount old /tmp
|
|
raw: "umount /tmp"
|
|
|
|
- name: Set appropriate permissions for /tmp
|
|
raw: "chmod 1777 /tmp"
|
|
|
|
- name: Mount new /tmp
|
|
raw: "mount /tmp"
|