Initial commit. This repo contains ansible CM that describes ECG infrastructure.

A test server (acacia root server) is already included in the inventory, with an ecg admin account.

inventory/group_vars/all/bootstrap.yml

@@ -0,0 +1,9 @@
+---
+netbase__domain: 'ecogood.org'
+bootstrap__admin_system: no
+bootstrap__admin_default_users: []
+bootstrap__admin_sshkeys: []
+bootstrap__admin_users:
+  - name: ecg
+    sshkeys: ["{{ lookup('file', '~/.ssh/id_ed25519-ecg.pub') }}"]
+

inventory/group_vars/all/common.yml

@@ -0,0 +1,6 @@
+---
+netbase__domain: 'ecogood.org'
+ntp__timezone: 'Etc/UTC'
+bootstrap__admin_sshkeys: '{{ lookup("pipe","ssh-add -L | grep ^ssh || cat ~/.ssh/id_ed25519-ecg.pub || true") }}'
+python__v3: 'True'
+python__v2: 'False'

inventory/group_vars/all/system_users.yml

@@ -0,0 +1,17 @@
+---
+system_users__accounts:
+  - name: 'ecg'
+    admin: True
+    shell: '/bin/zsh'
+    groups: ['users','ssh','sshusers']
+    sshkeys:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEO5nhjvVvdZawbxBjFnpZ1b0tKP3/6mLihRpbslnzO3 jose.canelas'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMmUWXrblLoCkhxTbaZhCPXRxAxVPnTfKXOKleVdYWTG christian.suessenguth'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEokDHNJYhqw5LtIhIEPS7q3spM2DZuaLgCPzLLOW9oQ thomas.dedek.portable'
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICN1LccpNTtO7c3uDr9WeCNl13IKTNdq5ObFEFYSKBGF thomas.dedek.home'
+  - name: 'z'
+    admin: True
+    shell: '/bin/zsh'
+    groups: ['users','ssh','sshusers']
+    sshkeys:
+      - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEO5nhjvVvdZawbxBjFnpZ1b0tKP3/6mLihRpbslnzO3 jose.canelas'

inventory/hosts

@@ -0,0 +1,22 @@
+# This is an Ansible inventory file in INI format. You can define a list of
+# hosts and groups to be managed by this particular inventory.
+
+# Hosts listed under [debops_all_hosts] will have common DebOps plays
+# ran against them. It will include services such as iptables, DNS, Postfix,
+# sshd configuration and more.
+#
+# View the list here:
+# https://github.com/debops/debops/blob/master/ansible/playbooks/common.yml
+#
+# You should check Getting Started guide for useful suggestions:
+# https://docs.debops.org/en/master/introduction/getting-started.html
+
+# Your host is eligible to be managed by DebOps' common playbook. If you want
+# that functionality and more, then uncomment your hostname below.
+
+[debops_all_hosts]
+#blacknode ansible_host=ip6-localhost ansible_connection=local
+acacia      ansible_host=v220211255864172122.hotsrv.de 
+
+[staging]
+acacia