Add support for setting up ansible-galaxy on the controller node (#75)

This is part of the work being done in: #27 It adds support for ansible-galaxy so we can use the sshd_user galaxy module to unify sshd configuration and ensure all users have access to all hosts --------- Co-authored-by: Decfox <mehul@openobservatory.org>
ooni · Jul 21, 2024 · 0596280 · 0596280
1 parent 1fde7ff
commit 0596280
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 0 deletions.
diff --git a/ansible/requirements.yml b/ansible/requirements.yml
@@ -0,0 +1 @@
+- src: willshersystems.sshd
diff --git a/ansible/roles/ansible_controller/tasks/main.yml b/ansible/roles/ansible_controller/tasks/main.yml
@@ -9,13 +9,23 @@
       - "python3-boto3"
       - "tmux"
       - "vim"
+      - "acl"
     state: "latest"
     update_cache: "yes"
 
 - name: set the hostname
   ansible.builtin.hostname:
     name: "ansible-controller"
 
+- name: create ansible roles directory
+  ansible.builtin.file:
+    state: directory
+    path: /etc/ansible/roles
+    recurse: yes
+    owner: ubuntu
+    group: admin
+    mode: "u=rwX,g=rwX,o=r"
+
 - name: clone devops repo into /srv/devops
   ansible.builtin.git:
     repo: "https://github.com/ooni/devops.git"
@@ -30,6 +40,13 @@
     group: admin
     mode: "u=rwX,g=rwX,o=r"
 
+- name: Install ansible galaxy dependencies
+  become: yes
+  become_user: ubuntu
+  ansible.builtin.shell:
+    cmd: ansible-galaxy install -p /etc/ansible/roles -r requirements.yml
+    chdir: /srv/devops/ansible
+
 - name: set global gitconfig for each user
   ansible.builtin.copy:
     dest: "/home/{{ item }}/.gitconfig"

diff --git a/ansible/roles/ansible_controller/templates/ansible.cfg b/ansible/roles/ansible_controller/templates/ansible.cfg