Update ssh key script; deps
This commit is contained in:
parent
bf26066aaf
commit
05dc61cbd8
|
@ -17,6 +17,7 @@ aur_helper: yay
|
||||||
packages:
|
packages:
|
||||||
- base-devel
|
- base-devel
|
||||||
- curl
|
- curl
|
||||||
|
- direnv
|
||||||
- docker
|
- docker
|
||||||
- docker-compose
|
- docker-compose
|
||||||
- e2fsprogs
|
- e2fsprogs
|
||||||
|
@ -24,6 +25,7 @@ packages:
|
||||||
- firefox
|
- firefox
|
||||||
- flatpak
|
- flatpak
|
||||||
- git
|
- git
|
||||||
|
- github-cli
|
||||||
- gnupg
|
- gnupg
|
||||||
- htop
|
- htop
|
||||||
- inetutils
|
- inetutils
|
||||||
|
@ -42,7 +44,10 @@ packages:
|
||||||
- rbw
|
- rbw
|
||||||
- rsync
|
- rsync
|
||||||
- screen
|
- screen
|
||||||
|
- stow
|
||||||
- sudo
|
- sudo
|
||||||
|
- tea
|
||||||
|
- the_silver_searcher
|
||||||
- tilix
|
- tilix
|
||||||
- tree
|
- tree
|
||||||
- unrar-free
|
- unrar-free
|
||||||
|
@ -54,6 +59,7 @@ packages:
|
||||||
- zsh
|
- zsh
|
||||||
|
|
||||||
aur_packages:
|
aur_packages:
|
||||||
|
- antidote
|
||||||
- gohugo-extended-bin
|
- gohugo-extended-bin
|
||||||
- gnome-extensions-cli
|
- gnome-extensions-cli
|
||||||
|
|
||||||
|
|
10
roles/07_user/files/rbw-config.json
Normal file
10
roles/07_user/files/rbw-config.json
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
{
|
||||||
|
"email": "ariejan@devroom.io",
|
||||||
|
"base_url": "https://bitwarden.devroom.io",
|
||||||
|
"identity_url": null,
|
||||||
|
"notifications_url": null,
|
||||||
|
"lock_timeout": 3600,
|
||||||
|
"sync_interval": 3600,
|
||||||
|
"pinentry": "pinentry",
|
||||||
|
"client_cert_path": null
|
||||||
|
}
|
|
@ -25,3 +25,19 @@
|
||||||
mode: 0440
|
mode: 0440
|
||||||
validate: /usr/sbin/visudo -cf %s
|
validate: /usr/sbin/visudo -cf %s
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
|
- name: Configure rbw
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: ~/.config/rbw
|
||||||
|
state: directory
|
||||||
|
mode: '0755'
|
||||||
|
become: true
|
||||||
|
become_user: "{{ user.name }}"
|
||||||
|
|
||||||
|
- name: Copy rbw-config.json
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: rbw-config.json
|
||||||
|
dest: ~/.config/rbw/config.json
|
||||||
|
mode: '0644'
|
||||||
|
become: true
|
||||||
|
become_user: "{{ user.name }}"
|
||||||
|
|
|
@ -3,3 +3,4 @@
|
||||||
ansible.builtin.shell: gext --filesystem install {{ item }}
|
ansible.builtin.shell: gext --filesystem install {{ item }}
|
||||||
with_items: "{{ gnome_extensions }}"
|
with_items: "{{ gnome_extensions }}"
|
||||||
changed_when: true
|
changed_when: true
|
||||||
|
|
|
@ -6,11 +6,28 @@ if [ -f "${HOME}/.ssh/id_ed25519" ]; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
HOSTNAME=`hostname`
|
HOSTNAME=`hostname`
|
||||||
|
GITHUB_TOKEN=`rbw get "Github CLI Token"`
|
||||||
|
GITEA_TOKEN=`rbw get "Gitea CLI Token"`
|
||||||
|
|
||||||
ssh-keygen -t ed25519 -C "$USER@$HOSTNAME"
|
ssh-keygen -t ed25519 -f "${HOME}/.ssh/id_ed25519" -q -P "" -C "$USER@$HOSTNAME"
|
||||||
|
|
||||||
|
gh ssh-key add "${HOME}/.ssh/id_ed25519.pub" --title "$USER@$HOSTNAME"
|
||||||
|
|
||||||
|
curl -X 'POST' \
|
||||||
|
'https://git.devroom.io/api/v1/user/keys' \
|
||||||
|
-H 'accept: application/json' \
|
||||||
|
-H 'Content-Type: application/json' \
|
||||||
|
-H 'Authorization: ${GITEA_TOKEN}' \
|
||||||
|
-d '{
|
||||||
|
"key": "",
|
||||||
|
"read_only": false,
|
||||||
|
"title": "$USER@$HOSTNAME"
|
||||||
|
}'
|
||||||
|
|
||||||
ssh-keyscan -H git.devroom.io >> "${HOME}/.ssh/known_hosts"
|
ssh-keyscan -H git.devroom.io >> "${HOME}/.ssh/known_hosts"
|
||||||
ssh-keyscan -H github.com >> "${HOME}/.ssh/known_hosts"
|
ssh-keyscan -H github.com >> "${HOME}/.ssh/known_hosts"
|
||||||
|
|
||||||
echo "--- Your public key, sir:"
|
echo "--- Your public key, sir:"
|
||||||
|
echo "---"
|
||||||
cat "${HOME}/.ssh/id_ed25519.pub"
|
cat "${HOME}/.ssh/id_ed25519.pub"
|
||||||
|
echo "---"
|
Loading…
Reference in New Issue
Block a user