group='wheel', mode='600') server.shell(name='Generate server keys', commands=[ ''' if ! test -f /etc/wireguard/server.key; then ( umask 0077 wg genkey > /etc/wireguard/server.key wg pubkey < /etc/wireguard/server.key > /etc/wireguard/server.pub ); fi ''' ]) files.get(name='Retrieve server public key', src='/etc/wireguard/server.pub', dest='out/server.pub') def generate_client_config(state, host): with open("out/server.pub") as f: server_pub = f.read().strip() for i, client in enumerate(clients.CLIENTS, start=2): if client is None: continue if not os.path.exists(f"out/{client}.key"): os.system(f"umask 0077; wg genkey > out/{client}.key") os.system(f"umask 0077; wg genkey > out/{client}.psk") os.system(f"wg pubkey < out/{client}.key > out/{client}.pub") with open(f"out/{client}.key") as f: client_key = f.read().strip()
# ensure all hosts are added to each /etc/hosts file inv = inventory.get_group('@vagrant') for item in inv: update_hosts_file(item.name, item.fact.ipv4_addresses['eth0']) if host.name == '@vagrant/two': server.hostname( name='Set the hostname for two', hostname='two.example.com', ) if host.name == '@vagrant/one': server.hostname( name='Set the hostname for one', hostname='one.example.com', ) server.shell( name='Generate vagrant ssh key', commands=('sudo -u vagrant ssh-keygen -t rsa -C [email protected] ' '-b 4096 -N "" -q -f /home/vagrant/.ssh/id_rsa'), ) files.get( name='Download id_rsa.pub from one', src='/home/vagrant/.ssh/id_rsa.pub', dest='/tmp/one_vagrant_id_rsa.pub', )
path="/etc/motd", match="verboten", replace="forbidden", ) # Sync local files/tempdir to remote /tmp/tempdir files.sync( name="Sync a local directory with remote", src="files/tempdir", dest="/tmp/tempdir", ) if host.get_fact(File, path="/etc/os-release"): files.get( name="Download a file from a remote", src="/etc/os-release", dest="/tmp/whocares", ) foo_variable = "This is some foo variable contents" files.template( name="Create a templated file", src="templates/foo.j2", dest="/tmp/foo", foo_variable=foo_variable, ) files.link( name="Create link /etc/issue2 that points to /etc/issue", path="/etc/issue2", target="/etc/issue",
'/etc/motd', 'verboten', 'forbidden', ) # Sync local files/tempdir to remote /tmp/tempdir files.sync( {'Sync a local directory with remote'}, 'files/tempdir', '/tmp/tempdir', ) if host.fact.file('/etc/os-release'): files.get( {'Download a file from a remote'}, '/etc/os-release', '/tmp/whocares', ) foo_variable = 'This is some foo variable contents' files.template( {'Create a templated file'}, 'templates/foo.j2', '/tmp/foo', foo_variable=foo_variable, ) files.link( {'Create link /etc/issue2 that points to /etc/issue'}, '/etc/issue2', '/etc/issue',
# ensure all hosts are added to each /etc/hosts file inv = inventory.get_group('@vagrant') for item in inv: update_hosts_file(item.name, item.fact.ipv4_addresses['eth0']) if host.name == '@vagrant/two': server.hostname( {'Set the hostname for two'}, 'two.example.com', ) if host.name == '@vagrant/one': server.hostname( {'Set the hostname for one'}, 'one.example.com', ) server.shell( {'Generate vagrant ssh key'}, 'sudo -u vagrant ssh-keygen -t rsa -C [email protected] ' '-b 4096 -N "" -q -f /home/vagrant/.ssh/id_rsa', ) files.get( {'Download id_rsa.pub from one'}, '/home/vagrant/.ssh/id_rsa.pub', '/tmp/one_vagrant_id_rsa.pub', )
# ensure all hosts are added to each /etc/hosts file inv = inventory.get_group("@vagrant") for item in inv: update_hosts_file(item.name, item.get_fact(Ipv4Addresses)["eth0"]) if host.name == "@vagrant/two": server.hostname( name="Set the hostname for two", hostname="two.example.com", ) if host.name == "@vagrant/one": server.hostname( name="Set the hostname for one", hostname="one.example.com", ) server.shell( name="Generate vagrant ssh key", commands=("sudo -u vagrant ssh-keygen -t rsa -C [email protected] " '-b 4096 -N "" -q -f /home/vagrant/.ssh/id_rsa'), ) files.get( name="Download id_rsa.pub from one", src="/home/vagrant/.ssh/id_rsa.pub", dest="/tmp/one_vagrant_id_rsa.pub", )
path='/etc/motd', match='verboten', replace='forbidden', ) # Sync local files/tempdir to remote /tmp/tempdir files.sync( name='Sync a local directory with remote', src='files/tempdir', dest='/tmp/tempdir', ) if host.fact.file('/etc/os-release'): files.get( name='Download a file from a remote', src='/etc/os-release', dest='/tmp/whocares', ) foo_variable = 'This is some foo variable contents' files.template( name='Create a templated file', src='templates/foo.j2', dest='/tmp/foo', foo_variable=foo_variable, ) files.link( name='Create link /etc/issue2 that points to /etc/issue', path='/etc/issue2', target='/etc/issue',