debops.bootstrap default variables

Hostname and domain

bootstrap__hostname_domain_config_enabled

Should the hostname and domain be configured during bootstrap?

bootstrap__hostname_domain_config_enabled: '{{ (True
                                                if (ansible_local|d() and
                                                    ansible_local.cap12s|d() and
                                                    (not ansible_local.cap12s.enabled|bool or
                                                     "cap_sys_admin" in ansible_local.cap12s.list))
                                                else False) | bool }}'
bootstrap__domain

Set custom DNS domain on a given host.

bootstrap__domain: '{{ inventory_hostname.split(".")[1:] | join(".") }}'
bootstrap__hostname

Set custom DNS hostname on a given host.

bootstrap__hostname: '{{ inventory_hostname_short | d(inventory_hostname.split(".")[0]) }}'
bootstrap__hostname_v6_loopback

Set custom DNS hostname on a given host also for IPv6. This is only needed when you don't have properly working DNS and still need to resolve the hostname as IPv6 address. Refer to https://github.com/debops/ansible-bootstrap/pull/9

bootstrap__hostname_v6_loopback: False

APT and packages

bootstrap__raw

Ensure bootstrap__mandatory_packages are installed using raw Ansible module before proceeding.

bootstrap__raw: True
bootstrap__mandatory_packages

Mandatory packages installed during bootstrap.

bootstrap__mandatory_packages:
  - 'python'
  - 'python-apt'
bootstrap__base_packages

Base packages installed during bootstrap.

bootstrap__base_packages:
  - 'python-pip'
  - 'sudo'
  - 'lsb-release'
  - 'dbus'
bootstrap__packages

Install additional packages during bootstrap.

bootstrap__packages: []

System administrator accounts

bootstrap__admin

Enable configuration of administrator accounts.

bootstrap__admin: True
bootstrap__admin_system

Should the admin accounts be system accounts (UID < 1000) if not specified otherwise?

bootstrap__admin_system: True
bootstrap__admin_default_users

List of default user accounts created by the role. See bootstrap__admin_users for more details.

bootstrap__admin_default_users:
  - name: '{{ ansible_ssh_user
              if (ansible_ssh_user | d() and
                  ansible_ssh_user != "root")
              else ansible_user
                   if (ansible_user | d() and
                   ansible_user != "root")
              else lookup("env", "USER") }}'
bootstrap__admin_users

List of additional user accounts created by the role. See bootstrap__admin_users for more details.

bootstrap__admin_users: []
bootstrap__admin_groups

List of local system groups which admin accounts will be added to. If any groups don't exists, they will be automatically created as "system" groups with GID < 1000.

The first specified group is used as the sudo passwordless admin group.

All new user accounts will have their home directories in the first group listed here as well, to allow easier communication between administrators.

bootstrap__admin_groups: [ 'admins', 'staff', 'adm', 'sudo' ]
bootstrap__admin_home_path

Root path of the home directory of the admin accounts, when they are "normal" user accounts with UID and GID >= 1000.

bootstrap__admin_home_path: '/home'
bootstrap__admin_home_path_system

Root path of the home directory of the admin accounts, when they are "system" user accounts with UID and GID < 1000.

bootstrap__admin_home_path_system: '/var/local'
bootstrap__admin_home_group

New admin accounts will have their home directories in this system group to allow easier data exchange between system administrators.

bootstrap__admin_home_group: '{{ bootstrap__admin_groups[0] }}'
bootstrap__admin_home_mode

Specify permissions for new admin account home directories.

bootstrap__admin_home_mode: '0750'
bootstrap__admin_comment

Default comment / GECOS field which is set on the new admin accounts if none is specified.

bootstrap__admin_comment: 'System Administrator'
bootstrap__admin_shell

Default shell set on the new admin accounts if none is specified.

bootstrap__admin_shell: '/bin/bash'
bootstrap__admin_sshkeys

List of SSH keys configured on root and administrator accounts. It takes all active keys from your current ssh agent session plus all public keys which you keep in the ~/.ssh/ directory of the user which you are bootstrapping DebOps from. If you are not happy with that scenario, for example you have some keys which you don't like to be included, please modify the variable accordingly to your requirements.

bootstrap__admin_sshkeys: [ '{{ lookup("pipe","ssh-add -L | grep ^ssh || cat ~/.ssh/*.pub || true") }}' ]

Access to sudo commands

bootstrap__sudo

Configure passwordless sudo access for selected accounts.

bootstrap__sudo: True
bootstrap__sudo_group

A group which grants passwordless sudo access.

bootstrap__sudo_group: '{{ bootstrap__admin_groups[0] | default("") }}'