Ansible bootstrapping

bootstrap.yml

---

# A simple playbook to add the ansible dependencies and the foo user.
# The site.yml playbook can then lock down permission (deny root login) and so
# on, so long as this playbook has been run. The site.yml playbook will only
# work once this has been run, so it should be safe.

# Half of this file is commented out because I never got round to fixing the
# issue that some machines need an initial user of root and some ubuntu.

# - name: debug bootstrap_ssh_user
#   hosts: all
#   tasks:
#     - debug:
#         var: bootstrap_ssh_user

# - name: Add the foo user to all nodes as current user
#   hosts: all
#   roles:
#     - role: ansible-deps
#       when: bootstrap_ssh_user is not defined
#     - role: foo
#       when: bootstrap_ssh_user is not defined
#   tags:
#     - common
#     - foo
#     - ansible
#     - dependencies

- name: Add the foo user to all as root
  hosts: all
  roles:
    - ansible-deps
    - pam-ssh
    - foo
  # remote_user: "{{ bootstrap_ssh_user }}"
  remote_user: root
  tags:
    - root

- name: Add the foo user to all as the current user
  hosts: all
  roles:
    - ansible-deps
    - foo
  sudo: yes
  tags:
    - current

roles_ansible-deps_tasks_main.yml

---
# roles/ansible-deps/tasks/main.yml
- name: install ansible dependency packages
  apt: pkg={{ item }} state=installed
  with_items:
    - python-mysqldb
    - python-apt