wildekek · August 10, 2025 21:12
diff --git a/bootstrap-cloudinit.yaml b/bootstrap-cloudinit.yaml
 - name: Prepare SSH connection
  hosts: cloudinit
  gather_facts: false
  tasks:
    - name: Clean old SSH host keys
      delegate_to: localhost
      ansible.builtin.shell: |
        ssh-keygen -R {{ inventory_hostname }} 2>/dev/null || true
      run_once: true

    - name: Add fresh SSH host keys
      delegate_to: localhost
      ansible.builtin.shell: |
        ssh-keyscan -H {{ inventory_hostname }} >> ~/.ssh/known_hosts
      run_once: true

 - name: Cloud Provision
  hosts: cloudinit
  become: true
  pre_tasks:
    - name: Set become method based on OS
      ansible.builtin.set_fact:
        ansible_become_method: "{{ 'community.general.doas' if ansible_os_family == 'Alpine' else 'sudo' }}"
  tasks:
    - name: "Create groups"
      ansible.builtin.group:
        name: sudo
        state: present

    - name: "Create users"
      ansible.builtin.user:
        user: YOURNAME
        append: true
        groups: YOURNAME, sudo
        comment: "YOU GIVEN NAME"

    - name: "Add public keys"
      ansible.posix.authorized_key:
        user: YOURNAME
        key: "ssh-ed25519 "

    - name: "Set user sudo permissions"
      ansible.builtin.copy:
        src: sudo-willem
        dest: /etc/sudoers.d/10-willem
        owner: root
        group: root
        mode: "440"

    - name: "Use latest-stable Alpine repositories"
      ansible.builtin.copy:
        src: alpine-repositories
        dest: /etc/apk/repositories
        owner: root
        group: root
        mode: "644"
      when: ansible_distribution == "Alpine"

    - name: "Update packages"
      ansible.builtin.package:
        update_cache: true
        upgrade: true

    - name: "Install packages"
      ansible.builtin.package:
        update_cache: false
        name:
          - sudo
          - qemu-guest-agent
          - nano
        state: present

    - name: Enable and start qemu-guest-agent on Alpine
      ansible.builtin.service:
        name: qemu-guest-agent
        enabled: true
        state: started
      when: ansible_distribution == "Alpine"
	- name: Prepare SSH connection
	hosts: cloudinit
	gather_facts: false
	tasks:
	- name: Clean old SSH host keys
	delegate_to: localhost
	ansible.builtin.shell: \|
	ssh-keygen -R {{ inventory_hostname }} 2>/dev/null \|\| true
	run_once: true

	- name: Add fresh SSH host keys
	delegate_to: localhost
	ansible.builtin.shell: \|
	ssh-keyscan -H {{ inventory_hostname }} >> ~/.ssh/known_hosts
	run_once: true

	- name: Cloud Provision
	hosts: cloudinit
	become: true
	pre_tasks:
	- name: Set become method based on OS
	ansible.builtin.set_fact:
	ansible_become_method: "{{ 'community.general.doas' if ansible_os_family == 'Alpine' else 'sudo' }}"
	tasks:
	- name: "Create groups"
	ansible.builtin.group:
	name: sudo
	state: present

	- name: "Create users"
	ansible.builtin.user:
	user: YOURNAME
	append: true
	groups: YOURNAME, sudo
	comment: "YOU GIVEN NAME"

	- name: "Add public keys"
	ansible.posix.authorized_key:
	user: YOURNAME
	key: "ssh-ed25519 "

	- name: "Set user sudo permissions"
	ansible.builtin.copy:
	src: sudo-willem
	dest: /etc/sudoers.d/10-willem
	owner: root
	group: root
	mode: "440"

	- name: "Use latest-stable Alpine repositories"
	ansible.builtin.copy:
	src: alpine-repositories
	dest: /etc/apk/repositories
	owner: root
	group: root
	mode: "644"
	when: ansible_distribution == "Alpine"

	- name: "Update packages"
	ansible.builtin.package:
	update_cache: true
	upgrade: true

	- name: "Install packages"
	ansible.builtin.package:
	update_cache: false
	name:
	- sudo
	- qemu-guest-agent
	- nano
	state: present

	- name: Enable and start qemu-guest-agent on Alpine
	ansible.builtin.service:
	name: qemu-guest-agent
	enabled: true
	state: started
	when: ansible_distribution == "Alpine"