Initial import.

.travis.yml

@@ -0,0 +1,37 @@
+---
+services: docker
+
+env:
+  - distro: centos7
+    init: /usr/lib/systemd/systemd
+    run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
+  - distro: ubuntu1604
+    init: /lib/systemd/systemd
+    run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
+
+before_install:
+  # Pull container.
+  - 'docker pull geerlingguy/docker-${distro}-ansible:latest'
+
+script:
+  - container_id=$(mktemp)
+  # Run container in detached state.
+  - 'docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} geerlingguy/docker-${distro}-ansible:latest "${init}" > "${container_id}"'
+
+  # Ansible syntax check.
+  - 'docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check'
+
+  # Test role.
+  - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml'
+
+  # Test role idempotence.
+  - idempotence=$(mktemp)
+  - docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml | tee -a ${idempotence}
+  - >
+    tail ${idempotence}
+    | grep -q 'changed=0.*failed=0'
+    && (echo 'Idempotence test: pass' && exit 0)
+    || (echo 'Idempotence test: fail' && exit 1)
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

defaults/main.yml

@@ -0,0 +1 @@
+keys_path: "{{playbook_dir}}/keys"

files/dot_vimrc.local

@@ -0,0 +1 @@
+# Add custom zsh settings here

files/dot_zshrc.local

@@ -0,0 +1 @@
+# Add custom vim settings here

files/userns.conf

@@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=-/usr/bin/dockerd --userns-remap=dork -H fd://

handlers/main.yml

@@ -0,0 +1,5 @@
+- name: restart docker service
+  systemd:
+    daemon_reload: yes
+    name: docker
+    state: restarted

meta/main.yml

@@ -0,0 +1 @@
+dependencies: []

tasks/centos.yml

@@ -0,0 +1,21 @@
+- yum:
+    name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
+
+- yum_repository:
+    name: docker
+    description: Docker Repository
+    baseurl: https://yum.dockerproject.org/repo/main/centos/7/
+    enabled: 1
+    gpgcheck: 1
+    gpgkey: https://yum.dockerproject.org/gpg
+
+- yum:
+    name: "{{item}}"
+    update_cache: yes
+  with_items:
+  - python-pip
+  - docker-engine
+  - zsh
+  - vim
+  - git
+  - curl

tasks/main.yml

@@ -0,0 +1,10 @@
+- name: Configure host system
+  include: system.yml
+  tags: system
+
+- name: Load and apply users
+  include: user.yml
+  vars:
+    file: "{{item}}"
+  with_fileglob: "{{users}}/*"
+  tags: users

tasks/system.yml

@@ -0,0 +1,58 @@
+- include: ubuntu.yml
+  when: ansible_distribution == 'Ubuntu'
+
+- include: centos.yml
+  when: ansible_distribution == 'CentOS'
+
+
+- file:
+    path: /etc/systemd/system/docker.service.d/userns.conf
+    state: directory
+
+- pip:
+    name: dork-compose
+    state: latest
+
+- group:
+    name: "{{item}}"
+  with_items:
+  - dork
+
+- user:
+    name: dork
+    group: dork
+    system: yes
+
+- stat:
+    path: /etc/subuid
+  register: subuid
+
+- stat:
+    path: /etc/subgid
+  register: subgid
+
+- shell: id --user dork
+  register: dork_user
+  when: subuid.stat.exists and subgid.stat.exists
+
+- shell: id --group dork
+  register: dork_group
+  when: subuid.stat.exists and subgid.stat.exists
+
+- copy:
+    src: userns.conf
+    dest: /etc/systemd/system/docker.service.d/userns.conf
+  notify: restart docker service
+  when: subuid.stat.exists and subgid.stat.exists
+
+- lineinfile:
+    dest: /etc/subuid
+    line: "dork:{{dork_user.stdout}}:65536"
+  notify: restart docker service
+  when: subuid.stat.exists and subgid.stat.exists
+
+- lineinfile:
+    dest: /etc/subgid
+    line: "dork:{{dork_group.stdout}}:65536"
+  notify: restart docker service
+  when: subuid.stat.exists and subgid.stat.exists

tasks/ubuntu.yml

@@ -0,0 +1,24 @@
+- apt:
+    name: "{{item}}"
+    update_cache: yes
+  with_items:
+  - apt-transport-https
+  - ca-certificates
+
+- apt_key:
+    keyserver: hkp://p80.pool.sks-keyservers.net:80
+    id: 58118E89F3A912897C070ADBF76221572C52609D
+
+- apt_repository:
+    repo: "deb https://apt.dockerproject.org/repo ubuntu-xenial main"
+
+- apt:
+    name: "{{item}}"
+    update_cache: yes
+  with_items:
+  - python-pip
+  - docker-engine
+  - zsh
+  - vim
+  - git
+  - curl

tasks/user.yml

@@ -0,0 +1,56 @@
+- include_vars:
+    file: "{{file}}"
+    name: user
+
+- user:
+    name: "{{user.name}}"
+    groups: dork,docker
+    shell: /bin/zsh
+
+- name: Install oh-my-zsh
+  git:
+    repo: https://github.com/robbyrussell/oh-my-zsh.git
+    dest: /home/{{user.name}}/.oh-my-zsh
+  become_user: "{{user.name}}"
+
+- name: Install .zshrc
+  template:
+    src: dot_zshrc.j2
+    dest: /home/{{user.name}}/.zshrc
+  become_user: "{{user.name}}"
+
+- copy:
+    src: dot_zshrc.local
+    force: no
+    dest: /home/{{user.name}}/.zshrc.local
+
+- name: Install amix/vimrc
+  git:
+    repo: https://github.com/amix/vimrc.git
+    dest: /home/{{user.name}}/.vim_runtime
+  become_user: "{{user.name}}"
+
+- name: Install .vimrc
+  template:
+    src: dot_vimrc.j2
+    dest: /home/{{user.name}}/.vimrc
+  become_user: "{{user.name}}"
+
+- copy:
+    src: dot_vimrc.local
+    force: no
+    dest: /home/{{user.name}}/.vimrc.local
+
+- file:
+    path: /home/{{user.name}}/.ssh/authorized_keys
+    state: absent
+
+- authorized_key:
+    user: "{{user.name}}"
+    key: "{{key}}"
+  with_items: "{{user.public_keys}}"
+  loop_control:
+    loop_var: key
+
+
+

templates/dot_vimrc.j2

@@ -0,0 +1,13 @@
+set runtimepath+=/opt/vim_runtime
+
+source /opt/vim_runtime/vimrcs/basic.vim
+source /opt/vim_runtime/vimrcs/filetypes.vim
+source /opt/vim_runtime/vimrcs/plugins_config.vim
+source /opt/vim_runtime/vimrcs/extended.vim
+
+""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+" Overrides                                                          "
+""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+set shiftwidth=2
+set tabstop=2
+colorscheme slate

templates/dot_zshrc.j2

@@ -0,0 +1,94 @@
+# Path to your oh-my-zsh installation.
+export ZSH=~/.oh-my-zsh
+
+# Set name of the theme to load.
+# Look in ~/.oh-my-zsh/themes/
+# Optionally, if you set this to "random", it'll load a random theme each
+# time that oh-my-zsh is loaded.
+ZSH_THEME="Soliah"
+
+# Uncomment the following line to use case-sensitive completion.
+# CASE_SENSITIVE="true"
+
+# Uncomment the following line to disable bi-weekly auto-update checks.
+# DISABLE_AUTO_UPDATE="true"
+
+# Uncomment the following line to change how often to auto-update (in days).
+# export UPDATE_ZSH_DAYS=13
+
+# Uncomment the following line to disable colors in ls.
+# DISABLE_LS_COLORS="true"
+
+# Uncomment the following line to disable auto-setting terminal title.
+# DISABLE_AUTO_TITLE="true"
+
+# Uncomment the following line to enable command auto-correction.
+# ENABLE_CORRECTION="true"
+
+# Uncomment the following line to display red dots whilst waiting for completion.
+# COMPLETION_WAITING_DOTS="true"
+
+# Uncomment the following line if you want to disable marking untracked files
+# under VCS as dirty. This makes repository status check for large repositories
+# much, much faster.
+DISABLE_UNTRACKED_FILES_DIRTY="true"
+
+# Uncomment the following line if you want to change the command execution time
+# stamp shown in the history command output.
+# The optional three formats: "mm/dd/yyyy"|"dd.mm.yyyy"|"yyyy-mm-dd"
+# HIST_STAMPS="mm/dd/yyyy"
+
+# Would you like to use another custom folder than $ZSH/custom?
+# ZSH_CUSTOM=/path/to/new-custom-folder
+
+# Which plugins would you like to load? (plugins can be found in ~/.oh-my-zsh/plugins/*)
+# Custom plugins may be added to ~/.oh-my-zsh/custom/plugins/
+# Example format: plugins=(rails git textmate ruby lighthouse)
+# Add wisely, as too many plugins slow down shell startup.
+plugins=(git docker)
+
+# User configuration
+
+export PATH=$HOME/bin:/usr/local/bin:$PATH
+# export MANPATH="/usr/local/man:$MANPATH"
+
+source $ZSH/oh-my-zsh.sh
+
+# You may need to manually set your language environment
+# export LANG=en_US.UTF-8
+
+# Preferred editor for local and remote sessions
+# if [[ -n $SSH_CONNECTION ]]; then
+export EDITOR='vim'
+# else
+#   export EDITOR='mvim'
+# fi
+
+# Compilation flags
+# export ARCHFLAGS="-arch x86_64"
+
+# ssh
+# export SSH_KEY_PATH="~/.ssh/dsa_id"
+
+# Set personal aliases, overriding those provided by oh-my-zsh libs,
+# plugins, and themes. Aliases can be placed here, though oh-my-zsh
+# users are encouraged to define aliases within the ZSH_CUSTOM folder.
+# For a full list of active aliases, run `alias`.
+#
+# Example aliases
+# alias zshconfig="mate ~/.zshrc"
+# alias ohmyzsh="mate ~/.oh-my-zsh"
+
+# Initialize git variables.
+{% if user.full_name %}
+export GIT_AUTHOR_NAME="{{ user.full_name }}"
+export GIT_COMMITTER_NAME="$GIT_AUTHOR_NAME"
+{% endif %}
+{% if user.mail %}
+export GIT_AUTHOR_EMAIL="{{ user.mail }}"
+export GIT_COMMITTER_EMAIL="$GIT_AUTHOR_EMAIL"
+{% endif %}
+
+if [[ -f ~/.zshrc.local ]]; then
+  source ~/.zshrc.local
+fi

tests/test.yml

@@ -0,0 +1,12 @@
+---
+- hosts: test
+  gather_facts: no
+  pre_tasks:
+  - raw: yum install python -y
+    ignore_errors: yes
+  - raw: apt-get install python -y
+    ignore_errors: yes
+  - setup:
+  roles:
+    - role: ansible-dork-host
+      users: "{{playbook_dir}}/users"

tests/users/janeway.yml

@@ -0,0 +1,6 @@
+name: janeway
+mail: [email protected]
+full_name: Kathryn Janeway
+public_keys:
+- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDiQ7XdXeP6JquM8h3TG9lk0dDl/jFTQKmIcY186O9e/h9ylaJp3R2du0bhMMua+0GQPJn/FA3IJpUyLE7WaXqSxsAAx0GnWenBKey/5qIOuqp4Xc4i19/Ma0V2j2SnKUC5XWCD+zCAKRdKD+eQIG3YhIcmghFUqwj8vi51uzJ6t1871XQVglUHsLw+e1JtktCrJ2xc5KXZeAF39UBSLd1SzaGoeVgEwngKqB2gsqypcXUz8+qUtXcVsGIV40MTJtL6cFGGTyIseR5H1rbyysHPHyWsq4DkVhkGH/3rOI6tuY/XL4BJdRykSs7sFnkr/NfWOO3wcYQq2us0HIDTqgX1bQwn0lEchJ0E4l0z6o6yswIKFLzS9HKPH0dWb6nRe2CBNRdJNZEdYbEL7qFtMikKpwGv3+X+cUO6518D1MDcf03vS+F0dFE7dReIYaubeTlZQ/zmFpC0d+zz52biOnN3tpYX2Y8yLu9079gEE+MJMtx7peXxrpnDdzDe9xZ+noTz0tQeH1fqsqoIbMgE5gGm1xumiovQD/ER3c15mzaCF59yqRJzaSiNUioIcEEPn/zNM9JJah527qgaZ698xvJqec3N7FmGM1rN8GD0IBiETBZmx2fkKfTQE8+eRQHXBgEWpCH10yB3m8D/22nS8FhRRaPToI//gNeeIbqvawbtYQ== [email protected]
+

tests/users/kirk.yml

@@ -0,0 +1,7 @@
+name: jim
+mail: [email protected]
+full_name: James Tiberius Kirk
+public_keys:
+  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCz+zVXjX38mWFSvf8rY0Ux0Ac+ZMR7wxMB8ZfZo41UT7C6WtX7g2ma/2Rhlwhwp+qCoS0oyn9xuOBMWJ+jqrqD2eB3slo45rmWcBF0dk69euRNV0bmu69Me96O7KFihZJk02y349TrGB48545fR6q69eZRuPomY2tBtvu9tbUjflLBO31mB2MzwmQc7GhzkJHA0lKfxLWP9Au0Wp6pN0ZxwQo/GIocdGj4TbqZcvI/CJhA37g07ixJ0tze0Lv3VGPkRXIbpYehlDKNJNvz3CzzvsaP/SDyoUbOHxyOJ/XiAn1mQ+tUq++aFUE6G0RUVztYFh1sLube2wKK+ESr6qxEfQa3ySlNNmq3cE7UT4Oj/DAKMIoTTTGuV88NedI6r2kFIJD8D9XHL8OSVOKsQwTt1z2zJcDSWYQ9kZ6RuQX81TEaemUxB3DwCySCZ2GncMUsdDBTJBaudFleOIXnAWAiUcpNBcOhtiQi8NL78Ey/6uwhyw84W6988ujRyd9EYfrsG8ppZWgF1oOPe4992vItFa2gq1bZMtKi7mEmBIbxWIG8iDqS1dnuFTzNgBFUQx3CwqrPCzsNt6MxipKfrKF0XyrKQKXZbZe4Do6LB4j6QH75R8xjConLCs3EtRh/HehaqOJXcozgz7ilkEzDoROduVOQR2Br3O2BMrUxK7ZQNQ== [email protected]
+  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHGkCQwrCDrqCehXK+9YnrxW7QBTqlX/wrQ05/aplv1YgYUUEo09kD2+DDNpmvhCVcNoNY95yrP/3WlYqfW/EMbCUdx8+xeyK3jdL4rtjN3yXrXAAQhlbbEnvLkBEoGj0X3uaMdyrI2AKWYiL0JZkyYfZezBAjX8+7iOan+i/JzUyq5Vp9XudiKyThmen2e07pFWvMukWuSG9bwG6RX36sZmaz1G7xiSal9s1aHgd8JsgmJVpcIZojl/j61I8vLBkwLW6pTkzPtuWnQbKvSWZz1y9VeN8chh2eqUfeIsm+zbEttdQk2MYM1coB+34vrlBCyelk2tkMmL0MfE64XywjJTqRjY7oo743TGqFXafpilLyGHjAS6s6CnyDVQ4BZLGDIVYsJpzgEAEjFVtD85SwoP6je1++yhsZHwxzn2b0DnApEMjtULWbhrxlp34KoCnVCGsD+BG6hQPRAgKu95L3ZvPk5kZpmnq2b1fPAFzTkbBbWZCXp1vdUOZNWPWRQFssiKHZ+khlTR0N5GqUlExplefA0HMfiYtIWwSMnVSI0HD/XYhFqIfqyKiv6rFsTFCrJkAhK6Vf1mOKREe4muDyNdF83u+MkPQKOJseqOaQpz9T5SCeXS36/jmJLTVc0cWy96vH8HawTU1ewaYFtXfj3WrQAT24hH8XjBXX+g9h4w== [email protected]
+

tests/users/picard.yml

@@ -0,0 +1,6 @@
+name: jeanluc
+mail: [email protected]
+full_name: Jean-Luc Picard
+public_keys:
+  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDMaQcczikK1sfLSd2CgOxKGA3wbxywFS59wkfM7maQ/ybmUE9BBrSeszsrC5qeHlwAvmTJ6V4PjrrdclgJprVzkgigJqCNrr1WwGEq2TCcyY1w7w2Q3qpgP8PsBWALDXtmrchPylsLoyJdMchPrkAufy2lw1syPjUJnPeXWhcBAzbPXs01imzWksa1Sz1ukZ5QmIqh4JJJoAjvuLMHkP97dSba1aGreI/AnFcW19kLleOIKeTktOV9caDlwAH15DbegbTeTJX4olq7PSGsa4yyqD/lMQ7AcAjDD/QMYvyBiWj/DF475zxd4VD+kv+h8AawqulpY1bbq9fAf92D2ss003iSV2QmWWjvzJDUN9icHXcd8JYvwgZ3Si6V1jsS3EdOTAc20TZKnFPT9OuqeuVp3QxOtt1/mGo1yMyx9NpuNhLhjcQ02DP1DVFOGlnisnn9zhH6hKBFkzRUFO6IXerzwnKoW/u4Rs8iAd8u8UtCqI4p+6d+F+b+VOLaFIMWI0pKzWb14gw2oGo6NAGxZPU++YqmQ3caIy2GN8TGwxFMVIcfIyZxGeV3FRUJA2xykU/19Wo2zhwF07Kwn2VTeYUtRsbKnroYlWx4BE9G8qz1ByHJrTIBWGVnLM5BS1HkM/CVtfdTQeAu6rC+9sCD0bW83X+wEXlbCxUsgIq9KTOpzQ== [email protected]
+