Skip to content

Working out further self-configuration

We switched back to a minimal configuration that only installs ufw firewall, ssh server, and configures access only form a defined set of IPs, because we came to errors with:

  • roles and collections installation with ansible-pull. Roles and collections require to be installed when running local.yml, so we needed another playbook, dependencies.yml. We thought to or run galaxy-install in the launching script, but ther is a chicken and egg problem, because we don't have yet the git repo, with its requirements.yml,
  • the failure to parse an inventory when running ansible-pull, even if the facts deduce the hostname and fqdn. We coded a workaround with playbook variables.

However, we still need:

  • to set up access to the auto-configured hosts, and the right way to do that is our cielito.system.users_and_groups,
  • to be able to auto-configure workstations from a private repo. I searched for project access tokens but didn't find where to get the token trough gitlab web gui.
  • And we have a lot to explore on how to configure a desktop with command line and ansible modules.