From 2fad0b1f8d2b8db90668a289bd140eb9379f9eb6 Mon Sep 17 00:00:00 2001
From: Ricard Illa <ricard@trkkn.com>
Date: Fri, 4 Nov 2022 15:24:55 +0100
Subject: [PATCH] btrbk user things

---
 deploy.yml                          |  1 +
 host_files/btrbk/narwhal/btrbk.conf |  0
 roles/btrbk/files/id_ed25519        | 25 +++++++++++++++++++++
 roles/btrbk/files/id_ed25519.pub    | 10 +++++++++
 roles/btrbk/tasks/main.yml          | 35 +++++++++++++++++++++++++++++
 5 files changed, 71 insertions(+)
 create mode 100644 host_files/btrbk/narwhal/btrbk.conf
 create mode 100644 roles/btrbk/files/id_ed25519
 create mode 100644 roles/btrbk/files/id_ed25519.pub

diff --git a/deploy.yml b/deploy.yml
index 819161e..35a5acd 100644
--- a/deploy.yml
+++ b/deploy.yml
@@ -118,6 +118,7 @@
   become: true
   roles:
     - btrbk
+  tags: btrbk
 
 - name: caladan-specific things
   hosts: caladan
diff --git a/host_files/btrbk/narwhal/btrbk.conf b/host_files/btrbk/narwhal/btrbk.conf
new file mode 100644
index 0000000..e69de29
diff --git a/roles/btrbk/files/id_ed25519 b/roles/btrbk/files/id_ed25519
new file mode 100644
index 0000000..45b2d28
--- /dev/null
+++ b/roles/btrbk/files/id_ed25519
@@ -0,0 +1,25 @@
+$ANSIBLE_VAULT;1.1;AES256
+65343662643732393835376666373930366539383835663834313035373362393133373833396161
+6463343465623762353737663036306433613132656533330a366333393165363434663033343136
+39303164396135323035303733393239633530313636323137653934346630343836343838363337
+6137303334623732300a663330613061303536326230323832383537633932396165323633656461
+62623938383131363831633536376163373265386264383131303238346335313236646239633630
+66656436303663646339613930396436356637613532353937366230643837663636313661376331
+39353939363265643661316534356338336639306666343034323434663861643764393737303865
+65366138636363323061616162356431633135626231306366616462383233393237316139323935
+36393930633363656630363364323336613635626661303339306435363837613766636163623534
+38613166633835656137346135306266626239633738323966383034386235383761316365303538
+63303231613766303532396562633830633161366230666430353432376537383562346330333033
+33306334646636383035326332343330636238386665616465326261373235313735633233633562
+66323933626232303236356266353365336433666362353838666465373764393463393238306530
+64333934616331343035663335326239353530323933616535613839383161646638646261393265
+31376233353532326361653164313636633438366266613235333234626633373531393364613432
+62303464646637663631356233373865613162336537313062646432383238613164643233383537
+34326362656564646138636562323131393661376133316565653861633039613937646564376333
+38343335333064643163383963623538636330613765383137306133323164633966353433333765
+33633135623534336131393431373637366239316334613936636661343165353236346433346634
+66333161623062333265396337633333636663386334306137643363343239323432636337313033
+38656434366464343038393935643663346661636134313965653963653532303534333031393666
+33323965653838633261613664623738356635346163333439363062646361623466663738393261
+65396463343537363166613666303830366162393134633739306630353936333165653361343134
+61366533323666383639
diff --git a/roles/btrbk/files/id_ed25519.pub b/roles/btrbk/files/id_ed25519.pub
new file mode 100644
index 0000000..cfb25ca
--- /dev/null
+++ b/roles/btrbk/files/id_ed25519.pub
@@ -0,0 +1,10 @@
+$ANSIBLE_VAULT;1.1;AES256
+30613933373763373264373162313466663333353830306436323964633463353632326563343361
+3564643432323962313836326231313961346630303734650a376234653935643066326232666161
+39303061343564643866313530633835306332303861316163373439636534333730626538633264
+3532613234343936660a623966643230316337383636646337313435323836636263333765356261
+31326130313733616261643032396261333963316161363933383365316164383432623631353436
+64383238363430653933343836373233313131623838316462373639396162663632396631663063
+33356133316331366563613134366664393462326235613561613134613532396237393239316339
+64343735383930323862616664333464643232636166326136623335333733666666623261326132
+6231
diff --git a/roles/btrbk/tasks/main.yml b/roles/btrbk/tasks/main.yml
index 6efa87f..3f2d825 100644
--- a/roles/btrbk/tasks/main.yml
+++ b/roles/btrbk/tasks/main.yml
@@ -11,3 +11,38 @@
   copy:
     src: "host_files/btrbk/{{ ansible_hostname }}/btrbk.conf"
     dest: /etc/btrbk/btrbk.conf
+
+- name: make btrbk user ssh directory
+  file:
+    state: directory
+    path: /var/lib/btrbk/.ssh
+    owner: btrbk
+
+- name: copy btrbk user ssh key
+  copy:
+    src: id_ed25519
+    dest: /var/lib/btrbk/.ssh/id_ed25519
+    owner: btrbk
+    mode: '0400'
+
+- name: copy btrbk user ssh public key
+  copy:
+    src: id_ed25519.pub
+    dest: /var/lib/btrbk/.ssh/id_ed25519.pub
+    owner: btrbk
+    mode: '0644'
+
+- name: copy btrbk user ssh public key to authorized_keys
+  copy:
+    src: id_ed25519.pub
+    dest: /var/lib/btrbk/.ssh/authorized_keys
+    owner: btrbk
+    mode: '0644'
+
+- name: add btrbk ssh keys to lbu
+  lbu:
+    include:
+      - /var/lib/btrbk/.ssh/id_ed25519
+      - /var/lib/btrbk/.ssh/id_ed25519.pub
+      - /var/lib/btrbk/.ssh/authorized_keys
+  when: ansible_distribution == "Alpine" and alpine_mode in ["diskless", "data"]