mirror of
https://github.com/ben-grande/qusal.git
synced 2024-10-01 02:35:49 -04:00
a564b3a703
Ideally, it would be a Qrexec socket service, but it doesn't handle DNS, only accepting IPs. The dev qube is now non-networked and network, especially to remote git repositories can be acquired via the proxy that is going to be installed in every netvm. |
||
|---|---|---|
| .. | ||
| files | ||
| clone.sls | ||
| clone.top | ||
| configure-minion.sls | ||
| configure-minion.top | ||
| configure.sls | ||
| configure.top | ||
| create.sls | ||
| create.top | ||
| init.top | ||
| install-repo.sls | ||
| install-repo.top | ||
| install.sls | ||
| install.top | ||
| README.md | ||
ansible
Ansible environment in Qubes OS.
Table of Contents
Description
Install Ansible and use it on the "ansible" app qube.
Installation
- Top
sudo qubesctl top.enable ansible
sudo qubesctl --targets=tpl-ansible,ansible,ansible-minion state.apply
sudo qubesctl top.disable ansible
- State
sudo qubesctl state.apply ansible.create
sudo qubesctl --skip-dom0 --targets=tpl-ansible state.apply ansible.install
sudo qubesctl --skip-dom0 --targets=ansible state.apply ansible.configure,zsh.touch-zshrc
sudo qubesctl --skip-dom0 --targets=ansible-minion state.apply ansible.configure-minion,zsh.touch-zshrc
Usage
Configure the control node ansible:
ssh-keygen -t ed25519 -N "" -f ~/.ssh/id_ansible
qvm-copy ~/.ssh/id_ansible.pub
Select ansible-minion as the target qube for the copy operation.
Configure the minion ansible-minion:
mkdir -m 0700 ~/.ssh
cat ~/QubesIncoming/ansible/id_ansible.pub >> ~/.ssh/authorized_keys
From the control node ansible, test connection to the minion
ansible-minion:
ssh minion