An opinionated playbook for my personal Pi.
We require sshpass
and Ansible's collections.general
and community.general
.
Add the target to the ~/.ssh/config
hosts.
Install Arch Linux ARM.
SSH to the target and run
pacman-key --init
pacman-key --populate archlinuxarm
pacman -Sy python sudo
visudo # and add wheel to the sudoers file
as root (required to bootstrap Ansible).
Test inventory and connectivity with make ping
.
ansible-playbook playbook.yml --vault-password-file vault_password.txt -i hosts.ini
cat playbook.yml | yq -r .[0].roles[0].vars.password_string | ansible-vault decrypt --vault-password-file vault_password.txt
to recover the user's password, for example.