From 61b24b7f9da768902886747ea70e5b91695edad0 Mon Sep 17 00:00:00 2001
From: clarkzjw <i@jinwei.me>
Date: Fri, 13 Jan 2023 15:43:30 -0800
Subject: fix init

---
 clarkzjw.ca/config/atlas/README.md                 |  2 ++
 clarkzjw.ca/config/atlas/ansible.cfg               |  2 +-
 clarkzjw.ca/config/atlas/init.yaml                 |  3 +-
 clarkzjw.ca/config/atlas/inventory/hosts.yaml      |  2 +-
 .../config/atlas/roles/init/tasks/main.yaml        | 32 ++++++++++++++++++++++
 .../config/atlas/roles/tailscale/tasks/main.yaml   | 16 -----------
 6 files changed, 37 insertions(+), 20 deletions(-)
 delete mode 100644 clarkzjw.ca/config/atlas/roles/tailscale/tasks/main.yaml

diff --git a/clarkzjw.ca/config/atlas/README.md b/clarkzjw.ca/config/atlas/README.md
index 5525ea9..37e39b3 100644
--- a/clarkzjw.ca/config/atlas/README.md
+++ b/clarkzjw.ca/config/atlas/README.md
@@ -11,6 +11,8 @@ Usage: HomeLab Main NAS
 ansible-playbook init.yaml -K -k
 ```
 
+Login and exec `sudo tailscale up` and authorize Tailscale in the admin panel.
+
 ### Setup
 ```bash
 ansible-playbook setup.yaml
diff --git a/clarkzjw.ca/config/atlas/ansible.cfg b/clarkzjw.ca/config/atlas/ansible.cfg
index 9ad35f3..e0f6c28 100644
--- a/clarkzjw.ca/config/atlas/ansible.cfg
+++ b/clarkzjw.ca/config/atlas/ansible.cfg
@@ -1,5 +1,5 @@
 [defaults]
-host_key_checking = True
+host_key_checking = False
 transport = ssh
 remote_user = clarkzjw
 roles_path = roles
diff --git a/clarkzjw.ca/config/atlas/init.yaml b/clarkzjw.ca/config/atlas/init.yaml
index 9415d6f..3dfbc09 100644
--- a/clarkzjw.ca/config/atlas/init.yaml
+++ b/clarkzjw.ca/config/atlas/init.yaml
@@ -1,6 +1,6 @@
 ---
 - name: Init
-  hosts: storinator
+  hosts: atlas
   remote_user: root
   gather_facts: true
   vars:
@@ -8,4 +8,3 @@
 
   roles:
     - role: init
-    - role: tailscale
diff --git a/clarkzjw.ca/config/atlas/inventory/hosts.yaml b/clarkzjw.ca/config/atlas/inventory/hosts.yaml
index 1291bbb..bee48c4 100644
--- a/clarkzjw.ca/config/atlas/inventory/hosts.yaml
+++ b/clarkzjw.ca/config/atlas/inventory/hosts.yaml
@@ -1,3 +1,3 @@
 all:
   hosts:
-    storinator:
+    atlas:
diff --git a/clarkzjw.ca/config/atlas/roles/init/tasks/main.yaml b/clarkzjw.ca/config/atlas/roles/init/tasks/main.yaml
index cc69403..29cf529 100644
--- a/clarkzjw.ca/config/atlas/roles/init/tasks/main.yaml
+++ b/clarkzjw.ca/config/atlas/roles/init/tasks/main.yaml
@@ -22,3 +22,35 @@
     user: clarkzjw
     state: present
     key: https://github.com/clarkzjw.keys
+
+- name: Add Tailscale GPG apt Key
+  apt_key:
+    url: https://pkgs.tailscale.com/stable/debian/bullseye.noarmor.gpg
+    keyring: /usr/share/keyrings/tailscale-archive-keyring.gpg
+    state: present
+
+- name: Add Tailscale Repository
+  get_url:
+    url: https://pkgs.tailscale.com/stable/debian/bullseye.tailscale-keyring.list
+    dest: /etc/apt/sources.list.d/tailscale.list
+
+- name: Install Tailscale
+  apt:
+    name:
+      - tailscale
+    update_cache: true
+
+- name: Disable Root Login
+  lineinfile:
+    dest: /etc/ssh/sshd_config
+    regexp: '^PermitRootLogin yes'
+    line: "PermitRootLogin no"
+    state: present
+    backup: yes
+
+- name: Restart SSHD
+  systemd:
+    name: ssh
+    enabled: true
+    state: restarted
+    daemon_reload: true
diff --git a/clarkzjw.ca/config/atlas/roles/tailscale/tasks/main.yaml b/clarkzjw.ca/config/atlas/roles/tailscale/tasks/main.yaml
deleted file mode 100644
index 8ec4a61..0000000
--- a/clarkzjw.ca/config/atlas/roles/tailscale/tasks/main.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-- name: Add Tailscale GPG apt Key
-  apt_key:
-    url: https://pkgs.tailscale.com/stable/debian/bullseye.noarmor.gpg
-    keyring: /usr/share/keyrings/tailscale-archive-keyring.gpg
-    state: present
-
-- name: Add Tailscale Repository
-  get_url:
-    url: https://pkgs.tailscale.com/stable/debian/bullseye.tailscale-keyring.list
-    dest: /etc/apt/sources.list.d/tailscale.list
-
-- name: Install Tailscale
-  apt:
-    name:
-      - tailscale
-    update_cache: true
-- 
cgit v1.2.3