diff --git a/.config/powershell/Microsoft.PowerShell_profile.ps1 b/.config/powershell/Microsoft.PowerShell_profile.ps1 index 62f9793..ffb9d9d 100644 --- a/.config/powershell/Microsoft.PowerShell_profile.ps1 +++ b/.config/powershell/Microsoft.PowerShell_profile.ps1 @@ -24,3 +24,18 @@ Set-PSReadLineOption -PredictionSource History $env:POWERSHELL_TELEMETRY_OPTOUT = 1 $env:DOTNET_CLI_TELEMETRY_OPTOUT = 1 + +$tokens = @( + @{ + name = "GITLAB_TOKEN" + value = "cli-gitlab" + } +) + +function unlockbw { + $env:BW_SESSION = "$(bw unlock --raw)" + + foreach ($token in $tokens) { + Set-Variable -Name $token.name -Value $(bw get password $token.value) -Scope script + } +} diff --git a/.env b/.env new file mode 100644 index 0000000..18abd1d --- /dev/null +++ b/.env @@ -0,0 +1 @@ +GITLAB_TOKEN="$(bw get password cli-gitlab)" diff --git a/.gitignore b/.gitignore deleted file mode 100644 index d17b862..0000000 --- a/.gitignore +++ /dev/null @@ -1 +0,0 @@ -tmux/.config/tmux diff --git a/.stow-local-ignore b/.stow-local-ignore index 6a01757..7ce02fa 100644 --- a/.stow-local-ignore +++ b/.stow-local-ignore @@ -1,3 +1,4 @@ +.env ansible Makefile ansible.cfg diff --git a/Makefile b/Makefile index 5882864..d504fb1 100644 --- a/Makefile +++ b/Makefile @@ -1,2 +1,5 @@ +include .env +export + run: ansible-playbook ./ansible/local.yml -K diff --git a/ansible/local.yml b/ansible/local.yml index a13b573..8e5a7cc 100644 --- a/ansible/local.yml +++ b/ansible/local.yml @@ -1,6 +1,8 @@ - hosts: localhost connection: local become: true + vars: + GITLAB_TOKEN: "{{ lookup('env', 'GITLAB_TOKEN') }}" # vars_prompt: roles: diff --git a/ansible/roles/customize/tasks/defaults.yml b/ansible/roles/customize/tasks/defaults.yml index 316d5c8..eda57c7 100644 --- a/ansible/roles/customize/tasks/defaults.yml +++ b/ansible/roles/customize/tasks/defaults.yml @@ -1,6 +1,13 @@ - name: install fonts include_tasks: "./scripts/install_fonts.yml" +- name: generate ssh keys + include_tasks: "./scripts/configure_ssh.yml" + +- name: Configure Gitlab SSH + become_user: user + ansible.builtin.command: pwsh -f ./scripts/configure_gitlab.ps1 "{{ GITLAB_TOKEN }}" + - name: set gnome config become_user: user dconf: diff --git a/ansible/roles/packages/vars/Pop!_OS-22.04.yml b/ansible/roles/packages/vars/Pop!_OS-22.04.yml index 7eced8d..6b3dc9a 100644 --- a/ansible/roles/packages/vars/Pop!_OS-22.04.yml +++ b/ansible/roles/packages/vars/Pop!_OS-22.04.yml @@ -11,6 +11,7 @@ required_packages_brew: - terraform - kubernetes-cli - zsh-autosuggestions + - bitwarden-cli apt_keys: - https://packages.microsoft.com/keys/microsoft.asc diff --git a/ansible/scripts/configure_gitlab.ps1 b/ansible/scripts/configure_gitlab.ps1 new file mode 100644 index 0000000..3eca041 --- /dev/null +++ b/ansible/scripts/configure_gitlab.ps1 @@ -0,0 +1,32 @@ +param ($GITLAB_TOKEN) +if (!$GITLAB_TOKEN){ + Write-Output "Please unlock Bitwarden" + break +} + +#Gitlab set ssh key + +$header = @{ + "PRIVATE-TOKEN"=$GITLAB_TOKEN +} +$GitlabAPI = "https://gitlab.com/api/v4" + +$publickey = Get-Content ~/.ssh/id_ed25519.pub + +$body = @{ + title = "Ansible Script" + key = "$publickey" +} | ConvertTo-Json + +Try{ + Invoke-RestMethod -Headers $header -Uri $GitlabAPI/user/keys -Body $body -Method Post -ContentType application/json -ErrorVariable gitlabkey | Out-Null +}Catch{ + if($gitlabkey -like "*Token is expired*"){ + Write-Error "Token Has Expired" + exit -1 + } + if($gitlabkey -notlike "*has already been taken*"){ + Write-Error "Failed to upload key" + exit -1 + } +} diff --git a/ansible/scripts/configure_ssh.yml b/ansible/scripts/configure_ssh.yml new file mode 100644 index 0000000..05c636c --- /dev/null +++ b/ansible/scripts/configure_ssh.yml @@ -0,0 +1,5 @@ +- name: Generate an OpenSSH keypair + become_user: user + community.crypto.openssh_keypair: + path: ~/.ssh/id_ed25519 + type: ed25519