From 78f53019c5ce107a6b3f173d591ed6992019eb3c Mon Sep 17 00:00:00 2001
From: Emil Miler <em@0x45.cz>
Date: Wed, 4 Dec 2024 11:04:12 +0100
Subject: [PATCH] Create role for SSH

---
 group_vars/all.yaml          |  4 ----
 roles/ssh/defaults/main.yaml |  3 +++
 roles/ssh/tasks/main.yaml    | 14 ++++++++++++++
 setup.yaml                   | 34 +++++++++-------------------------
 4 files changed, 26 insertions(+), 29 deletions(-)
 create mode 100644 roles/ssh/defaults/main.yaml
 create mode 100644 roles/ssh/tasks/main.yaml

diff --git a/group_vars/all.yaml b/group_vars/all.yaml
index 75ccba9..fd46915 100644
--- a/group_vars/all.yaml
+++ b/group_vars/all.yaml
@@ -3,10 +3,6 @@ timeout_blank: 1800
 timeout_lock: 30
 grub_timeout: 10
 
-ssh_keys:
-  - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEm981GRiUIsp8e4bTDv+d9SyHfQ8P18W5oovgmAfnip em@x210
-  - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDqmyaaIqRU9hx8PxRnIqe/pRANIxrEEscuMWrHZF1yh snowflake@flakeX230
-
 xbps_install:
   # General
   - htop
diff --git a/roles/ssh/defaults/main.yaml b/roles/ssh/defaults/main.yaml
new file mode 100644
index 0000000..3e2038b
--- /dev/null
+++ b/roles/ssh/defaults/main.yaml
@@ -0,0 +1,3 @@
+ssh_user: root
+ssh_dir: /root/.ssh
+ssh_keys: []
diff --git a/roles/ssh/tasks/main.yaml b/roles/ssh/tasks/main.yaml
new file mode 100644
index 0000000..4aea0a9
--- /dev/null
+++ b/roles/ssh/tasks/main.yaml
@@ -0,0 +1,14 @@
+- name: Ensure SSH directory exists
+  file:
+    path: "{{ ssh_dir }}"
+    state: directory
+    owner: "{{ ssh_user }}"
+    group: "{{ ssh_user }}"
+    mode: 0700
+
+- name: Import SSH keys
+  authorized_key:
+    user: "{{ ssh_user }}"
+    key: "{{ item }}"
+    state: present
+  loop: "{{ ssh_keys }}"
diff --git a/setup.yaml b/setup.yaml
index b08f514..67dd4db 100644
--- a/setup.yaml
+++ b/setup.yaml
@@ -2,19 +2,12 @@
 - name: SSH
   hosts: all
   tags: ssh
-
-  tasks:
-    - name: Ensure root ssh directory exists
-      file:
-        path: /root/.ssh
-        state: directory
-
-    - name: Import SSH keys
-      authorized_key:
-        user: root
-        key: '{{ item }}'
-        state: present
-      loop: '{{ ssh_keys }}'
+  roles:
+    - role: ssh
+      vars:
+        ssh_keys:
+          - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEm981GRiUIsp8e4bTDv+d9SyHfQ8P18W5oovgmAfnip em@x210
+          - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDqmyaaIqRU9hx8PxRnIqe/pRANIxrEEscuMWrHZF1yh snowflake@flakeX230
 
 
 - name: General
@@ -273,18 +266,9 @@
       loop:
         - "files/firefox/uBlock0@raymondhill.net.xpi"
 
-
 - name: Bakaláři
   hosts: teachers
-  tags: bakalari
-
   tasks:
-    - name: Create a desktop shortcut for Bakaláři
-      copy:
-        src: "{{ item.src }}"
-        dest: "{{ item.dest }}"
-      loop:
-        - src: "files/bakalari/bakalari.desktop"
-          dest: "/usr/share/applications/bakalari.desktop"
-        - src: "files/bakalari/bakalari.png"
-          dest: "/usr/share/icons/bakalari.png"
+    - name: Bakaláři
+      include_role:
+        name: bakalari