From 9601aa49373346486ad63a6c0c9dfdebb09cf35e Mon Sep 17 00:00:00 2001
From: = <=>
Date: Fri, 4 Apr 2025 23:08:01 -0400
Subject: [PATCH] hashi vault lookups

---
 .gitignore                                      |  3 +++
 .../group_vars/aur_repo_hosts/aur_repo_host.yml |  1 +
 .../dev.balsillie.house/ansible_connection.yml  | 17 +++++++++++++++++
 ansible/inventory/inventory.yaml                |  3 +++
 ansible/playbooks/home.yml                      |  7 +++++++
 ansible/playbooks/roles                         |  1 +
 ansible/roles/aur_repo_host/vars/main.yml       |  0
 7 files changed, 32 insertions(+)
 create mode 100644 ansible/inventory/group_vars/aur_repo_hosts/aur_repo_host.yml
 create mode 100644 ansible/inventory/host_vars/dev.balsillie.house/ansible_connection.yml
 create mode 100644 ansible/playbooks/home.yml
 create mode 120000 ansible/playbooks/roles
 create mode 100644 ansible/roles/aur_repo_host/vars/main.yml

diff --git a/.gitignore b/.gitignore
index 9d4df60..684e390 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,9 @@
 **/.terraform/*
 **/.terraform
 
+.ansible/
+.vscode/
+
 ansible/collections/**
 
 # registry password file
diff --git a/ansible/inventory/group_vars/aur_repo_hosts/aur_repo_host.yml b/ansible/inventory/group_vars/aur_repo_hosts/aur_repo_host.yml
new file mode 100644
index 0000000..2c5b24a
--- /dev/null
+++ b/ansible/inventory/group_vars/aur_repo_hosts/aur_repo_host.yml
@@ -0,0 +1 @@
+# code: language=ansible
\ No newline at end of file
diff --git a/ansible/inventory/host_vars/dev.balsillie.house/ansible_connection.yml b/ansible/inventory/host_vars/dev.balsillie.house/ansible_connection.yml
new file mode 100644
index 0000000..df8acfa
--- /dev/null
+++ b/ansible/inventory/host_vars/dev.balsillie.house/ansible_connection.yml
@@ -0,0 +1,17 @@
+# code: language=ansible
+
+# Connection (SSH)
+
+ansible_connection: ansible.builtin.ssh
+ansible_ssh_host: dev.balsillie.house
+ansible_ssh_port: 22
+ansible_ssh_host_key_checking: false
+ansible_ssh_pipelining: false
+ansible_ssh_user: ladmin
+ansible_ssh_private_key_file: ~/.ssh/conf.d/home/dev.balsillie.house.key
+
+# Become (sudo)
+
+ansible_become_method: ansible.builtin.sudo
+ansible_become_user: root
+ansible_become_password: "{{ lookup('community.hashi_vault.vault_kv1_get', 'ansible/host_vars/dev.balsillie.house/ansible_connection').secret.ansible_become_password }}" # noqa yaml[line-length]
diff --git a/ansible/inventory/inventory.yaml b/ansible/inventory/inventory.yaml
index 9f1449e..4a090f4 100644
--- a/ansible/inventory/inventory.yaml
+++ b/ansible/inventory/inventory.yaml
@@ -1,5 +1,8 @@
 all:
   children:
+    aur_repo_hosts:
+      hosts:
+        dev.balsillie.house:
     firewalls:
       children:
         opnsense:
diff --git a/ansible/playbooks/home.yml b/ansible/playbooks/home.yml
new file mode 100644
index 0000000..e0174bd
--- /dev/null
+++ b/ansible/playbooks/home.yml
@@ -0,0 +1,7 @@
+# code: language=ansible
+
+- name: AUR Repo
+  hosts: aur_repo_hosts
+  become: true
+  roles:
+    - aur_repo_host
diff --git a/ansible/playbooks/roles b/ansible/playbooks/roles
new file mode 120000
index 0000000..d8c4472
--- /dev/null
+++ b/ansible/playbooks/roles
@@ -0,0 +1 @@
+../roles
\ No newline at end of file
diff --git a/ansible/roles/aur_repo_host/vars/main.yml b/ansible/roles/aur_repo_host/vars/main.yml
new file mode 100644
index 0000000..e69de29