add daily driver host section to ansible

ansible/README.md

@@ -1,3 +1,5 @@
+Usage: `ansible-playbook main.yml -i hosts.cfg --limit=cabinet`
+
 Assumes:
 
 - All:

ansible/files/50unattended-upgrades

@@ -109,7 +109,7 @@ Unattended-Upgrade::Package-Blacklist {
 
 // Automatically reboot *WITHOUT CONFIRMATION* if
 //  the file /var/run/reboot-required is found after the upgrade
-//Unattended-Upgrade::Automatic-Reboot "false";
+Unattended-Upgrade::Automatic-Reboot "false";
 
 // Automatically reboot even if there are users currently logged in
 // when Unattended-Upgrade::Automatic-Reboot is set to true

ansible/files/sshd_config

@@ -12,6 +12,7 @@
 
 Port 22
 Port 2222
+Port 37121
 #AddressFamily any
 #ListenAddress 0.0.0.0
 #ListenAddress ::

ansible/hosts.cfg

@@ -1,11 +1,14 @@
-[router]
+[compute]
-corsa
+fogcutter   interface=eno1
+
+[daily]
+cabinet interface=enp9s0
 
 [nfs]
 bigdummy    interface=enp2s0
 
-[compute]
-fogcutter   interface=eno1
-
 [remote]
 joe@madone.seaturtle.pw interface=enp1s0
+
+[router]
+corsa

ansible/main.yml

@@ -1,7 +1,7 @@
 # All hosts are debian 10
 ---
 # Common
-- hosts: compute,nfs,router
+- hosts: daily,compute,nfs,router
   become: yes
   handlers:
     - import_tasks: handlers.yml
@@ -51,7 +51,7 @@
         group: root
         mode: '0644'
 
-    - name: Enable unattended-upgrades
+    - name: Enable auto-upgrades
       copy:
         src: files/20auto-upgrades
         dest: /etc/apt/apt.conf.d/20auto-upgrades
@@ -78,7 +78,7 @@
       notify: Restart chrony service
 
     # Core networking
-    - name: Configure sshd_config to listen on 2222/22 and disable password auth
+    - name: Configure sshd_config to listen on 37121/2222/22 and disable password auth
       copy:
         src: files/sshd_config
         dest: /etc/ssh/sshd_config