Add alpine role

Base packages and SSH config, and QEMU guest agent for VMs.

roles/alpine/handlers/main.yml

@@ -0,0 +1,10 @@
+- name: reload sshd
+  service:
+    name: sshd
+    state: reloaded
+  when: "'handler' not in ansible_skip_tags"
+
+- name: update package cache
+  package:
+    update_cache: true
+  when: "'handler' not in ansible_skip_tags"

roles/alpine/tasks/main.yml

@@ -0,0 +1,43 @@
+- name: Enable community package repo
+  lineinfile:
+    path: /etc/apk/repositories
+    regexp: '^# *(http.*/v[^/]*/community)'
+    line: '\1'
+    backrefs: yes
+  notify: update package cache
+
+- meta: flush_handlers
+
+- name: Install base packages
+  package:
+    name:
+    - git
+    - procps
+    - rsync
+    - tmux
+    - vim
+
+- name: Disable SSH password authentication
+  lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: '^#?{{ item.key }}'
+    line: '{{ item.key }} {{ item.value }}'
+  loop:
+    - key: PasswordAuthentication
+      value: 'no'
+    - key: PermitRootLogin
+      value: 'prohibit-password'
+  notify: reload sshd
+
+- name: Enable QEMU guest agent
+  when: is_virtual
+  block:
+    - name: Install QEMU guest agent package
+      package:
+        name: qemu-guest-agent
+
+    - name: Enable QEMU guest agent service
+      service:
+        name: qemu-guest-agent
+        enabled: yes
+        state: started

roles/dokuwiki/tasks/main.yml

@@ -2,19 +2,6 @@
   set_fact:
     dokuwiki_version: 2024-02-06a
 
-- name: Enable community package repo
-  lineinfile:
-    path: /etc/apk/repositories
-    regexp: '^# *(http.*/v[^/]*/community)'
-    line: '\1'
-    backrefs: yes
-  register: result
-
-- name: Update package cache
-  package:
-    update_cache: true
-  when: result.changed
-
 - name: Set up nginx
   import_tasks: nginx.yml
 

setup.yml

@@ -9,4 +9,5 @@
 
 - hosts: doku
   roles:
+    - alpine
     - dokuwiki