Move stuff to roles and remove a password, it's not required.

.gitignore

@@ -1,2 +1,3 @@
 id_rsa
 roles/*
+files/ssh_keys

inventory/group_vars/all.yml

@@ -4,6 +4,8 @@ bootstrap_wait_for_host: yes
 users_group_list:
   - name: robertdb
 
+users_ssh_key_directory: files/ssh_keys
+
 users_user_list:
   - name: robertdb
     comment: Robert de Bock
@@ -11,8 +13,8 @@ users_user_list:
     groups: wheel,docker
     cron_allow: yes
     sudo_options: "ALL=(ALL) NOPASSWD: ALL"
-    password: "$1$QbmM32Kz$nzFTRRxti0ZZ2oSC6ii8p1"
     authorized_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCWswOogkZz/ihQA0lENCwDwSzmtmBWtFwzIzDlfa+eb4rBt6rZBg7enKeMqYtStI/NDneBwZUFBDIMu5zJTbvg7A60/WDhWXZmU21tZnm8K7KREFYOUndc6h//QHig6IIaIwwBZHF1NgXLtZ0qrUUlNU5JSEhDJsObMlPHtE4vFP8twPnfc7hxAnYma5+knU6qTMCDvhBE5tGJdor4UGeAhu+SwSVDloYtt1vGTmnFn8M/OD/fRMksusPefxyshJ37jpB4jY/Z9vzaNHwcj33prwl1b/xRfxr/+KRJsyq+ZKs9u2TVw9g4p+XLdfDtzZ8thR2P3x3MFrZOdFmCbo/5"
+    manage_ssh_key: yes
 
 firewall_services:
   - name: ssh
@@ -23,95 +25,98 @@ ara_configuration:
   - option: host
     value: 0.0.0.0
 
-repository_base: "ssh://git@github.com/robertdebock"
+git_username: robertdb
-repository_destination: /home/robertdb/Documents/github.com/robertdebock
+git_user_name: Robert de Bock
+git_user_email: robert@meinit.nl
 
-repositories:
+git_repository_destination: /home/robertdb/Documents/github.com/robertdebock
-  - ansible-role-ansible
+
-  - ansible-role-ansible_lint
+git_repositories:
-  - ansible-role-apt_autostart
+  - name: ssh://git@github.com/robertdebock/ansible-role-ansible.git
-  - ansible-role-ara
+  - name: ssh://git@github.com/robertdebock/ansible-role-ansible_lint.git
-  - ansible-role-artifactory
+  - name: ssh://git@github.com/robertdebock/ansible-role-apt_autostart.git
-  - ansible-role-at
+  - name: ssh://git@github.com/robertdebock/ansible-role-ara.git
-  - ansible-role-awx
+  - name: ssh://git@github.com/robertdebock/ansible-role-artifactory.git
-  - ansible-role-backup
+  - name: ssh://git@github.com/robertdebock/ansible-role-at.git
-  - ansible-role-bootstrap
+  - name: ssh://git@github.com/robertdebock/ansible-role-awx.git
-  - ansible-role-buildtools
+  - name: ssh://git@github.com/robertdebock/ansible-role-backup.git
-  - ansible-role-ca
+  - name: ssh://git@github.com/robertdebock/ansible-role-bootstrap.git
-  - ansible-role-cargo
+  - name: ssh://git@github.com/robertdebock/ansible-role-buildtools.git
-  - ansible-role-clamav
+  - name: ssh://git@github.com/robertdebock/ansible-role-ca.git
-  - ansible-role-cloud9
+  - name: ssh://git@github.com/robertdebock/ansible-role-cargo.git
-  - ansible-role-cntlm
+  - name: ssh://git@github.com/robertdebock/ansible-role-clamav.git
-  - ansible-role-common
+  - name: ssh://git@github.com/robertdebock/ansible-role-cloud9.git
-  - ansible-role-cve_2018_19788
+  - name: ssh://git@github.com/robertdebock/ansible-role-cntlm.git
-  - ansible-role-dhcpd
+  - name: ssh://git@github.com/robertdebock/ansible-role-common.git
-  - ansible-role-digitalocean-agent
+  - name: ssh://git@github.com/robertdebock/ansible-role-cve_2018_19788.git
-  - ansible-role-dns
+  - name: ssh://git@github.com/robertdebock/ansible-role-dhcpd.git
-  - ansible-role-docker
+  - name: ssh://git@github.com/robertdebock/ansible-role-digitalocean-agent.git
-  - ansible-role-dovecot
+  - name: ssh://git@github.com/robertdebock/ansible-role-dns.git
-  - ansible-role-epel
+  - name: ssh://git@github.com/robertdebock/ansible-role-docker.git
-  - ansible-role-fail2ban
+  - name: ssh://git@github.com/robertdebock/ansible-role-dovecot.git
-  - ansible-role-firewall
+  - name: ssh://git@github.com/robertdebock/ansible-role-epel.git
-  - ansible-role-git
+  - name: ssh://git@github.com/robertdebock/ansible-role-fail2ban.git
-  - ansible-role-glusterfs
+  - name: ssh://git@github.com/robertdebock/ansible-role-firewall.git
-  - ansible-role-go
+  - name: ssh://git@github.com/robertdebock/ansible-role-git.git
-  - ansible-role-gotop
+  - name: ssh://git@github.com/robertdebock/ansible-role-glusterfs.git
-  - ansible-role-haproxy
+  - name: ssh://git@github.com/robertdebock/ansible-role-go.git
-  - ansible-role-haveged
+  - name: ssh://git@github.com/robertdebock/ansible-role-gotop.git
-  - ansible-role-httpd
+  - name: ssh://git@github.com/robertdebock/ansible-role-haproxy.git
-  - ansible-role-investigate
+  - name: ssh://git@github.com/robertdebock/ansible-role-haveged.git
-  - ansible-role-irslackd
+  - name: ssh://git@github.com/robertdebock/ansible-role-httpd.git
-  - ansible-role-java
+  - name: ssh://git@github.com/robertdebock/ansible-role-investigate.git
-  - ansible-role-jenkins
+  - name: ssh://git@github.com/robertdebock/ansible-role-irslackd.git
-  - ansible-role-locale
+  - name: ssh://git@github.com/robertdebock/ansible-role-java.git
-  - ansible-role-lynis
+  - name: ssh://git@github.com/robertdebock/ansible-role-jenkins.git
-  - ansible-role-mediawiki
+  - name: ssh://git@github.com/robertdebock/ansible-role-locale.git
-  - ansible-role-memcached
+  - name: ssh://git@github.com/robertdebock/ansible-role-lynis.git
-  - ansible-role-mitogen
+  - name: ssh://git@github.com/robertdebock/ansible-role-mediawiki.git
-  - ansible-role-molecule
+  - name: ssh://git@github.com/robertdebock/ansible-role-memcached.git
-  - ansible-role-mssql
+  - name: ssh://git@github.com/robertdebock/ansible-role-mitogen.git
-  - ansible-role-mysql
+  - name: ssh://git@github.com/robertdebock/ansible-role-molecule.git
-  - ansible-role-natrouter
+  - name: ssh://git@github.com/robertdebock/ansible-role-mssql.git
-  - ansible-role-nginx
+  - name: ssh://git@github.com/robertdebock/ansible-role-mysql.git
-  - ansible-role-npm
+  - name: ssh://git@github.com/robertdebock/ansible-role-natrouter.git
-  - ansible-role-ntp
+  - name: ssh://git@github.com/robertdebock/ansible-role-nginx.git
-  - ansible-role-openssh
+  - name: ssh://git@github.com/robertdebock/ansible-role-npm.git
-  - ansible-role-openvas
+  - name: ssh://git@github.com/robertdebock/ansible-role-ntp.git
-  - ansible-role-owncloud
+  - name: ssh://git@github.com/robertdebock/ansible-role-openssh.git
-  - ansible-role-packer
+  - name: ssh://git@github.com/robertdebock/ansible-role-openvas.git
-  - ansible-role-php
+  - name: ssh://git@github.com/robertdebock/ansible-role-owncloud.git
-  - ansible-role-phpmyadmin
+  - name: ssh://git@github.com/robertdebock/ansible-role-packer.git
-  - ansible-role-postfix
+  - name: ssh://git@github.com/robertdebock/ansible-role-php.git
-  - ansible-role-python-pip
+  - name: ssh://git@github.com/robertdebock/ansible-role-phpmyadmin.git
-  - ansible-role-reboot
+  - name: ssh://git@github.com/robertdebock/ansible-role-postfix.git
-  - ansible-role-redis
+  - name: ssh://git@github.com/robertdebock/ansible-role-python-pip.git
-  - ansible-role-release
+  - name: ssh://git@github.com/robertdebock/ansible-role-reboot.git
-  - ansible-role-restore
+  - name: ssh://git@github.com/robertdebock/ansible-role-redis.git
-  - ansible-role-revealmd
+  - name: ssh://git@github.com/robertdebock/ansible-role-release.git
-  - ansible-role-roundcubemail
+  - name: ssh://git@github.com/robertdebock/ansible-role-restore.git
-  - ansible-role-rsyslog
+  - name: ssh://git@github.com/robertdebock/ansible-role-revealmd.git
-  - ansible-role-ruby
+  - name: ssh://git@github.com/robertdebock/ansible-role-roundcubemail.git
-  - ansible-role-rundeck
+  - name: ssh://git@github.com/robertdebock/ansible-role-rsyslog.git
-  - ansible-role-scl
+  - name: ssh://git@github.com/robertdebock/ansible-role-ruby.git
-  - ansible-role-selinux
+  - name: ssh://git@github.com/robertdebock/ansible-role-rundeck.git
-  - ansible-role-skeleton
+  - name: ssh://git@github.com/robertdebock/ansible-role-scl.git
-  - ansible-role-snort
+  - name: ssh://git@github.com/robertdebock/ansible-role-selinux.git
-  - ansible-role-spamassassin
+  - name: ssh://git@github.com/robertdebock/ansible-role-skeleton.git
-  - ansible-role-squid
+  - name: ssh://git@github.com/robertdebock/ansible-role-snort.git
-  - ansible-role-sudo-pair
+  - name: ssh://git@github.com/robertdebock/ansible-role-spamassassin.git
-  - ansible-role-terraform
+  - name: ssh://git@github.com/robertdebock/ansible-role-squid.git
-  - ansible-role-tftpd
+  - name: ssh://git@github.com/robertdebock/ansible-role-sudo-pair.git
-  - ansible-role-tomcat
+  - name: ssh://git@github.com/robertdebock/ansible-role-terraform.git
-  - ansible-role-travis
+  - name: ssh://git@github.com/robertdebock/ansible-role-tftpd.git
-  - ansible-role-update
+  - name: ssh://git@github.com/robertdebock/ansible-role-tomcat.git
-  - ansible-role-users
+  - name: ssh://git@github.com/robertdebock/ansible-role-travis.git
-  - ansible-role-xinetd
+  - name: ssh://git@github.com/robertdebock/ansible-role-update.git
-  - ansible-role-zabbix
+  - name: ssh://git@github.com/robertdebock/ansible-role-users.git
-  - ansible-role-zabbix_agent
+  - name: ssh://git@github.com/robertdebock/ansible-role-xinetd.git
-  - ansible-role-zabbix_proxy
+  - name: ssh://git@github.com/robertdebock/ansible-role-zabbix.git
-  - ansible-role-zabbix_repository
+  - name: ssh://git@github.com/robertdebock/ansible-role-zabbix_agent.git
-  - ansible-role-zabbix_server
+  - name: ssh://git@github.com/robertdebock/ansible-role-zabbix_proxy.git
-  - ansible-role-zabbix_web
+  - name: ssh://git@github.com/robertdebock/ansible-role-zabbix_repository.git
-  - ansible-tools
+  - name: ssh://git@github.com/robertdebock/ansible-role-zabbix_server.git
-  - drawings
+  - name: ssh://git@github.com/robertdebock/ansible-role-zabbix_web.git
-  - robertdebock.github.io
+  - name: ssh://git@github.com/robertdebock/ansible-tools.git
+  - name: ssh://git@github.com/robertdebock/drawings.git
+  - name: ssh://git@github.com/robertdebock/robertdebock.github.io.git

playbook.yml

@@ -33,24 +33,3 @@
         mode: "0400"
         owner: robertdb
         group: robertdb
-
-    - name: copy git configuration
-      copy:
-        src: gitconfig
-        dest: /home/robertdb/.gitconfig
-
-    - name: create repository_destination
-      file:
-        path: "{{ repository_destination }}"
-        state: directory
-        owner: robertdb
-        group: robertdb
-
-    - name: clone all roles
-      git:
-        repo: "{{ repository_base }}/{{ item }}.git"
-        dest: "{{ repository_destination }}/{{ item }}"
-        accept_hostkey: yes
-        key_file: /home/robertdb/.ssh/id_rsa
-      with_items: "{{ repositories }}"
-      become_user: robertdb