From ddf6a0d98912dcdac0d085f9b33e8dae862becfb Mon Sep 17 00:00:00 2001
From: Fern Garden <mail@fern.garden>
Date: Wed, 25 Jun 2025 14:17:59 +0800
Subject: [PATCH] Various updates.

---
 flock.yml                                    |  6 ++---
 roles/install_software_webone/tasks/main.yml |  9 ++++++++
 roles/setup_sshd/tasks/main.yml              | 24 ++++++++++++++++----
 3 files changed, 30 insertions(+), 9 deletions(-)
 create mode 100644 roles/install_software_webone/tasks/main.yml

diff --git a/flock.yml b/flock.yml
index e6d03fb..c8749a6 100644
--- a/flock.yml
+++ b/flock.yml
@@ -32,17 +32,15 @@
 - hosts: docker
   roles:
     - role: geerlingguy.docker
+      tags: docker
       become: yes
       vars:
         docker_users:
           - fern
         docker_daemon_options:
-          metrics-addr: 0.0.0.0:9323
           live-restore: true
           default-address-pools:
-          - base: 172.20.0.0/16
-            size: 24
-          - base: 172.21.0.0/16
+          - base: 172.20.0.0/12
             size: 24
 
 - hosts: weebill.local
diff --git a/roles/install_software_webone/tasks/main.yml b/roles/install_software_webone/tasks/main.yml
new file mode 100644
index 0000000..3f8d888
--- /dev/null
+++ b/roles/install_software_webone/tasks/main.yml
@@ -0,0 +1,9 @@
+- name: Install Webone dependencies
+  become: yes
+  ansible.builtin.apt:
+    deb: https://packages.microsoft.com/config/debian/12/packages-microsoft-prod.deb
+- name: Install Webone
+  become: yes
+  ansible.builtin.apt:
+    update_cache: yes
+    deb: https://github.com/atauenis/webone/releases/download/v0.17.4/webone.0.17.4.linux-arm64.deb
diff --git a/roles/setup_sshd/tasks/main.yml b/roles/setup_sshd/tasks/main.yml
index 49eeec8..af68910 100644
--- a/roles/setup_sshd/tasks/main.yml
+++ b/roles/setup_sshd/tasks/main.yml
@@ -1,20 +1,34 @@
-- name: Add SSH Key - fern@muskduck
+- name: Add SSH Key - muskduck
+  tags:
+    - ssh_keys
   ansible.posix.authorized_key:
     user: fern
     state: present
-    key: "{{ lookup('file', '/home/fern/.ssh/id_ed25519.pub') }}"
+    key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGp2OX16VJ+G8cE5hjt2vLc8teUpE+EaN2YmEqqMx/j9 fern@muskduck"
 
-- name: Add SSH Key - YubiKey
+- name: Add SSH Key - pardalote
+  tags:
+    - ssh_keys
   ansible.posix.authorized_key:
     user: fern
     state: present
-    key: "{{ lookup('file', '/home/fern/.ssh/id_ed25519_sk.pub') }}"
+    key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKzW4epTmK01kGVXcuAXUNJQPltnogf4uab9FA5m8S3n fern@pardalote"
 
 - name: Add SSH Key - fairywren
+  tags:
+    - ssh_keys
   ansible.posix.authorized_key:
     user: fern
     state: present
-    key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO8W3zggrj6ml/VZWem9l21SWK3yffgw5RkdgF6fG6jo u0_a336@localhostsk-ssh-ed25519@openssh.com"
+    key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEJYq1fMxVOzCMfE/td6DtWS8nUk76U9seYD3Z9RYAz u0_a399@fairywren"
+
+- name: Add SSH Key - YubiKey
+  tags:
+    - ssh_keys
+  ansible.posix.authorized_key:
+    user: fern
+    state: present
+    key: "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMoJvPcUJDVVzO4dHROCFNlgJdDZSP5xyPx2s40zcx5QAAAABHNzaDo= YubiKey5NFC"
 
 - name: Disable root login
   become: true