--- - name: Update apt cache apt: update_cache=yes cache_valid_time=3600 tags: - dependencies - name: Upgrade all safe packages apt: upgrade=safe tags: - dependencies - name: Install necessities and nice-to-haves apt: pkg={{ item }} state=installed with_items: - apt-transport-https - apticron - aptitude - bc - bzip2 - ca-certificates - curl - debian-goodies - dialog - dnsutils - etckeeper # fail2ban in security - file - git - htop - iftop - ifupdown - iotop - iproute - iputils-ping - isc-dhcp-client - less - libui-dialog-perl - locales - locales-all - lsof - lvm2 - man-db - manpages-dev - molly-guard - mosh - mtr-tiny - netbase - netcat - net-tools - ngrep - openssh-server - openssl - pv - python - python-software-properties # rkhunter in security - screen - sudo - tcpdump - tree - unzip - unattended-upgrades - util-linux - vim-nox - wget tags: - dependencies - name: Create /srv directory file: path=/srv state=directory owner=root group=root mode=0775 - name: timezone - configure /etc/timezone copy: content: "{{ common_timezone | regex_replace('$', '\n') }}" dest: /etc/timezone owner: root group: root mode: 0644 register: common_timezone_config - name: timezone - Set localtime to UTC file: src=/usr/share/zoneinfo/Etc/UTC dest=/etc/localtime when: common_timezone_config.changed - name: timezone - reconfigure tzdata command: dpkg-reconfigure --frontend noninteractive tzdata when: common_timezone_config.changed - name: Apticron email configuration template: src=apticron.conf.j2 dest=/etc/apticron/apticron.conf - name: gitconfig for root user (etckeeper will complain) template: src=root_gitconfig.j2 dest=/root/.gitconfig #- include: users.yml tags=users - include: security.yml tags=security - include: ntp.yml tags=ntp - include: extrapkg.yml tags=extrapkg