aboutsummaryrefslogtreecommitdiffstats
path: root/roles/common/tasks/main.yml
blob: 27cbabacfd6216c28125ee81f9063bc5af63401e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
---

- name: Update apt cache
  apt: update_cache=yes cache_valid_time=3600
  tags:
    - dependencies

- name: Upgrade all safe packages
  apt: upgrade=safe
  tags:
    - dependencies

- name: Install necessities and nice-to-haves
  apt: pkg={{ item }} state=installed
  with_items:
    - apt-transport-https
    - apticron
    - aptitude
    - bc
    - bzip2
    - ca-certificates
    - curl
    - debian-goodies
    - dialog
    - dnsutils
    - etckeeper
    # fail2ban in security
    - file
    - git
    - htop
    - iftop
    - ifupdown
    - iotop
    - iproute
    - iputils-ping
    - isc-dhcp-client
    - less
    - libui-dialog-perl
    - locales
    - locales-all
    - lsof
    - lvm2
    - man-db
    - manpages-dev
    - molly-guard
    - mosh
    - mtr-tiny
    - netbase
    - netcat
    - net-tools
    - ngrep
    - openssh-server
    - openssl
    - pv
    - python
    - python-software-properties
    # rkhunter in security
    - screen
    - sudo
    - tcpdump
    - tree
    - unzip
    - unattended-upgrades
    - util-linux
    - vim-nox
    - wget
  tags:
    - dependencies

- name: Create /srv directory
  file: path=/srv
        state=directory
        owner=root
        group=root
        mode=0775

- name: timezone - configure /etc/timezone
  copy:
    content: "{{ common_timezone | regex_replace('$', '\n') }}"
    dest: /etc/timezone
    owner: root
    group: root
    mode: 0644
  register: common_timezone_config

- name: timezone - Set localtime to UTC
  file: src=/usr/share/zoneinfo/Etc/UTC dest=/etc/localtime
  when: common_timezone_config.changed

- name: timezone - reconfigure tzdata
  command: dpkg-reconfigure --frontend noninteractive tzdata
  when: common_timezone_config.changed

- name: Apticron email configuration
  template: src=apticron.conf.j2 dest=/etc/apticron/apticron.conf

- name: gitconfig for root user (etckeeper will complain)
  template: src=root_gitconfig.j2 dest=/root/.gitconfig

#- include: users.yml tags=users
- include: security.yml tags=security
- include: ntp.yml tags=ntp
- include: extrapkg.yml tags=extrapkg