blob: a1f4500efdeb0c2c9bbd4f0537a7c151be4134c6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
---
- name: Update apt cache
apt: update_cache=yes cache_valid_time=3600
tags:
- dependencies
- name: Upgrade all safe packages
apt: upgrade=safe
tags:
- dependencies
- name: Install necessities and nice-to-haves
apt: pkg={{ item }} state=installed
with_items:
# fail2ban in security
# rkhunter in security
- apt-transport-https
- apticron
- aptitude
- bash-completion
- bzip2
- ca-certificates
- curl
- debian-goodies
- dialog
- dnsutils
- dstat
- etckeeper
- fd-find
- file
- git
- htop
- httpie
- iftop
- ifupdown
- iotop
- iproute
- iputils-ping
- isc-dhcp-client
- jq
- less
- libui-dialog-perl
- lnav
- locales
- locales-all
- lsof
- lvm2
- man-db
- manpages-dev
- molly-guard
- moreutils
- mosh
- mtr-tiny
- net-tools
- netbase
- netcat
- ngrep
- openssh-server
- openssl
- parallel
- pigz
- pv
- python
- python-software-properties
- ripgrep
- screen
- sqlite3
- sudo
- tcpdump
- tree
- unattended-upgrades
- unzip
- util-linux
- vim-nox
- wget
- zip
tags:
- dependencies
- name: Create /srv directory
file: path=/srv
state=directory
owner=root
group=root
mode=0775
- name: timezone - configure /etc/timezone
copy:
content: "{{ common_timezone | regex_replace('$', '\n') }}"
dest: /etc/timezone
owner: root
group: root
mode: 0644
register: common_timezone_config
- name: timezone - Set localtime to UTC
file: src=/usr/share/zoneinfo/Etc/UTC dest=/etc/localtime
when: common_timezone_config.changed
- name: timezone - reconfigure tzdata
command: dpkg-reconfigure --frontend noninteractive tzdata
when: common_timezone_config.changed
- name: Apticron email configuration
template: src=apticron.conf.j2 dest=/etc/apticron/apticron.conf
- name: gitconfig for root user (etckeeper will complain)
template: src=root_gitconfig.j2 dest=/root/.gitconfig
#- include: users.yml tags=users
- include: security.yml tags=security
- include: ntp.yml tags=ntp
- include: extrapkg.yml tags=extrapkg
|