generated from ansible/desktop
add tasks and vars
This commit is contained in:
parent
44c26c9dd2
commit
71e72df057
|
@ -0,0 +1,50 @@
|
||||||
|
- name: "Update package cache"
|
||||||
|
apt:
|
||||||
|
update_cache: "yes"
|
||||||
|
|
||||||
|
- name: "Upgrade to the latest packages"
|
||||||
|
apt:
|
||||||
|
upgrade: "dist"
|
||||||
|
autoremove: "yes"
|
||||||
|
|
||||||
|
- name: "Install packages"
|
||||||
|
apt:
|
||||||
|
name: "{{ apt_packages }}"
|
||||||
|
state: "present"
|
||||||
|
|
||||||
|
- name: "Allow tcp traffic on defined ports"
|
||||||
|
ufw:
|
||||||
|
rule: "allow"
|
||||||
|
port: 22
|
||||||
|
proto: "tcp"
|
||||||
|
|
||||||
|
- name: "Lock root user"
|
||||||
|
command: "passwd -l root"
|
||||||
|
|
||||||
|
- name: "Add deploy user"
|
||||||
|
user:
|
||||||
|
name: "{{ deploy_user_name }}"
|
||||||
|
shell: "/bin/bash"
|
||||||
|
|
||||||
|
- name: "Add authorized keys for deploy user"
|
||||||
|
authorized_key:
|
||||||
|
user: "{{ deploy_user_name }}"
|
||||||
|
key: "{{ lookup('file', item) }}"
|
||||||
|
with_items: "{{ deploy_public_key }}"
|
||||||
|
|
||||||
|
- name: "Add deploy user to sudoers"
|
||||||
|
lineinfile: "dest=/etc/sudoers
|
||||||
|
regexp='{{ deploy_user_name }} ALL'
|
||||||
|
line='{{ deploy_user_name }} ALL=(ALL) NOPASSWD: ALL'
|
||||||
|
state=present"
|
||||||
|
|
||||||
|
- name: "Blacklist the floppy driver module"
|
||||||
|
kernel_blacklist:
|
||||||
|
name: "floppy"
|
||||||
|
state: "present"
|
||||||
|
notify: "reconfigure initramfs"
|
||||||
|
|
||||||
|
- name: "Unload the floppy driver module"
|
||||||
|
modprobe:
|
||||||
|
name: "floppy"
|
||||||
|
state: "absent"
|
|
@ -0,0 +1,18 @@
|
||||||
|
---
|
||||||
|
deploy_user_name: ansible
|
||||||
|
deploy_public_key:
|
||||||
|
- keys/ansible.pub
|
||||||
|
|
||||||
|
apt_packages:
|
||||||
|
- apt-transport-https
|
||||||
|
- ntp
|
||||||
|
- sudo
|
||||||
|
- ufw
|
||||||
|
- unzip
|
||||||
|
- vim
|
||||||
|
- htop
|
||||||
|
- tmux
|
||||||
|
- git
|
||||||
|
- tree
|
||||||
|
|
||||||
|
timezone: Europe/Zurich
|
Reference in New Issue