ansible
/
common
Archived
generated from ansible/desktop
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2021-11-20. You can view files and clone it, but cannot push or open issues or pull requests.
common/tasks/main.yml

93 lines
2.1 KiB
YAML
Raw Permalink Blame History

- name: "Python is Python3"
apt:
name: "python-is-python3"
state: "present"
when:
- ansible_facts['distribution_major_version'] | int >= 20
- ansible_facts['distribution'] == "Ubuntu"
- name: "Upgrade to the latest packages"
apt:
upgrade: "dist"
autoremove: "yes"
update_cache: yes
- name: "Install packages"
apt:
name: "{{ apt_packages }}"
state: "present"
- name: "Allow tcp traffic on defined ports"
ufw:
rule: "allow"
port: "22"
proto: "tcp"
- name: "Allow udp traffic on defined ports"
ufw:
rule: "allow"
port: 60001:60099
proto: "udp"
- name: "Enable UFW"
ufw:
state: "enabled"
when: ufw_disabled is undefined
- name: "Lock root user"
command: "passwd -l root"
- name: Add deploy user
user:
name: "{{ common_deploy_user_name }}"
shell: /bin/bash
- name: Add authorized keys for deploy user
authorized_key:
user: "{{ common_deploy_user_name }}"
key: "{{ lookup('file', item) }}"
with_items: "{{ common_deploy_public_key }}"
- name: Add deploy user to sudoers
lineinfile:
dest: "/etc/sudoers"
regexp: "{{ common_deploy_user_name }} ALL"
line: "{{ common_deploy_user_name }} ALL=(ALL) NOPASSWD: ALL"
state: "present"
- name: "Check if pip is installed"
ansible.builtin.stat:
path: "/usr/local/bin/pip3"
register: pip_state
- name: "Download the newest Pip"
get_url:
url: "https://bootstrap.pypa.io/get-pip.py"
dest: "/tmp/get-pip.py"
mode: "0644"
when:
- ansible_facts['distribution_major_version'] | int >= 20
- ansible_facts['distribution'] == "Ubuntu"
- not pip_state.stat.exists
- name: "Download Pip for Python 3.5"
get_url:
url: "https://bootstrap.pypa.io/pip/3.5/get-pip.py"
dest: "/tmp/get-pip.py"
mode: "0644"
when:
- (not ansible_facts['distribution_major_version'] | int >= 20
or not ansible_facts['distribution'] == "Ubuntu")
- not pip_state.stat.exists
- name: "Install pip"
command:
cmd: "python3 /tmp/get-pip.py"
when: not pip_state.stat.exists
- name: "Upgrade pip"
ansible.builtin.pip:
name: pip
state: latest
when: pip_state.stat.exists
Reference in New Issue View Git Blame Copy Permalink