ansible
/
common
Archived
generated from ansible/desktop
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2021-11-20. You can view files and clone it, but cannot push or open issues or pull requests.
common/tasks/main.yml

51 lines
1.1 KiB
YAML
Raw Blame History

- name: "Update package cache"
apt:
update_cache: "yes"
- name: "Upgrade to the latest packages"
apt:
upgrade: "dist"
autoremove: "yes"
- name: "Install packages"
apt:
name: "{{ apt_packages }}"
state: "present"
- name: "Allow tcp traffic on defined ports"
ufw:
rule: "allow"
port: 22
proto: "tcp"
- name: "Lock root user"
command: "passwd -l root"
- name: "Add deploy user"
user:
name: "{{ deploy_user_name }}"
shell: "/bin/bash"
- name: "Add authorized keys for deploy user"
authorized_key:
user: "{{ deploy_user_name }}"
key: "{{ lookup('file', item) }}"
with_items: "{{ deploy_public_key }}"
- name: "Add deploy user to sudoers"
lineinfile: "dest=/etc/sudoers
regexp='{{ deploy_user_name }} ALL'
line='{{ deploy_user_name }} ALL=(ALL) NOPASSWD: ALL'
state=present"
- name: "Blacklist the floppy driver module"
kernel_blacklist:
name: "floppy"
state: "present"
notify: "reconfigure initramfs"
- name: "Unload the floppy driver module"
modprobe:
name: "floppy"
state: "absent"
Reference in New Issue View Git Blame Copy Permalink