dtomlinson/ansible_linux_setup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

adding setup role

Browse Source
This commit is contained in:
Daniel Tomlinson
2021-03-03 18:07:10 +00:00
parent 05f9d07358
commit e69bddcc3e
6 changed files with 146 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
roles/setup/tasks/main.yml
View File

@@ -1,5 +1,5 @@
- name: Initial server setup
tags: setup
tags: [setup, server]
block:
- name: Create default user
user:
@@ -30,3 +30,80 @@
- name: Install apt packages
apt:
name: "{{ packages_to_install }}"
- name: Add Debian backports
include_role:
name: jnv.debian-backports
- name: Add unattended-upgrades
include_role:
name: jnv.unattended-upgrades
- name: Install mozilla/sops
get_url:
url: https://github.com/mozilla/sops/releases/download/v3.5.0/sops-v3.5.0.linux
dest: /usr/bin/sops
mode: "0755"
owner: root
group: root
- name: Enable dm_crypt module
modprobe:
name: dm_crypt
state: present
- name: Enable compress on logrotate
lineinfile:
dest: /etc/logrotate.conf
regexp: "^#?compress"
line: "compress"
state: present
- name: Configure timezone
timezone:
name: "{{ timezone }}"
- name: Configure ntp client and restart it
template:
src: ntp.conf.j2
dest: /etc/ntp.conf
notify:
- restart ntp
- restart cron
- name: Set up exim4 conf
template:
src: update-exim4.conf.conf.j2
dest: /etc/exim4/update-exim4.conf.conf
owner: root
group: root
mode: 0644
- name: Set up exim4 password file
template:
src: passwd.client.j2
dest: /etc/exim4/passwd.client
owner: root
group: Debian-exim
mode: 0640
- name: Set up exim4 localmacros
copy:
src: exim4.conf.localmacros
dest: /etc/exim4/exim4.conf.localmacros
owner: root
group: root
mode: 0644
notify: restart exim4
- name: Make fail2ban work with ufw
lineinfile:
dest: "{{ item }}"
regexp: "^banaction"
line: "banaction = ufw"
state: present
with_items:
- /etc/fail2ban/jail.conf
- /etc/fail2ban/jail.local
notify:
- restart fail2ban