--- # This playbook contains common plays that will be run all nodes. - name: Install python-apt, aptitude, and debconf-utils (20.04) shell: apt-get update && apt-get -y install python-apt aptitude debconf-utils when: ansible_distribution_release == 'focal' - name: Install python-apt, aptitude, and debconf-utils (22.04) shell: apt-get update && apt-get -y install python3-apt aptitude debconf-utils when: ansible_distribution_release == 'jammy' - name: Do any package upgrades apt: upgrade=dist - name: Set default locale to en_US.UTF-8 debconf: name=locales question='locales/default_environment_locale' value=en_US.UTF-8 vtype='select' - name: Generate locales debconf: name=locales question='locales/locales_to_be_generated' value='en_US.UTF-8 UTF-8' vtype='multiselect' - name: Set timezone area debconf: name=tzdata question='tzdata/Areas' value='Etc' vtype='select' - name: Set timezone debconf: name=tzdata question='tzdata/Zones/Etc' value='UTC' vtype='select' notify: - restart rsyslog - restart cron - name: Set hostname hostname: name: "{{ inventory_hostname }}" use: systemd - name: Remove packages we do not need apt: name: "{{ packages }}" state: absent vars: packages: - exim4-daemon-light - consolekit - snapd - lxcfs - rpcbind - ufw - name: Install required packages apt: name: "{{ packages }}" state: latest vars: packages: - most - vim - vim-scripts - git - tmux - multitail - mtr-tiny - curl - dnsutils - sudo - gnupg - traceroute - htop - haveged - build-essential - vnstat - chrony - unattended-upgrades - mailutils - postfix - python-is-python3 - net-tools - name: Ensure haveged, ntp, and vnstat are started on boot service: name={{ item }} enabled=yes with_items: - haveged - vnstat - chrony - name: Ensure that the periodic APT cron task clears out old kernels and does unattended security upgrades copy: src=10periodic dest=/etc/apt/apt.conf.d/10periodic backup=yes owner=root group=root mode=0644 - name: Copy over our aliases file copy: src=aliases dest=/etc/aliases notify: - newaliases