ansible-playbooks/ubuntu/roles/common/tasks/main.yml

81 lines
2.2 KiB
YAML

---
# This playbook contains common plays that will be run all nodes.
- name: Install python-apt, aptitude, and debconf-utils (20.04)
shell: apt-get update && apt-get -y install python-apt aptitude debconf-utils
when: ansible_distribution_release == 'focal'
- name: Install python-apt, aptitude, and debconf-utils (22.04)
shell: apt-get update && apt-get -y install python3-apt aptitude debconf-utils
when: ansible_distribution_release == 'jammy'
- name: Do any package upgrades
apt: upgrade=dist
- name: Set default locale to en_US.UTF-8
debconf: name=locales question='locales/default_environment_locale' value=en_US.UTF-8 vtype='select'
- name: Generate locales
debconf: name=locales question='locales/locales_to_be_generated' value='en_US.UTF-8 UTF-8' vtype='multiselect'
- name: Set timezone area
debconf: name=tzdata question='tzdata/Areas' value='Etc' vtype='select'
- name: Set timezone
debconf: name=tzdata question='tzdata/Zones/Etc' value='UTC' vtype='select'
notify:
- restart rsyslog
- restart cron
- name: Set hostname
hostname:
name: "{{ inventory_hostname }}"
use: systemd
- name: Remove packages we do not need
apt:
name: "{{ packages }}"
state: absent
vars:
packages:
- exim4-daemon-light
- consolekit
- snapd
- lxcfs
- rpcbind
- ufw
- name: Install required packages
apt:
name: "{{ packages }}"
state: latest
vars:
packages:
- most
- vim
- vim-scripts
- git
- tmux
- multitail
- mtr-tiny
- curl
- dnsutils
- sudo
- gnupg
- traceroute
- htop
- haveged
- build-essential
- vnstat
- chrony
- unattended-upgrades
- iptables-persistent
- netfilter-persistent
- mailutils
- postfix
- python-is-python3
- net-tools
- name: Ensure haveged, ntp, and vnstat are started on boot
service: name={{ item }} enabled=yes
with_items:
- haveged
- vnstat
- chrony
- name: Ensure that the periodic APT cron task clears out old kernels and does unattended security upgrades
copy: src=10periodic dest=/etc/apt/apt.conf.d/10periodic backup=yes owner=root group=root mode=0644
- name: Copy over our aliases file
copy: src=aliases dest=/etc/aliases
notify:
- newaliases