2019-06-01 14:02:49 +00:00
|
|
|
- name: "Check that host runs Debian buster/sid on armv7l or x86_64"
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- "ansible_architecture == 'aarch64' or ansible_architecture == 'armv7l' or ansible_architecture == 'x86_64'"
|
|
|
|
- "ansible_os_family == 'Debian'"
|
|
|
|
|
|
|
|
- name: "Upgrade system"
|
|
|
|
apt:
|
2021-04-09 12:05:32 +00:00
|
|
|
upgrade: full
|
2019-06-01 14:02:49 +00:00
|
|
|
update_cache: yes
|
|
|
|
cache_valid_time: 3600
|
|
|
|
autoclean: yes
|
|
|
|
autoremove: yes
|
|
|
|
|
|
|
|
- name: "Install base tools"
|
|
|
|
apt:
|
|
|
|
name:
|
2021-03-14 14:49:08 +00:00
|
|
|
# Essentials
|
2019-06-01 14:02:49 +00:00
|
|
|
- curl
|
2021-03-14 14:49:08 +00:00
|
|
|
- less
|
|
|
|
- sudo
|
|
|
|
- tar
|
|
|
|
- unzip
|
|
|
|
# User tooling
|
|
|
|
- screen
|
|
|
|
- vim
|
|
|
|
# Monitoring
|
2019-06-01 14:02:49 +00:00
|
|
|
- bmon
|
2021-03-14 14:49:08 +00:00
|
|
|
- htop
|
2019-06-01 14:02:49 +00:00
|
|
|
- iftop
|
|
|
|
- iotop
|
2021-03-23 16:09:09 +00:00
|
|
|
- iputils-ping
|
|
|
|
- pciutils
|
2019-06-01 14:02:49 +00:00
|
|
|
- strace
|
2021-03-14 14:49:08 +00:00
|
|
|
- tcpdump
|
|
|
|
# Networking
|
2021-04-09 12:05:32 +00:00
|
|
|
- bind9-dnsutils
|
2021-02-01 18:56:16 +00:00
|
|
|
- ethtool
|
2021-03-14 14:49:08 +00:00
|
|
|
- iproute2 # advanced net-tools
|
|
|
|
- iptables # legacy firewall (still used by diplonat)
|
|
|
|
- iptables-persistent
|
|
|
|
- net-tools # basic network tools
|
|
|
|
- nftables # iptables' successor (will replace it eventually)
|
2021-04-09 12:05:32 +00:00
|
|
|
# Filesystems / Disk Utils
|
2021-03-14 14:49:08 +00:00
|
|
|
- parted
|
2019-06-01 14:02:49 +00:00
|
|
|
state: present
|
2020-02-16 19:05:47 +00:00
|
|
|
|
2021-03-23 15:57:10 +00:00
|
|
|
# Install Docker if need be
|
|
|
|
|
|
|
|
- name: Check if Docker is installed
|
|
|
|
command: 'which docker'
|
|
|
|
args:
|
|
|
|
warn: no
|
|
|
|
register: docker_exists
|
|
|
|
changed_when: docker_exists.rc != 0
|
|
|
|
ignore_errors: true
|
|
|
|
|
|
|
|
- name: "Install Docker"
|
|
|
|
include_tasks: docker.yml
|
|
|
|
when: docker_exists.rc != 0
|
|
|
|
|
2021-03-23 16:12:13 +00:00
|
|
|
# Cool stuff
|
2021-03-23 15:57:10 +00:00
|
|
|
|
2020-02-16 19:05:47 +00:00
|
|
|
- name: "Passwordless sudo"
|
|
|
|
lineinfile:
|
|
|
|
path: /etc/sudoers
|
|
|
|
state: present
|
|
|
|
regexp: '^%sudo'
|
|
|
|
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
|
2021-04-09 12:05:32 +00:00
|
|
|
validate: 'visudo -cf %s'
|