This repository has been archived on 2023-03-15. You can view files and clone it, but cannot push or open issues or pull requests.
infrastructure/os/config/roles/common/tasks/main.yml

71 lines
1.5 KiB
YAML
Raw Normal View History

2019-06-01 14:02:49 +00:00
- name: "Check that host runs Debian buster/sid on armv7l or x86_64"
assert:
that:
- "ansible_architecture == 'aarch64' or ansible_architecture == 'armv7l' or ansible_architecture == 'x86_64'"
- "ansible_os_family == 'Debian'"
- name: "Upgrade system"
apt:
2021-04-09 12:05:32 +00:00
upgrade: full
2019-06-01 14:02:49 +00:00
update_cache: yes
cache_valid_time: 3600
autoclean: yes
autoremove: yes
- name: "Install base tools"
apt:
name:
# Essentials
2019-06-01 14:02:49 +00:00
- curl
- less
- sudo
- tar
- unzip
# User tooling
- screen
- vim
# Monitoring
2019-06-01 14:02:49 +00:00
- bmon
- htop
2019-06-01 14:02:49 +00:00
- iftop
- iotop
- iputils-ping
- pciutils
2019-06-01 14:02:49 +00:00
- strace
- tcpdump
# Networking
2021-04-09 12:05:32 +00:00
- bind9-dnsutils
2021-02-01 18:56:16 +00:00
- ethtool
- iproute2 # advanced net-tools
- iptables # legacy firewall (still used by diplonat)
- iptables-persistent
- net-tools # basic network tools
- nftables # iptables' successor (will replace it eventually)
2021-04-09 12:05:32 +00:00
# Filesystems / Disk Utils
- parted
2019-06-01 14:02:49 +00:00
state: present
2020-02-16 19:05:47 +00:00
# Install Docker if need be
- name: Check if Docker is installed
command: 'which docker'
args:
warn: no
register: docker_exists
changed_when: docker_exists.rc != 0
ignore_errors: true
- name: "Install Docker"
include_tasks: docker.yml
when: docker_exists.rc != 0
2021-03-23 16:12:13 +00:00
# Cool stuff
2020-02-16 19:05:47 +00:00
- name: "Passwordless sudo"
lineinfile:
path: /etc/sudoers
state: present
regexp: '^%sudo'
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
2021-04-09 12:05:32 +00:00
validate: 'visudo -cf %s'