This repository has been archived on 2023-03-15. You can view files and clone it, but cannot push or open issues or pull requests.
infrastructure/os/config/roles/common/tasks/main.yml

70 lines
1.5 KiB
YAML

- name: "Check that host runs Debian buster/sid on armv7l or x86_64"
assert:
that:
- "ansible_architecture == 'aarch64' or ansible_architecture == 'armv7l' or ansible_architecture == 'x86_64'"
- "ansible_os_family == 'Debian'"
- name: "Upgrade system"
apt:
upgrade: full
update_cache: yes
cache_valid_time: 3600
autoclean: yes
autoremove: yes
- name: "Install base tools"
apt:
name:
# Essentials
- curl
- less
- sudo
- tar
- unzip
# User tooling
- screen
- vim
# Monitoring
- bmon
- htop
- iftop
- iotop
- iputils-ping
- pciutils
- strace
- tcpdump
# Networking
- bind9-dnsutils
- ethtool
- iproute2 # advanced net-tools
- iptables # legacy firewall (still used by diplonat)
- iptables-persistent
- net-tools # basic network tools
- nftables # iptables' successor (will replace it eventually)
# Filesystems / Disk Utils
- parted
state: present
# Install Docker if need be
- name: Check if Docker is installed
command: 'which docker'
args:
warn: no
register: docker_exists
changed_when: docker_exists.rc != 0
ignore_errors: true
- name: "Install Docker"
include_tasks: docker.yml
when: docker_exists.rc != 0
# Cool stuff
- name: "Passwordless sudo"
lineinfile:
path: /etc/sudoers
state: present
regexp: '^%sudo'
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'