- name: "Check that host runs Debian buster/sid on armv7l or x86_64" assert: that: - "ansible_architecture == 'aarch64' or ansible_architecture == 'armv7l' or ansible_architecture == 'x86_64'" - "ansible_os_family == 'Debian'" - name: "Upgrade system" apt: upgrade: dist # Should we do a full uprade instead of a dist one? update_cache: yes cache_valid_time: 3600 autoclean: yes autoremove: yes - name: "Install base tools" apt: name: # Essentials - curl - less - sudo - tar - unzip # User tooling - screen - vim # Monitoring - bmon - htop - iftop - iotop - iputils-ping - pciutils - strace - tcpdump # Networking - dnsutils # now called bind9-dnsutils - ethtool - iproute2 # advanced net-tools - iptables # legacy firewall (still used by diplonat) - iptables-persistent - net-tools # basic network tools - nftables # iptables' successor (will replace it eventually) # Optional / Dispensable #- docker.io # Adrien n'approuve pas (il faut utiliser le repo Docker) - parted #- btrfs-tools #- libnss-resolve # provides DNS/LLMNR utilities via systemd-resolved state: present # Install Docker if need be - name: Check if Docker is installed command: 'which docker' args: warn: no register: docker_exists changed_when: docker_exists.rc != 0 ignore_errors: true - name: "Install Docker" include_tasks: docker.yml when: docker_exists.rc != 0 # Install Nomad & Consul if need be - name: Check if Nomad is installed command: 'which nomad' args: warn: no register: nomad_exists changed_when: nomad_exists.rc != 0 ignore_errors: true - name: "Install Nomad & Consul" include_tasks: hashicorp.yml when: nomad_exists.rc != 0 - name: "Passwordless sudo" lineinfile: path: /etc/sudoers state: present regexp: '^%sudo' line: '%sudo ALL=(ALL) NOPASSWD: ALL' validate: 'visudo -cf %s'