forked from Deuxfleurs/infrastructure
57 lines
1.1 KiB
YAML
57 lines
1.1 KiB
YAML
- name: "Check that host runs Debian buster/sid on armv7l or x86_64"
|
|
assert:
|
|
that:
|
|
- "ansible_architecture == 'aarch64' or ansible_architecture == 'armv7l' or ansible_architecture == 'x86_64'"
|
|
- "ansible_os_family == 'Debian'"
|
|
|
|
- name: "Upgrade system"
|
|
apt:
|
|
upgrade: dist # Should we do a full uprade instead of a dist one?
|
|
update_cache: yes
|
|
cache_valid_time: 3600
|
|
autoclean: yes
|
|
autoremove: yes
|
|
|
|
- name: "Remove base tools"
|
|
apt:
|
|
name:
|
|
- systemd-resolved
|
|
state: absent
|
|
|
|
- name: "Install base tools"
|
|
apt:
|
|
name:
|
|
- vim
|
|
- htop
|
|
- screen
|
|
- iptables
|
|
- iptables-persistent
|
|
- nftables
|
|
- iproute2
|
|
- curl
|
|
- iputils-ping
|
|
- dnsutils
|
|
- bmon
|
|
- iftop
|
|
- iotop
|
|
- docker.io
|
|
- unzip
|
|
- tar
|
|
- tcpdump
|
|
- less
|
|
- parted
|
|
- btrfs-tools
|
|
- libnss-resolve
|
|
- net-tools
|
|
- strace
|
|
- sudo
|
|
state: present
|
|
|
|
- name: "Passwordless sudo"
|
|
lineinfile:
|
|
path: /etc/sudoers
|
|
state: present
|
|
regexp: '^%sudo'
|
|
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
|
|
validate: 'visudo -cf %s'
|
|
|