infrastructure/ansible/roles/common/tasks/main.yml

57 lines
1.1 KiB
YAML

- name: "Check that host runs Debian buster/sid on armv7l or x86_64"
assert:
that:
- "ansible_architecture == 'aarch64' or ansible_architecture == 'armv7l' or ansible_architecture == 'x86_64'"
- "ansible_os_family == 'Debian'"
- name: "Upgrade system"
apt:
upgrade: dist # Should we do a full uprade instead of a dist one?
update_cache: yes
cache_valid_time: 3600
autoclean: yes
autoremove: yes
- name: "Remove base tools"
apt:
name:
- systemd-resolved
state: absent
- name: "Install base tools"
apt:
name:
- vim
- htop
- screen
- iptables
- iptables-persistent
- nftables
- iproute2
- curl
- iputils-ping
- dnsutils
- bmon
- iftop
- iotop
- docker.io
- unzip
- tar
- tcpdump
- less
- parted
- btrfs-tools
- libnss-resolve
- net-tools
- strace
- sudo
state: present
- name: "Passwordless sudo"
lineinfile:
path: /etc/sudoers
state: present
regexp: '^%sudo'
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'