kolter
/
ansible-playbooks


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697
							- name: Install hosts file
  template: src=hosts.j2 dest=/etc/hosts owner=root group=root mode=0644
  notify:
    - Update motd

- name: Install hosts.deny file
  template: src=hosts.deny.j2 dest=/etc/hosts.deny owner=root group=root mode=0644

- name: Write /etc/apt/sources.list
  template: src=apt/sources.{{ ansible_lsb.codename }}.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644
  notify:
    - Reload apt cache

- name: Write /etc/apt/apt.conf.d configuration files
  template: src=apt/apt-options.j2 dest=/etc/apt/apt.conf.d/90local owner=root group=root mode=0644

- name: Remove deprecated apt options files
  file: path=/etc/apt/apt.conf.d/{{ item }} state=absent
  with_items:
    - local-recommends
    - local-pdiffs

- name: Install base packages
  apt: pkg={{ item }} install_recommends=no state=installed update_cache=yes
  with_items:
    - apticron
    - locales-all
    - locales
    - lsb-release
    - ntp
    - toilet
    - toilet-fonts
    - facter
    - zsh
    - git-core
    - vim-nox
    - ccze
    - tree
    - pydf
    - htop
    - sudo
    - sysfsutils
    - tmux
    - rsync
    - ca-certificates
    - sysstat
    - etckeeper

- name: Configure default locale and timezone
  debconf: name="{{item.name}}" question="{{item.question}}" value="{{item.value}}" vtype="{{item.vtype}}"
  with_items:
    - { name: 'locales', question: 'locales/default_environment_locale', value: '{{ locale }}', vtype: 'select' }
    - { name: 'tzdata', question: 'tzdata/Areas', value: '{{ timezone_area }}', vtype: 'select' }
    - { name: 'tzdata', question: 'tzdata/Zones/{{ timezone_area }}', value: '{{ timezone_city }}', vtype: 'select' }
  notify:
    - Reconfigure locales
    - Reconfigure timezone

- name: Install kernel configuration (proc)
  template: src=kernel/sysctl.d/{{ item }}.j2 dest=/etc/sysctl.d/{{ item }} owner=root group=root mode=0644
  with_items:
      - 10-increase-file-descriptors.conf
  notify:
    - Apply kernel configuration (proc)

- name: Create sysfs configuration directory - /etc/sysfs.d
  file: path=/etc/sysfs.d state=directory owner=root group=root mode=0755

- name: Install kernel configuration (sys)
  template: src=kernel/sysfs.d/{{ item }}.j2 dest=/etc/sysfs.d/{{ item }} owner=root group=root mode=0644
  with_items:
      - 00-sysfs-prolog.conf
  notify:
    - Refresh sysfs configuration

- name: Install kernel configuration (sys) for disks
  template: src=kernel/sysfs.d/{{ item }}.j2 dest=/etc/sysfs.d/{{ item }} owner=root group=root mode=0644
  with_items:
      - 10-disks.conf
  notify:
    - Refresh sysfs configuration
  when: sysfs_disk_settings

- name: Install sudo configuration
  template: src=sudo/local-admin.j2 dest=/etc/sudoers.d/local-admin owner=root group=root mode=0440

- name: Install unprivileged user
  user: name="{{item.user}}" comment="{{item.fullname}}" groups=adm,operator,sudo append=yes shell=/bin/zsh state=present
  with_items: admins

- name: Install SSH key for unprivileged user
  authorized_key: user="{{item.user}}" key="{{lookup('file', '../data/users/' + item.user + '/id_rsa.pub')}}" state=present
  with_items: admins

- name: Install SSH key for root
  authorized_key: user=root key="{{lookup('file', '../data/users/' + item.user + '/id_rsa.pub')}}" state=present
  with_items: admins