mirror of
https://github.com/koodiklinikka/playbooks.git
synced 2026-03-05 04:00:27 +00:00
initial
This commit is contained in:
Niko Kurtti
18
roles/base/tasks/locale.yml
Normal file
18
roles/base/tasks/locale.yml
Normal file
@@ -0,0 +1,18 @@
|
||||
---
|
||||
- command: grep LC_CTYPE={{ locale.LC_CTYPE }} /etc/default/locale
|
||||
register: lc_ctype
|
||||
changed_when: False
|
||||
ignore_errors: True
|
||||
|
||||
- command: grep LANG={{ locale.LANG }} /etc/default/locale
|
||||
register: lang
|
||||
changed_when: False
|
||||
ignore_errors: True
|
||||
|
||||
- name: Create locales
|
||||
command: locale-gen {{ locale.LC_CTYPE }} {{ locale.LANG }}
|
||||
when: lc_ctype|failed or lang|failed
|
||||
|
||||
- name: Set LC_CTYPE=fi_FI.UTF-8 and LANG=en_US.UTF-8
|
||||
command: update-locale LC_CTYPE={{ locale.LC_CTYPE }} LANG={{ locale.LANG }}
|
||||
when: lc_ctype|failed or lang|failed
|
||||
9
roles/base/tasks/main.yml
Normal file
9
roles/base/tasks/main.yml
Normal file
@@ -0,0 +1,9 @@
|
||||
---
|
||||
- include: locale.yml tags=base,locale
|
||||
- include: users.yml tags=base,users
|
||||
- include: packages.yml tags=base,packages
|
||||
- include: sudo.yml tags=base,sudo
|
||||
- include: sshd.yml tags=base,ssh
|
||||
- include: ufw.yml tags=base,ufw
|
||||
- include: ntp.yml tags=base,ntp
|
||||
- include: timezone.yml tags=base,timezone
|
||||
7
roles/base/tasks/ntp.yml
Normal file
7
roles/base/tasks/ntp.yml
Normal file
@@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: Install ntp
|
||||
apt: pkg=ntp state=present
|
||||
|
||||
- name: Copy ntp.conf
|
||||
copy: src=etc/ntp.conf dest=/etc/ntp.conf
|
||||
notify: restart ntpd
|
||||
11
roles/base/tasks/packages.yml
Normal file
11
roles/base/tasks/packages.yml
Normal file
@@ -0,0 +1,11 @@
|
||||
---
|
||||
- name: install basic packages
|
||||
apt: >
|
||||
pkg={{ item }}
|
||||
state=present
|
||||
with_items:
|
||||
- screen
|
||||
- vim
|
||||
- git
|
||||
- htop
|
||||
- wget
|
||||
7
roles/base/tasks/sshd.yml
Normal file
7
roles/base/tasks/sshd.yml
Normal file
@@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: configure sshd
|
||||
copy: >
|
||||
src=etc/sshd_config
|
||||
dest=/etc/ssh/sshd_config
|
||||
validate='/usr/sbin/sshd -T -f %s'
|
||||
notify: restart sshd
|
||||
8
roles/base/tasks/sudo.yml
Normal file
8
roles/base/tasks/sudo.yml
Normal file
@@ -0,0 +1,8 @@
|
||||
---
|
||||
- name: setup sudo
|
||||
lineinfile: >
|
||||
dest=/etc/sudoers
|
||||
state=present
|
||||
regexp='^%admin ALL\='
|
||||
line='%admin ALL=(ALL) NOPASSWD:ALL'
|
||||
validate='visudo -cf %s'
|
||||
4
roles/base/tasks/timezone.yml
Normal file
4
roles/base/tasks/timezone.yml
Normal file
@@ -0,0 +1,4 @@
|
||||
---
|
||||
- name: set /etc/timezone to Etc/UTC
|
||||
copy: src=etc/timezone dest=/etc/timezone
|
||||
notify: update tzdata
|
||||
9
roles/base/tasks/ufw.yml
Normal file
9
roles/base/tasks/ufw.yml
Normal file
@@ -0,0 +1,9 @@
|
||||
---
|
||||
- name: Enable firewall
|
||||
ufw: state=enabled policy=allow
|
||||
|
||||
- name: Allow tcp/22 for SSH
|
||||
ufw: rule=allow port=22 proto=tcp
|
||||
|
||||
- name: Reject other ports
|
||||
ufw: rule=reject
|
||||
17
roles/base/tasks/users.yml
Normal file
17
roles/base/tasks/users.yml
Normal file
@@ -0,0 +1,17 @@
|
||||
---
|
||||
- name: create admin group
|
||||
group: name=admin state=present
|
||||
|
||||
- name: create users
|
||||
user: >
|
||||
name={{ item.name }}
|
||||
groups=admin
|
||||
shell=/bin/bash
|
||||
password={{ item.password }}
|
||||
with_items: users
|
||||
|
||||
- name: set authorized keys
|
||||
authorized_key: >
|
||||
user='{{ item.name }}'
|
||||
key='{{lookup('file', item.public_key)}}'
|
||||
with_items: users
|
||||
Reference in New Issue
Block a user