Browse Source

Initial commit

main
martin 5 months ago
parent
commit
0adcb4be9f
  1. 5
      defaults/main.yml
  2. 5
      files/motd
  3. 3
      handlers/main.yml
  4. 56
      tasks/main.yml

5
defaults/main.yml

@ -0,0 +1,5 @@
---
# @var debian_baseline_motd_enabled: true # whether to install an motd stating that this box is ansible managed
debian_baseline_motd_enabled: true
backports_uri: http://ftp.debian.org/debian
backports_components: "{{ ansible_distribution_release }}-backports main contrib non-free"

5
files/motd

@ -0,0 +1,5 @@
*****************************************************************
* This server is automatically configured by Ansible. *
* *
* Any changes you make will be overwritten *
*****************************************************************

3
handlers/main.yml

@ -0,0 +1,3 @@
---
- name: reconfigure unattended-upgrades
command: dpkg-reconfigure -f noninteractive unattended-upgrades

56
tasks/main.yml

@ -0,0 +1,56 @@
---
- name: Add backports repository
apt_repository:
filename: backports
repo: 'deb {{ backports_uri }} {{ backports_components }}'
state: present
mode: 0666
- name: Update APT package cache
apt:
update_cache: true
- name: Upgrade APT to the latest packages
apt:
upgrade: safe
- name: Install common packages
apt:
state: present
name:
- locales
- htop
- debsums
- vim-tiny
- unattended-upgrades
- acl
- dirmngr # Debian Stretch requires dirmngr package to be installed in order to use apt_key
- unbound # DNSSEC validation
- lsof
- ncdu
- dbus # for systemd monitoring
- tmux
- name: Set motd
copy:
src: motd
dest: /etc/motd
mode: 0644
when: debian_baseline_motd_enabled
- name: Enable unattended security updates option
debconf:
name: unattended-upgrades
question: 'unattended-upgrades/enable_auto_updates'
value: 'true'
vtype: 'boolean'
notify: reconfigure unattended-upgrades
- name: Setup NTP
include_role:
name: ansible-debian-ntp
- name: Ensure utf8 locale exists
locale_gen:
name: en_US.UTF-8
state: present
Loading…
Cancel
Save