DTSV/Ansible
1
0
Fork 0
Code Issues Pull Requests Releases Activity

initial ansible code

Browse Source
This commit is contained in:
Oli
2022-10-09 21:41:56 +00:00
parent 4a64eab4a0
commit feaec34dd2
103 changed files with 4473 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
roles/common/files/public_keys.pub Normal file
View File

@@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFpczZfQ5MrfjSYz8MnDHG4sM2cQ8cIsj3ALDGtmW3zu terraform

8
roles/common/tasks/authorized_keys.yml Normal file
View File

@@ -0,0 +1,8 @@
---
- name: Set authorized keys
authorized_key:
user: "{{ main_user }}"
key: "{{ lookup('file', 'public_keys.pub') }}"
state: present
exclusive: true # removing all the authorized keys already set

9
roles/common/tasks/main.yml Normal file
View File

@@ -0,0 +1,9 @@
---
- name: Install system packages
import_tasks: system_packages.yml
- name: Configure unattended upgrades
import_tasks: unattended_upgrades.yml
- name: Add authorized_keys
import_tasks: authorized_keys.yml

7
roles/common/tasks/system_packages.yml Normal file
View File

@@ -0,0 +1,7 @@
---
- name: Install common required system packages
apt:
name: "{{ common_system_packages }}"
state: latest
update_cache: true
cache_valid_time: 3600

15
roles/common/tasks/unattended_upgrades.yml Normal file
View File

@@ -0,0 +1,15 @@
---
- name: Modify auto-upgrades
replace:
path: /etc/apt/apt.conf.d/20auto-upgrades
regexp: "{{ item.regexp }}"
replace: "{{ item.replace }}"
loop: "{{ auto_upgrades }}"
- name: Modify unattended-upgrades (enable recommended updates)
replace:
path: /etc/apt/apt.conf.d/50unattended-upgrades
regexp: "{{ item.regexp }}"
replace: "{{ item.replace }}"
loop: "{{ unattended_upgrades }}"

15
roles/common/vars/main.yml Normal file
View File

@@ -0,0 +1,15 @@
---
common_system_packages:
- "software-properties-common"
- "apt-transport-https"
- "ca-certificates"
auto_upgrades:
- {regexp: 'APT::Periodic::Update-Package-Lists "0";', replace: 'APT::Periodic::Update-Package-Lists "1";'}
- {regexp: 'APT::Periodic::Unattended-Upgrade "0";', replace: 'APT::Periodic::Unattended-Upgrade "1";'}
unattended_upgrades:
- {regexp: '\/\/.*\"\${distro_id}:\${distro_codename}-updates\";', replace: ' "${distro_id}:${distro_codename}-updates";'}
- {regexp: '\/\/.*Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";', replace: ' Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";'}
- {regexp: '\/\/.*Unattended-Upgrade::Remove-New-Unused-Dependencies "true";', replace: ' Unattended-Upgrade::Remove-New-Unused-Dependencies "true";'}
- {regexp: '\/\/.*Unattended-Upgrade::Remove-Unused-Dependencies "false";', replace: ' Unattended-Upgrade::Remove-Unused-Dependencies "true";'}