initial ansible code

roles/common/tasks/authorized_keys.yml

@@ -0,0 +1,8 @@
+---
+
+- name: Set authorized keys
+  authorized_key:
+    user: "{{ main_user }}"
+    key: "{{ lookup('file', 'public_keys.pub') }}"
+    state: present
+    exclusive: true  # removing all the authorized keys already set

roles/common/tasks/main.yml

@@ -0,0 +1,9 @@
+---
+- name: Install system packages
+  import_tasks: system_packages.yml
+
+- name: Configure unattended upgrades
+  import_tasks: unattended_upgrades.yml
+
+- name: Add authorized_keys
+  import_tasks: authorized_keys.yml

roles/common/tasks/system_packages.yml

@@ -0,0 +1,7 @@
+---
+- name: Install common required system packages
+  apt:
+    name: "{{ common_system_packages }}"
+    state: latest
+    update_cache: true
+    cache_valid_time: 3600

roles/common/tasks/unattended_upgrades.yml

@@ -0,0 +1,15 @@
+---
+
+- name: Modify auto-upgrades
+  replace:
+    path: /etc/apt/apt.conf.d/20auto-upgrades
+    regexp: "{{ item.regexp }}"
+    replace: "{{ item.replace }}"
+  loop: "{{ auto_upgrades }}"
+
+- name: Modify unattended-upgrades (enable recommended updates)
+  replace:
+    path: /etc/apt/apt.conf.d/50unattended-upgrades
+    regexp: "{{ item.regexp }}"
+    replace: "{{ item.replace }}"
+  loop: "{{ unattended_upgrades }}"