diff options
author | Christian Pointner <equinox@spreadspace.org> | 2018-04-21 23:28:35 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2018-04-21 23:28:35 +0200 |
commit | 2e5b51cc24b6f6c91e7f969fe14e3adc2d4e80f2 (patch) | |
tree | 6cbb61b2f17061fee06306a3ec2e58e2fc3e87de /roles/base/tasks/main.yml | |
parent | updated google apt key (diff) |
rename all .yaml to .yml
Diffstat (limited to 'roles/base/tasks/main.yml')
-rw-r--r-- | roles/base/tasks/main.yml | 91 |
1 files changed, 91 insertions, 0 deletions
diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml new file mode 100644 index 00000000..3c6fc790 --- /dev/null +++ b/roles/base/tasks/main.yml @@ -0,0 +1,91 @@ +--- +- name: disable recommends and suggests + copy: + src: 02no-recommends + dest: /etc/apt/apt.conf.d/ + +- name: install base system tools + apt: + name: "{{ item }}" + state: present + with_items: + - htop + - dstat + - lsof + - gawk + - psmisc + - less + - debian-goodies + - screen + - mtr-tiny + - tcpdump + - iptraf-ng + - unp + - haveged + - dbus + - libpam-systemd + - aptitude + - ca-certificates + - file + - man-db + - manpages + - nano + +- name: Remove startup message from screen + lineinfile: + regexp: "^startup_message" + line: "startup_message off" + dest: /etc/screenrc + mode: 0644 + tags: + - screen + +- name: install htop config (1/2) + with_items: + - /root + - /etc/skel + file: + name: "{{ item }}/.config/htop/" + state: directory + mode: 0700 + +- name: install htop config (2/2) + with_items: + - /root + - /etc/skel + copy: + src: htoprc + dest: "{{ item }}/.config/htop/" + +- name: Ensure /root is not world accessible + file: + path: /root + mode: 0700 + owner: root + group: root + state: directory + +- name: disable net/fs/misc kernel modules + lineinfile: + dest: /etc/modprobe.d/disablemod.conf + line: "install {{ item }} /bin/true" + create: yes + owner: root + group: root + mode: 0644 + with_items: "{{ modules_blacklist.net | union(modules_blacklist.fs) | union(modules_blacklist.misc) }}" + +- name: Change various sysctl-settings, look at the sysctl-vars file for documentation + sysctl: + name: "{{ item.key }}" + value: "{{ item.value }}" + sysctl_set: yes + state: present + reload: yes + ignoreerrors: yes + with_dict: "{{ sysctl_config | combine(sysctl_config_user) }}" + +- name: install extra packages + apt: + name: "{{ base_packages_extra_host | union(base_packages_extra_group) }}" + state: present |