Last change
on this file since 15505 was
15358,
checked in by uli, 6 years ago
|
Update package list for basic installs.
We do not need landscape-common, but fail2ban really helps.
|
File size:
1.5 KB
|
Rev | Line | |
---|
[14349] | 1 | --- |
---|
| 2 | # This ansible-playbook does the setup of already 'bootstrapped' machines. |
---|
| 3 | # |
---|
| 4 | # It does not create own users, etc. You need a working ssh access to the |
---|
| 5 | # target system. |
---|
| 6 | # |
---|
| 7 | # What it does: |
---|
| 8 | # - sets hostname (to inventory hostname, short hostname derived |
---|
| 9 | # from it) |
---|
| 10 | # |
---|
| 11 | # This playbook should be played as second thing after getting your |
---|
| 12 | # hands over new hardware and after being "bootstrapped". |
---|
| 13 | # |
---|
| 14 | - hosts: bootstrapped |
---|
| 15 | become: yes |
---|
| 16 | vars: |
---|
| 17 | hostname_fqdn: "{{ inventory_hostname }}" |
---|
| 18 | hostname_short: "{{ hostname_fqdn.split('.').0 }}" |
---|
| 19 | |
---|
| 20 | tasks: |
---|
| 21 | - name: update packages |
---|
| 22 | apt: |
---|
| 23 | upgrade=safe |
---|
| 24 | update_cache=yes |
---|
| 25 | |
---|
| 26 | - name: set hostname to {{ hostname_fqdn }}, {{ hostname_short }} |
---|
| 27 | hostname: |
---|
| 28 | name: "{{ hostname_short }}" |
---|
| 29 | |
---|
| 30 | - name: set FQDN for ipv4/ipv6 interfaces in /etc/hosts |
---|
| 31 | lineinfile: |
---|
| 32 | dest: /etc/hosts |
---|
| 33 | regexp: '^{{ item }} ' |
---|
| 34 | line: '{{ item }} {{ hostname_fqdn }} {{ hostname_short }}' |
---|
| 35 | state: present |
---|
| 36 | backup: yes |
---|
| 37 | when: "{{ 'NO DEFAULT' not in item }}" |
---|
| 38 | with_items: |
---|
| 39 | - "{{ ansible_default_ipv4.address | default('NO DEFAULT IPv4 ADDRESS DEFINED') }}" |
---|
| 40 | - "{{ ansible_default_ipv6.address | default('NO DEFAULT IPv6 ADDRESS DEFINED') }}" |
---|
[14352] | 41 | |
---|
| 42 | - name: install basic packages we use on each host |
---|
| 43 | apt: |
---|
| 44 | name: "{{ item }}" |
---|
| 45 | state: present |
---|
| 46 | with_items: |
---|
| 47 | - rkhunter |
---|
| 48 | - screen |
---|
[14694] | 49 | - unattended-upgrades |
---|
| 50 | - apt-show-versions |
---|
[15358] | 51 | - fail2ban |
---|
Note: See
TracBrowser for help on using the repository browser.