source: main/waeup-ansible/setup.yml @ 15554

Last change on this file since 15554 was 15358, checked in by uli, 6 years ago

Update package list for basic installs.

We do not need landscape-common, but fail2ban really helps.

File size: 1.5 KB
Line 
1---
2# This ansible-playbook does the setup of already 'bootstrapped' machines.
3#
4# It does not create own users, etc. You need a working ssh access to the
5# target system.
6#
7# What it does:
8#   - sets hostname (to inventory hostname, short hostname derived
9#     from it)
10#
11# This playbook should be played as second thing after getting your
12# hands over new hardware and after being "bootstrapped".
13#
14- hosts: bootstrapped
15  become: yes
16  vars:
17    hostname_fqdn: "{{ inventory_hostname }}"
18    hostname_short: "{{ hostname_fqdn.split('.').0 }}"
19
20  tasks:
21    - name: update packages
22      apt:
23        upgrade=safe
24        update_cache=yes
25
26    - name: set hostname to {{ hostname_fqdn }}, {{ hostname_short }}
27      hostname:
28        name: "{{ hostname_short }}"
29
30    - name: set FQDN for ipv4/ipv6 interfaces in /etc/hosts
31      lineinfile:
32        dest: /etc/hosts
33        regexp: '^{{ item }} '
34        line: '{{ item }} {{ hostname_fqdn }} {{ hostname_short }}'
35        state: present
36        backup: yes
37      when: "{{ 'NO DEFAULT' not in item }}"
38      with_items:
39        - "{{ ansible_default_ipv4.address | default('NO DEFAULT IPv4 ADDRESS DEFINED') }}"
40        - "{{ ansible_default_ipv6.address | default('NO DEFAULT IPv6 ADDRESS DEFINED') }}"
41
42    - name: install basic packages we use on each host
43      apt:
44        name: "{{ item }}"
45        state: present
46      with_items:
47        - rkhunter
48        - screen
49        - unattended-upgrades
50        - apt-show-versions
51        - fail2ban
Note: See TracBrowser for help on using the repository browser.