banananetwork
/
ansible
1
0
Fork 0
Code Issues Pull Requests Releases Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
dehydrated
wip
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e1a612966c'
${ noResults }
ansible/roles/common/tasks/main.yml

98 lines
2.1 KiB
YAML
Raw Blame History

---
- name: Configure apt packages
import_tasks: packages.yml
- name: Configure sshd
import_tasks: sshd.yml
- name: Configure ufw
import_tasks: ufw.yml
- name: Enforce kernel security
import_tasks: kernel_hidepid.yml
tags:
- kernel_hidepid
- name: Configure locales
import_tasks: locales.yml
- name: Configure journald
import_tasks: journald.yml
tags:
- journald
- name: Configure custom facts
import_tasks: custom_facts.yml
- name: Configure helpers
import_tasks: helpers.yml
- name: Configure ssh key for root user
user:
name: root
state: present
generate_ssh_key: yes
ssh_key_type: ed25519
ssh_key_comment: "root@{{ inventory_hostname }}"
register: root_user
- name: Store ssh public key local
copy:
content: "{{ root_user.ssh_public_key }}\n"
dest: "{{ global_ssh_key_directory }}/root@{{ inventory_hostname }}"
delegate_to: localhost
vars:
ansible_become: no
- name: Create hdd data directory
file:
state: directory
path: "{{ global_hdd_directory }}"
owner: root
group: root
mode: u=rwx,g=rx,o=rx
when:
- global_hdd_directory is defined
- name: Create scripts directories
file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: "u=rwx,g=rx,o="
loop:
- "{{ backup_scripts_directory }}"
- "{{ backup_files_scripts_directory }}"
- "{{ backup_mysql_database_scripts_directory }}"
- "{{ update_scripts_directory }}"
- name: Configure hdd dir for backups
import_role:
name: misc/hdd_dir
vars:
use_hdd_directory: "{{ global_hdd_directory is defined }}"
hdd_source_dir: "{{ backups_directory }}"
hdd_directory_name: backups
tags:
- backups
- backups_hdd_dir
- name: Create backups directories
file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: "u=rwx,g=rx,o=rx"
loop:
- "{{ backups_directory }}"
- "{{ backups_files_directory }}"
- "{{ backups_mysql_database_directory }}"
tags:
- backups
- name: Flush handlers for role
meta: flush_handlers
Reference in New Issue View Git Blame Copy Permalink