thomas
/
sovereign
关注 1
点赞 0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
暂无描述
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
493 提交
1 分支
目录树: d1e4340a78
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 'd1e4340a78'
${ noResults }
sovereign/roles/common/tasks/main.yml

main.yml 2.2KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. ---

  2. # Defines tasks applicable across all machines in the infrastructure.

  3. - name: Set up closest mirror autoselect (ubuntu-only)

  4.   template: src=apt_sources.list.j2 dest=/etc/apt/sources.list

  5.   when: ansible_distribution == 'Ubuntu'

  6. 

  7. - name: Update apt cache

  8.   apt: update_cache=yes

  9. 

  10. - name: Upgrade all safe packages

  11.   apt: upgrade=safe

  12. 

  13. - name: Install necessities and nice-to-haves

  14.   apt: pkg={{ item }} state=installed

  15.   with_items:

  16.     - apache2

  17.     - apt-transport-https

  18.     - apticron

  19.     - build-essential

  20.     - debian-goodies

  21.     - git

  22.     - htop

  23.     - iftop

  24.     - iotop

  25.     - mosh

  26.     - python-software-properties

  27.     - ruby1.9.3

  28.     - screen

  29.     - sudo

  30.     - update-notifier-common

  31.     - vim

  32.     - zsh

  33. 

  34. - name: Install unattended upgrades (Debian/Ubuntu only)

  35.   apt: pkg=unattended-upgrades state=installed

  36.   when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'

  37. 

  38. - name: Apticron email configuration

  39.   template: src=apticron.conf.j2 dest=/etc/apticron/apticron.conf

  40. 

  41. - name: Disable default Apache site

  42.   command: a2dissite 000-default removes=/etc/apache2/sites-enabled/000-default

  43.   notify: restart apache

  44. 

  45. - name: Enable Apache headers module

  46.   command: a2enmod headers creates=/etc/apache2/mods-enabled/headers.load

  47.   notify: restart apache

  48. 

  49. - name: Set ServerName for Apache

  50.   template: src=fqdn.j2 dest=/etc/apache2/conf.d/fqdn

  51.   notify: restart apache

  52.   when: ansible_distribution_release != 'trusty'

  53. 

  54. - name: Create ServerName configuration file for Apache for Ubuntu Trusty

  55.   template: src=fqdn.j2 dest=/etc/apache2/conf-available/fqdn.conf

  56.   when: ansible_distribution_release == 'trusty'

  57. 

  58. - name: Set ServerName for Apache for Ubuntu Trusty

  59.   command: a2enconf fqdn creates=/etc/apache2/conf-enabled/fqdn.conf

  60.   notify: restart apache

  61.   when: ansible_distribution_release == 'trusty'

  62. 

  63. - include: encfs.yml tags=encfs

  64. - include: users.yml tags=users

  65. - include: ssl.yml tags=ssl

  66. - include: ufw.yml tags=ufw

  67. - include: security.yml tags=security

  68. - include: ntp.yml tags=ntp

  69. - include: google_auth.yml tags=google_auth

  70.   when: ansible_distribution_release != 'trusty'

  71. - include: google_auth_mod.yml tags=google_auth

  72.   when: ansible_distribution_release == 'trusty'