| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 |
- ---
- # Defines tasks applicable across all machines in the infrastructure.
-
- - name: Update apt cache
- apt: update_cache=yes
-
- - name: Upgrade all safe packages
- apt: upgrade=safe
-
- - name: Install necessities and nice-to-haves
- apt: pkg={{ item }} state=installed
- with_items:
- - sudo
- - vim
- - htop
- - iftop
- - iotop
- - mosh
- - zsh
- - git
- - ruby1.9.3
- - screen
- - apache2
- - build-essential
- - apticron
- - update-notifier-common
- - debian-goodies
- - apt-transport-https
- - python-software-properties
-
- - name: Install unattended upgrades (Debian/Ubuntu only)
- apt: pkg=unattended-upgrades state=installed
- when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
-
- - name: Install ntp
- apt: pkg=ntp state=installed
-
- - name: Configure ntp
- template: src=ntp.conf.j2 dest=/etc/ntp.conf
- notify:
- - restart ntp
-
- - name: Apticron email configuration
- template: src=apticron.conf.j2 dest=/etc/apticron/apticron.conf
-
- - name: Ensure ntpd is running and enabled
- service: name=ntp state=started enabled=yes
-
- - name: Disable default Apache site
- command: a2dissite 000-default removes=/etc/apache2/sites-enabled/000-default
- notify: restart apache
-
- - name: Enable Apache headers module
- command: a2enmod headers creates=/etc/apache2/mods-enabled/headers.load
- notify: restart apache
-
- - include: encfs.yml tags=encfs
- - include: users.yml tags=users
- - include: ssl.yml tags=ssl
- - include: ufw.yml tags=ufw
- - include: security.yml tags=security
|
