335 lines
7.1 KiB
YAML
335 lines
7.1 KiB
YAML
---
|
|
- name: /tmp bind mount in fstab
|
|
lineinfile:
|
|
dest: /etc/fstab
|
|
line: '/var/tmp /tmp none bind 0 0'
|
|
register: fstab_tmp
|
|
|
|
- name: mount /tmp
|
|
shell: 'mv /tmp/ /old-tmp; mkdir /tmp; mount /tmp; mv /old-tmp /tmp'
|
|
when: fstab_tmp.changed
|
|
|
|
- name: apt.conf proxy
|
|
lineinfile:
|
|
dest: /etc/apt/apt.conf
|
|
regexp: '^Acquire::http::Proxy'
|
|
line: 'Acquire::http::Proxy "{{ aptproxy }}";'
|
|
create: yes
|
|
when:
|
|
- aptproxy is defined
|
|
|
|
- name: remove nano
|
|
tags: apt
|
|
apt:
|
|
name: nano
|
|
state: absent
|
|
purge: yes
|
|
|
|
- name: apt sources.list jessie
|
|
tags: apt
|
|
copy:
|
|
src: sources.list.jessie
|
|
dest: /etc/apt/sources.list
|
|
when:
|
|
- ansible_distribution_major_version == "8"
|
|
|
|
- name: apt sources.list stretch
|
|
tags: apt
|
|
copy:
|
|
src: sources.list.stretch
|
|
dest: /etc/apt/sources.list
|
|
when:
|
|
- ansible_distribution_major_version == "9"
|
|
|
|
- name: apt sources.list buster
|
|
tags: apt
|
|
copy:
|
|
src: sources.list.buster
|
|
dest: /etc/apt/sources.list
|
|
when:
|
|
- ansible_distribution_major_version == "10"
|
|
|
|
- name: apt sources.list bullseye
|
|
tags: apt
|
|
copy:
|
|
src: sources.list.bullseye
|
|
dest: /etc/apt/sources.list
|
|
when:
|
|
- ansible_distribution_major_version == "11"
|
|
|
|
- name: apt.conf allow unauthenticated jessie
|
|
tags: apt
|
|
lineinfile:
|
|
dest: /etc/apt/apt.conf
|
|
regexp: '^APT::Get::AllowUnauthenticated'
|
|
line: 'APT::Get::AllowUnauthenticated "1";'
|
|
create: yes
|
|
when:
|
|
- ansible_distribution_major_version == "8"
|
|
|
|
- name: apt.conf allow expired jessie
|
|
tags: apt
|
|
lineinfile:
|
|
dest: /etc/apt/apt.conf
|
|
regexp: '^Acquire::Check-Valid-Until'
|
|
line: 'Acquire::Check-Valid-Until "0";'
|
|
create: yes
|
|
when:
|
|
- ansible_distribution_major_version == "8"
|
|
|
|
- name: apt update
|
|
tags: apt
|
|
apt:
|
|
update_cache: yes
|
|
|
|
- name: install packages
|
|
tags: apt
|
|
apt:
|
|
name: aptitude
|
|
state: present
|
|
|
|
- name: apt full-upgrade
|
|
tags: apt
|
|
apt:
|
|
upgrade: full
|
|
|
|
- name: install packages
|
|
tags: apt
|
|
apt:
|
|
name: "{{ item }}"
|
|
state: present
|
|
with_items:
|
|
- bind9-host
|
|
- bzip2
|
|
- curl
|
|
#- dnsutils
|
|
#- bind9-dnsutils
|
|
- bind9utils
|
|
- file
|
|
- git
|
|
#- heirloom-mailx
|
|
- bsd-mailx
|
|
- iotop
|
|
- libpam-systemd
|
|
- locales
|
|
- lsof
|
|
- make
|
|
- mc
|
|
- mlocate
|
|
- mtr-tiny
|
|
- ngrep
|
|
- ntp
|
|
- ntpdate
|
|
- openssl
|
|
- parted
|
|
- patch
|
|
- postfix
|
|
- psmisc
|
|
- pwgen
|
|
- rename
|
|
- rsync
|
|
- screen
|
|
- strace
|
|
- subversion
|
|
- sysstat
|
|
- tcpdump
|
|
- telnet
|
|
- unzip
|
|
- vim
|
|
- w3m
|
|
- xz-utils
|
|
- zip
|
|
- libfile-slurp-perl
|
|
- libjson-perl
|
|
- net-tools
|
|
- man
|
|
|
|
- name: open-vm-tools
|
|
apt:
|
|
name: open-vm-tools
|
|
state: present
|
|
purge: yes
|
|
tags:
|
|
- vmware
|
|
- apt
|
|
|
|
- name: remove install user
|
|
user:
|
|
name: install
|
|
state: absent
|
|
force: yes
|
|
|
|
- name: remove install user's home directory
|
|
file:
|
|
path: /home/install
|
|
state: absent
|
|
|
|
- name: "remove our key from root's authorized_keys"
|
|
authorized_key:
|
|
user: root
|
|
state: absent
|
|
key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDWZi5nTI6zo3+cgGx5l163pEQXJ3aUyerqbHfQl9p8aB2bbe+vQl+Uc2Vrv8fvytAZizjPIIYdW5RqFAXrbNP+OpyFAONNZpX0omB8HLoHzOnmWpaCjMZp9XAdvWPknWFWWkwR5G5rbP5+dKeREzl4cAvW4GauEjaK4kUJF3K2HumVF6U3bzyDwnI+7h0zEbHddSOwAP1Opzla+WSdF+ZsiMdcVZE/mFxzd8sv1ZoO36sVZ1vItEAcols4qEAfwW8Gk/UjXI1XFRD1UrksAUxAc4ypu5oBVWtjMa429ZrCRbH2iU+TPbuUSXHJQMgTqsUgHrS9XkuS3EdbPA/aDMD1jhoYz2zyfAoCGdEBOuATlaoCOpOeSc9XIsasdVNwvtX2LCTlQe+LLOQzKiLaHEr/QmnLs8es8b68wtDlFIA2QAXYIfs8l+gBv3t3BIw7VPbMe8nb6hbTHFObDlVCyvXO2/6ZkOfRMgswFsQnGAqciowPxsjVer+I5hEBCMHgb6pxcUECxcxsc9P/w/z9LxGts9Ozyq55jzWMwvnFdarkzpMfWtt3QX7XG5B8OD4ghuMkX60GgvT7v1E7yTI/JtwXrsAc6jl1Qo4+TDdEYuBXe/LqyQzQ7GD1OoGRHIKCWyAQ9JiHcbUYX9p+vafXf0l1jelSg3O+cU+q+oZdGP178w== root@kavics'
|
|
|
|
- name: copy pf6 package
|
|
tags: pf6
|
|
copy:
|
|
src: pf6_1_all.deb
|
|
dest: /tmp
|
|
|
|
- name: install pf6 package
|
|
tags: pf6
|
|
apt:
|
|
deb: /tmp/pf6_1_all.deb
|
|
|
|
- name: sysstat enable
|
|
tags: sysstat
|
|
lineinfile:
|
|
dest: /etc/default/sysstat
|
|
regexp: "^ENABLED="
|
|
line: 'ENABLED="true"'
|
|
|
|
- name: sysstat every minute
|
|
tags: sysstat
|
|
patch:
|
|
src: sysstat_minutely.patch
|
|
dest: /etc/cron.d/sysstat
|
|
|
|
- name: grub defaults, jessie
|
|
tags: grub
|
|
patch:
|
|
src: default_grub.patch.jessie
|
|
dest: /etc/default/grub
|
|
when:
|
|
- ansible_distribution_major_version == "8"
|
|
|
|
- name: grub defaults, stretch+
|
|
tags: grub
|
|
patch:
|
|
src: default_grub.patch.stretch
|
|
dest: /etc/default/grub
|
|
when:
|
|
- ansible_distribution_major_version|int() >= 9
|
|
|
|
- name: update-grub
|
|
tags: grub
|
|
command: update-grub
|
|
|
|
- name: edit locale.gen
|
|
tags: locales
|
|
replace:
|
|
dest: /etc/locale.gen
|
|
regexp: '^#\s*(hu_HU|en_US)'
|
|
replace: '\1'
|
|
|
|
- name: run locale-gen
|
|
tags: locales
|
|
command: locale-gen
|
|
|
|
#- name: ntp.conf jessie
|
|
# tags: ntp
|
|
# patch:
|
|
# src: ntp.conf.patch.jessie
|
|
# dest: /etc/ntp.conf
|
|
# when:
|
|
# - ansible_distribution_major_version == "8"
|
|
#
|
|
#- name: ntp.conf stretch
|
|
# tags: ntp
|
|
# patch:
|
|
# src: ntp.conf.patch.stretch
|
|
# dest: /etc/ntp.conf
|
|
# when:
|
|
# - ansible_distribution_major_version|int() >= 9
|
|
|
|
- name: ntp.conf remove factory ntp servers
|
|
tags: ntp
|
|
lineinfile:
|
|
dest: /etc/ntp.conf
|
|
regexp: '^(pool|server)\s'
|
|
state: absent
|
|
|
|
- name: ntp.conf set ntp server
|
|
tags: ntp
|
|
lineinfile:
|
|
dest: /etc/ntp.conf
|
|
regexp: '^(pool|server)\s'
|
|
line: "server {{ ntp }} iburst"
|
|
insertafter: '^# pool:'
|
|
|
|
- name: ntp.conf stretch+ remove limited
|
|
tags: ntp
|
|
replace:
|
|
path: /etc/ntp.conf
|
|
regexp: "noquery limited"
|
|
replace: "noquery"
|
|
when:
|
|
- ansible_distribution_major_version|int() >= 9
|
|
|
|
|
|
- name: postfix master.cf jessie
|
|
tags: postfix
|
|
patch:
|
|
src: postfix_master.cf.patch.jessie
|
|
dest: /etc/postfix/master.cf
|
|
when:
|
|
- ansible_distribution_major_version == "8"
|
|
|
|
- name: postfix master.cf stretch-buster
|
|
tags: postfix
|
|
patch:
|
|
src: postfix_master.cf.patch.stretch
|
|
dest: /etc/postfix/master.cf
|
|
when:
|
|
- (ansible_distribution_major_version|int() == 9) or
|
|
(ansible_distribution_major_version|int() == 10)
|
|
|
|
- name: postfix master.cf bullseye
|
|
tags: postfix
|
|
patch:
|
|
src: postfix_master.cf.patch.bullseye
|
|
dest: /etc/postfix/master.cf
|
|
when:
|
|
- ansible_distribution_major_version|int() == 11
|
|
|
|
- name: postfix relay
|
|
tags: postfix
|
|
lineinfile:
|
|
dest: /etc/postfix/main.cf
|
|
regexp: '^relayhost\s'
|
|
line: "relayhost = mail-out.i.hwstudio.hu"
|
|
|
|
- name: pvresize /dev/sdb
|
|
tags:
|
|
- lvm
|
|
- vmware
|
|
command: 'pvresize /dev/sdb'
|
|
|
|
- name: /data in fstab
|
|
tags: lvm
|
|
lineinfile:
|
|
dest: /etc/fstab
|
|
line: '/dev/mapper/vg00-data /data ext4 defaults 0 2'
|
|
register: fstab_data
|
|
|
|
- name: create /dev/vg00/data
|
|
tags: lvm
|
|
lvol:
|
|
vg: vg00
|
|
lv: data
|
|
size: "{{ datasize | default('50%FREE') }}"
|
|
when: fstab_data.changed
|
|
|
|
- name: ext4 filesystem on /dev/vg00/data
|
|
tags: lvm
|
|
filesystem:
|
|
dev: /dev/vg00/data
|
|
fstype: ext4
|
|
when: fstab_data.changed
|
|
|
|
- name: mount /data
|
|
tags: lvm
|
|
shell: 'mkdir -p /data && mount /data'
|
|
when: fstab_data.changed
|
|
|
|
# vim: set tabstop=2 shiftwidth=2 expandtab smarttab:
|