add tasks for creating swapfiles. move tasks from common/main to common/basics.

roles/common/defaults/main.yml

@@ -23,3 +23,10 @@ ntp_servers:
   - 1.pool.ntp.org
   - 2.pool.ntp.org
   - 3.pool.ntp.org
+
+# swap, size in mb, times count. defaults to 1GB.
+# using multiple swapfiles gives some flexibility
+# about resizing/adding/removing them in future.
+swap_file_size: 1024
+swap_file_count: 1
+swap_file_path: '/swapfile'

roles/common/tasks/basics.yml

@@ -0,0 +1,87 @@
+---
+
+- name: Set hostname
+  hostname: name="{{ server_hostname }}"
+
+- name: Replace /etc/hosts
+  template: src=etc_hosts.j2 dest=/etc/hosts
+
+- name: Update apt cache
+  apt: update_cache=yes
+  tags:
+    - dependencies
+
+- name: Upgrade all safe packages
+  apt: upgrade=safe
+  tags:
+    - dependencies
+
+- name: Install necessities and nice-to-haves
+  apt:
+    name: "{{ packages }}"
+    state: present
+  vars:
+    packages:
+    - acl
+    - apache2
+    - apt-listchanges
+    - apt-transport-https
+    - apticron
+    - build-essential
+    - debian-goodies
+    - git
+    - gnupg
+    - htop
+    - iftop
+    - iotop
+    - molly-guard
+    - mosh
+    - php
+    - php-pgsql
+    - php-gd
+    - python3-software-properties
+    - ruby
+    - screen
+    - sudo
+    - tmux
+    - unattended-upgrades
+    - vim
+    - zsh
+  tags:
+    - dependencies
+
+- name: timezone - configure /etc/timezone
+  copy:
+    content: "{{ common_timezone | regex_replace('$', '\n') }}"
+    dest: /etc/timezone
+    owner: root
+    group: root
+    mode: 0644
+  register: common_timezone_config
+
+- name: timezone - Set localtime to UTC
+  file: src=/usr/share/zoneinfo/Etc/UTC dest=/etc/localtime
+  when: common_timezone_config.changed
+
+- name: timezone - reconfigure tzdata
+  command: dpkg-reconfigure --frontend noninteractive tzdata
+  when: common_timezone_config.changed
+
+- name: Apticron email configuration
+  template: src=apticron.conf.j2 dest=/etc/apticron/apticron.conf
+
+- name: Create data directory
+  file: state=directory path=/data
+
+- name: Set data directory permissions
+  file: state=directory path=/data group=mail mode=0775
+
+- name: Ensure US English locale exists
+  locale_gen:
+    name: en_US.UTF-8
+    state: present
+
+- name: Ensure German locale exists
+  locale_gen:
+    name: de_DE.UTF-8
+    state: present

roles/common/tasks/main.yml

@@ -1,94 +1,10 @@
 ---
 
-- name: Set hostname
-  hostname: name="{{ server_hostname }}"
-
-- name: Replace /etc/hosts
-  template: src=etc_hosts.j2 dest=/etc/hosts
-
-- name: Update apt cache
-  apt: update_cache=yes
-  tags:
-    - dependencies
-
-- name: Upgrade all safe packages
-  apt: upgrade=safe
-  tags:
-    - dependencies
-
-- name: Install necessities and nice-to-haves
-  apt:
-    name: "{{ packages }}"
-    state: present
-  vars:
-    packages:
-    - acl
-    - apache2
-    - apt-listchanges
-    - apt-transport-https
-    - apticron
-    - build-essential
-    - debian-goodies
-    - git
-    - gnupg
-    - htop
-    - iftop
-    - iotop
-    - molly-guard
-    - mosh
-    - php
-    - php-pgsql
-    - php-gd
-    - python3-software-properties
-    - ruby
-    - screen
-    - sudo
-    - tmux
-    - unattended-upgrades
-    - vim
-    - zsh
-  tags:
-    - dependencies
-
-- name: timezone - configure /etc/timezone
-  copy:
-    content: "{{ common_timezone | regex_replace('$', '\n') }}"
-    dest: /etc/timezone
-    owner: root
-    group: root
-    mode: 0644
-  register: common_timezone_config
-
-- name: timezone - Set localtime to UTC
-  file: src=/usr/share/zoneinfo/Etc/UTC dest=/etc/localtime
-  when: common_timezone_config.changed
-
-- name: timezone - reconfigure tzdata
-  command: dpkg-reconfigure --frontend noninteractive tzdata
-  when: common_timezone_config.changed
-
-- name: Apticron email configuration
-  template: src=apticron.conf.j2 dest=/etc/apticron/apticron.conf
-
-- name: Create data directory
-  file: state=directory path=/data
-
-- name: Set data directory permissions
-  file: state=directory path=/data group=mail mode=0775
-
-- name: Ensure US English locale exists
-  locale_gen:
-    name: en_US.UTF-8
-    state: present
-
-- name: Ensure German locale exists
-  locale_gen:
-    name: de_DE.UTF-8
-    state: present
-
+- include: basics.yml tags=basics
 - include: users.yml tags=users
 - include: apache.yml tags=apache
 - include: ufw.yml tags=ufw
 - include: security.yml tags=security
 - include: ntp.yml tags=ntp
 - include: postgres.yml
+- include: swap.yml

roles/common/tasks/swap.yml

@@ -0,0 +1,39 @@
+---
+# adapted from https://stackoverflow.com/a/24765946
+
+- name: Create swap files
+  command: dd if=/dev/zero of={{ '%s%d' | format(swap_file_path, item) }} bs=1024 count={{ swap_file_size }}K
+           creates="{{ '%s%d' | format(swap_file_path, item) }}"
+  loop: "{{ range(1, swap_file_count + 1) }}"
+
+- name: Change swap file permissions
+  file: path="{{ '%s%d' | format(swap_file_path, item) }}"
+        owner=root
+        group=root
+        mode=0600
+  loop: "{{ range(1, swap_file_count + 1) }}"
+
+- name: Check swap file types
+  command: file {{ '%s%d' | format(swap_file_path, item) }}
+  register: swapfile
+  loop: "{{ range(1, swap_file_count + 1) }}"
+
+- name: Make swap files
+  command: "mkswap {{ '%s%d' | format(swap_file_path, item) }}"
+  become: true
+  when: swapfile.results[item - 1].stdout.find('swap file') == -1
+  loop: "{{ range(1, swap_file_count + 1) }}"
+
+- name: Write swap entries in fstab
+  mount: name=none
+         src={{ '%s%d' | format(swap_file_path, item) }}
+         fstype=swap
+         opts=sw
+         passno=0
+         dump=0
+         state=present
+  loop: "{{ range(1, swap_file_count + 1) }}"
+
+- name: Mount swap
+  command: "swapon --all"
+  become: true