12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 |
- ---
- - name: Update apt cache
- apt: update_cache=yes
- tags:
- - dependencies
-
- - name: Upgrade all safe packages
- apt: upgrade=safe
- tags:
- - dependencies
-
- - name: Install necessities and nice-to-haves
- apt: pkg={{ item }} state=installed
- with_items:
- - apache2
- - apt-transport-https
- - apticron
- - build-essential
- - debian-goodies
- - git
- - htop
- - iftop
- - iotop
- - molly-guard
- - mosh
- - python-software-properties
- - ruby
- - screen
- - sudo
- - unattended-upgrades
- - vim
- - zsh
- tags:
- - dependencies
-
- - name: timezone - configure /etc/timezone
- copy:
- content: "{{ common_timezone | regex_replace('$', '\n') }}"
- dest: /etc/timezone
- owner: root
- group: root
- mode: 0644
- register: common_timezone_config
-
- - name: timezone - Set localtime to UTC
- file: src=/usr/share/zoneinfo/Etc/UTC dest=/etc/localtime
- when: common_timezone_config.changed
-
- - name: timezone - reconfigure tzdata
- command: dpkg-reconfigure --frontend noninteractive tzdata
- when: common_timezone_config.changed
-
- - name: Apticron email configuration
- template: src=apticron.conf.j2 dest=/etc/apticron/apticron.conf
-
- - name: Create decrypted directory (even if encfs isn't used)
- file: state=directory path=/decrypted
-
- - name: Set decrypted directory permissions
- file: state=directory path=/decrypted group=mail mode=0775
-
- - include: encfs.yml tags=encfs
- - include: users.yml tags=users
- - include: apache.yml tags=apache
- - include: ssl.yml tags=ssl
- - include: letsencrypt.yml tags=letsencrypt
- - include: ufw.yml tags=ufw
- - include: security.yml tags=security
- - include: ntp.yml tags=ntp
- - include: google_auth.yml tags=google_auth
|