123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 |
- ---
- # Defines tasks applicable across all machines in the infrastructure.
-
- - name: Update apt cache
- apt: update_cache=yes
-
- - name: Upgrade all safe packages
- apt: upgrade=safe
-
- - name: Install necessities and nice-to-haves
- apt: pkg={{ item }} state=installed
- with_items:
- - sudo
- - vim
- - htop
- - iftop
- - iotop
- - mosh
- - zsh
- - git
- - ruby1.9.3
- - screen
- - apache2
- - build-essential
- - apticron
- - update-notifier-common
- - debian-goodies
- - apt-transport-https
- - python-software-properties
-
- - name: Install unattended upgrades (Debian/Ubuntu only)
- apt: pkg=unattended-upgrades state=installed
- when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
-
- - name: Apticron email configuration
- template: src=apticron.conf.j2 dest=/etc/apticron/apticron.conf
-
- - name: Disable default Apache site
- command: a2dissite 000-default removes=/etc/apache2/sites-enabled/000-default
- notify: restart apache
-
- - name: Enable Apache headers module
- command: a2enmod headers creates=/etc/apache2/mods-enabled/headers.load
- notify: restart apache
-
- - name: Set ServerName for Apache
- template: src=fqdn.j2 dest=/etc/apache2/conf.d/fqdn
- notify: restart apache
- when: ansible_distribution_release != 'trusty'
-
- - name: Create ServerName configuration file for Apache for Ubuntu Trusty
- template: src=fqdn.j2 dest=/etc/apache2/conf-available/fqdn.conf
- when: ansible_distribution_release == 'trusty'
-
- - name: Set ServerName for Apache for Ubuntu Trusty
- command: a2enconf fqdn creates=/etc/apache2/conf-enabled/fqdn.conf
- notify: restart apache
- when: ansible_distribution_release == 'trusty'
-
- - include: encfs.yml tags=encfs
- - include: users.yml tags=users
- - include: ssl.yml tags=ssl
- - include: ufw.yml tags=ufw
- - include: security.yml tags=security
- - include: ntp.yml tags=ntp
- - include: google_auth.yml tags=google_auth
- when: ansible_distribution_release != 'trusty'
- - include: google_auth_mod.yml tags=google_auth
- when: ansible_distribution_release == 'trusty'
|