initial commit

2016-03-05 16:30:21 +01:00
parent 879fdc14b4
commit acc8f15e9e
18 changed files with 679 additions and 0 deletions
--- a/tasks/apt.yml
+++ b/tasks/apt.yml
@@ -0,0 +1,25 @@
+---
+- name: apt - add apt keys
+  apt_key: id="{{ item.id }}" url="{{ item.url }}" file="{{ item.file }}" state="{{ item.state }}"
+  tags: ['common', 'apt']
+  with_items: "{{ common_apt_keys }}"
+
+- name: apt - add repositories
+  apt_repository: repo="{{ item }}" update_cache=yes
+  with_items: "{{ common_apt_repositories }}"
+  tags: ['common', 'apt']
+
+- name: apt - remove /etc/apt/sources.list
+  file: path=/etc/apt/sources.list state=absent
+  notify: apt-get update
+  tags: ['common', 'apt'] 
+
+- name: install basic tools
+  apt: pkg="{{ item }}" cache_valid_time=3600 update_cache=yes
+  with_items: "{{ common_basic_packages }}"
+  tags: common
+
+#- name: apt - upgrade system
+#  apt: upgrade="{{ common_apt_upgrade_policy }}"
+#  when: common_apt_upgrade_policy
+#  tags: ['common', 'apt']
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -0,0 +1,35 @@
+---
+
+- include: resolvconf.yml
+- include: apt.yml
+
+- name: set vim as default editor
+  alternatives: name=editor path=/usr/bin/vim.basic
+  when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
+  tags: common
+
+- name: copy some custom script
+  copy: dest="{{ item.dest }}" src="{{ item.src }}" owner=root group=root mode=0755
+  with_items: "{{ common_scripts }}"
+  tags: common
+
+- name: /etc/mailname
+  copy: dest=/etc/mailname content="{{ common_mailname }}\n" owner=root group=root mode=0644
+  notify: restart mailer
+  when: common_mailer != False
+  tags: common
+
+- name: /etc/aliases
+  template: dest=/etc/aliases src=aliases.j2 owner=root group=root mode=0644
+  notify:
+    - newaliases
+    - restart mailer
+  when: common_mailer != False
+  tags: common
+
+- include: ntp.yml
+- include: openssh.yml
+- include: rsyslog.yml
+
+- include: "{{ common_mailer }}.yml"
+  when: common_mailer != False
--- a/tasks/ntp.yml
+++ b/tasks/ntp.yml
@@ -0,0 +1,11 @@
+---
+
+- name: ntp - install
+  apt: name=ntp
+  when: ansible_virtualization_type != 'lxc' or ansible_virtualization_role == 'host'
+  tags: ['common', 'ntp']
+
+- name: ntp - run and enable
+  service: name=ntp state=started enabled=yes
+  when: ansible_virtualization_type != 'lxc' or ansible_virtualization_role == 'host'
+  tags: ['common', 'ntp'] 
--- a/tasks/openssh.yml
+++ b/tasks/openssh.yml
@@ -0,0 +1,20 @@
+---
+
+- name: openssh - install
+  apt: name=openssh-server
+  tags: ['common', 'openssh']
+
+- name: openssh - start and enable
+  service: name=ssh state=running enabled=yes
+  tags: ['common', 'openssh']
+
+- name: openssh - config
+  template: dest=/etc/ssh/sshd_config src=sshd_config.j2 owner=root group=root mode=0600
+  notify: reload openssh
+  tags: ['common', 'openssh']
+
+- name: openssh - root keys
+  authorized_key: user="root" key="{{ item }}"
+  with_items: "{{ common_openssh_keys_root }}"
+  when: common_openssh_keys_root
+  tags: ['common', 'openssh', 'ssh-keys']
--- a/tasks/postfix.yml
+++ b/tasks/postfix.yml
@@ -0,0 +1,13 @@
+---
+
+- name: install postfix
+  apt: name="postfix" state=present
+  tags: ['common', 'postfix']
+
+- name: postfix config
+  template: dest="/etc/postfix/{{ item }}" src="postfix/{{ item }}.j2" owner=root group=root mode=0644
+  with_items:
+    - main.cf
+    - master.cf
+  notify: restart mailer
+  tags: ['common', 'postfix']
--- a/tasks/resolvconf.yml
+++ b/tasks/resolvconf.yml
@@ -0,0 +1,16 @@
+---
+
+- name: resolvconf - install
+  apt: name=resolvconf state=present
+  tags: ['common', 'resolvconf'] 
+
+- name: resolvconf - tail file
+  template: dest=/etc/resolvconf/resolv.conf.d/tail src=resolvconf_tail.j2 owner=root group=root mode=0644
+  when: common_resolvconf_nameservers
+  notify: restart resolvconf
+  tags: ['common', 'resolvconf'] 
+
+- name: resolvconf - start and enable
+  service: name=resolvconf state=started enabled=yes
+  tags: ['common', 'resolvconf'] 
+
--- a/tasks/rsyslog.yml
+++ b/tasks/rsyslog.yml
@@ -0,0 +1,25 @@
+---
+
+- name: rsyslog - install
+  apt: name=rsyslog
+  tags: ['common', 'rsyslog']
+
+- name: rsyslog - rsyslog.conf
+  template: dest=/etc/rsyslog.conf src=rsyslog.conf.j2 owner=root group=root mode=0644
+  notify: restart rsyslog
+  tags: ['common', 'rsyslog']
+
+- name: rsyslog - rsyslog.d
+  file: path=/etc/rsyslog.d state=directory owner=root group=root mode=0755
+  notify: restart rsyslog
+  tags: ['common', 'rsyslog']
+
+- name: rsyslog - syslog forwarding client.conf
+  template: dest=/etc/rsyslog.d/forwards.conf src=rsyslog_forwards.conf.j2 owner=root group=root mode=0644
+  when: common_rsyslog_forwards
+  notify: restart rsyslog
+  tags: ['common', 'rsyslog']
+
+- name: rsyslog - start and enable
+  service: name=rsyslog state=started enabled=yes
+  tags: ['common', 'rsyslog']