1
0
forked from infra/ansible
infra/roles/common/tasks/Debian.yml

80 lines
2.0 KiB
YAML
Raw Normal View History

2015-12-13 18:54:49 +01:00
---
- name: Install snmpd
2017-07-02 22:17:32 +02:00
apt: name=snmpd
- name: Create snmpd service override directory
file: path=/etc/systemd/system/snmpd.service.d state=directory
2015-12-13 18:54:49 +01:00
2017-02-17 11:12:12 +01:00
- name: Make snmpd less verbose
copy: src=snmpd dest=/etc/systemd/system/snmpd.service.d/local.conf
notify:
- Reload systemd
- Restart snmpd
2017-02-17 11:12:12 +01:00
2015-12-13 18:54:49 +01:00
- name: Configure snmpd
template: src=snmpd.conf.j2 dest=/etc/snmp/snmpd.conf
2016-02-15 19:17:28 +01:00
notify: Restart snmpd
2015-12-13 18:54:49 +01:00
- name: Start the snmpd service
service: name=snmpd state=started enabled=yes
- name: Install misc software
2017-07-02 22:17:32 +02:00
apt: name={{ item }}
2015-12-13 18:54:49 +01:00
with_items:
2016-02-01 21:01:52 +01:00
- dnsutils
2015-12-13 18:54:49 +01:00
- htop
- less
- net-tools
- openssl
2018-01-14 19:06:25 +01:00
- psmisc
2015-12-13 18:54:49 +01:00
- pydf
2016-04-08 09:12:19 +02:00
- rsync
2016-02-15 21:04:37 +01:00
- sudo
2015-12-13 18:54:49 +01:00
- vim-nox
- zsh
- name: Install qemu-agent on KVM VMs
2018-05-01 11:47:57 +02:00
apt: name=qemu-guest-agent
when: ansible_virtualization_role == "guest" and ansible_virtualization_type == "kvm"
2018-05-01 11:47:57 +02:00
2015-12-13 18:54:49 +01:00
- name: Configure misc software
copy: src={{ item.src }} dest={{ item.dest }}
with_items:
- { src: '.zshrc', dest: '/root/.zshrc' }
- { src: '.zshrc.local', dest: '/root/.zshrc.local' }
2016-03-04 13:02:55 +01:00
- { src: 'motd', dest: '/etc/motd' }
2017-09-20 13:24:30 +02:00
- { src: 'vimrc.local', dest: '/etc/vim/vimrc.local' }
2015-12-13 18:54:49 +01:00
- name: Set shell for root user
user: name=root shell=/bin/zsh
2016-03-03 08:09:26 +01:00
- name: Create BKCA certificate directory
file: path=/usr/local/share/ca-certificates state=directory
- name: Copy BKCA certificate
copy: src=BKCA.crt dest=/usr/local/share/ca-certificates/BKCA.crt mode=0444
notify: update-ca-certificates
- name: Create LDAP client config
template: src=ldap.conf.j2 dest=/etc/ldap/ldap.conf mode=0644
- name: Disable hibernation/resume
copy: src=resume dest=/etc/initramfs-tools/conf.d/resume
notify: update-initramfs
# TODO template /etc/network/interfaces
- name: Fix network interface names
copy: src={{ item }} dest=/etc/systemd/network/{{ item }}
with_items:
- 50-virtio-kernel-names.link
- 99-default.link
notify: update-initramfs
- name: Prevent normal users from running su
lineinfile:
path: /etc/pam.d/su
2018-07-17 13:26:45 +02:00
regexp: '^.*auth\s+required\s+pam_wheel.so$'
line: 'auth required pam_wheel.so'