2015-12-13 18:54:49 +01:00
|
|
|
---
|
|
|
|
|
|
|
|
- name: Install snmpd
|
2017-07-02 22:17:32 +02:00
|
|
|
apt: name=snmpd
|
2017-10-02 12:14:50 +02:00
|
|
|
|
|
|
|
- name: Create snmpd service override directory
|
|
|
|
file: path=/etc/systemd/system/snmpd.service.d state=directory
|
2015-12-13 18:54:49 +01:00
|
|
|
|
2017-02-17 11:12:12 +01:00
|
|
|
- name: Make snmpd less verbose
|
2017-10-02 12:14:50 +02:00
|
|
|
copy: src=snmpd dest=/etc/systemd/system/snmpd.service.d/local.conf
|
|
|
|
notify:
|
|
|
|
- Reload systemd
|
|
|
|
- Restart snmpd
|
2017-02-17 11:12:12 +01:00
|
|
|
|
2015-12-13 18:54:49 +01:00
|
|
|
- name: Configure snmpd
|
|
|
|
template: src=snmpd.conf.j2 dest=/etc/snmp/snmpd.conf
|
2016-02-15 19:17:28 +01:00
|
|
|
notify: Restart snmpd
|
2015-12-13 18:54:49 +01:00
|
|
|
|
|
|
|
- name: Start the snmpd service
|
|
|
|
service: name=snmpd state=started enabled=yes
|
|
|
|
|
|
|
|
- name: Install misc software
|
2017-07-02 22:17:32 +02:00
|
|
|
apt: name={{ item }}
|
2015-12-13 18:54:49 +01:00
|
|
|
with_items:
|
2016-02-01 21:01:52 +01:00
|
|
|
- dnsutils
|
2015-12-13 18:54:49 +01:00
|
|
|
- htop
|
2017-10-02 12:15:17 +02:00
|
|
|
- less
|
2018-01-10 12:28:20 +01:00
|
|
|
- net-tools
|
2016-03-24 11:43:40 +01:00
|
|
|
- openssl
|
2018-01-14 19:06:25 +01:00
|
|
|
- psmisc
|
2015-12-13 18:54:49 +01:00
|
|
|
- pydf
|
2016-04-08 09:12:19 +02:00
|
|
|
- rsync
|
2016-02-15 21:04:37 +01:00
|
|
|
- sudo
|
2015-12-13 18:54:49 +01:00
|
|
|
- vim-nox
|
|
|
|
- zsh
|
|
|
|
|
2018-05-02 12:11:31 +02:00
|
|
|
- name: Install qemu-agent on KVM VMs
|
2018-05-01 11:47:57 +02:00
|
|
|
apt: name=qemu-guest-agent
|
2018-05-02 12:11:31 +02:00
|
|
|
when: ansible_virtualization_role == "guest" and ansible_virtualization_type == "kvm"
|
2018-05-01 11:47:57 +02:00
|
|
|
|
2015-12-13 18:54:49 +01:00
|
|
|
- name: Configure misc software
|
|
|
|
copy: src={{ item.src }} dest={{ item.dest }}
|
|
|
|
with_items:
|
|
|
|
- { src: '.zshrc', dest: '/root/.zshrc' }
|
|
|
|
- { src: '.zshrc.local', dest: '/root/.zshrc.local' }
|
2016-03-04 13:02:55 +01:00
|
|
|
- { src: 'motd', dest: '/etc/motd' }
|
2016-02-23 15:01:34 +01:00
|
|
|
- { src: 'prompt_gentoo_setup', dest: '/usr/share/zsh/functions/Prompts/prompt_gentoo_setup' }
|
2017-09-20 13:24:30 +02:00
|
|
|
- { src: 'vimrc.local', dest: '/etc/vim/vimrc.local' }
|
2015-12-13 18:54:49 +01:00
|
|
|
|
|
|
|
- name: Set shell for root user
|
|
|
|
user: name=root shell=/bin/zsh
|
2016-03-03 08:09:26 +01:00
|
|
|
|
2016-03-24 11:43:40 +01:00
|
|
|
- name: Create LDAP certificate directory
|
|
|
|
file: path=/etc/ldap/ssl state=directory
|
|
|
|
|
2016-04-06 09:50:00 +02:00
|
|
|
- name: Create LDAP client config
|
|
|
|
template: src=ldap.conf.j2 dest=/etc/ldap/ldap.conf mode=0644
|
|
|
|
|
2016-03-03 08:09:26 +01:00
|
|
|
- name: Copy LDAP certificate
|
2016-03-24 11:43:40 +01:00
|
|
|
copy: src=BKCA.crt dest=/etc/ldap/ssl/BKCA.crt mode=0444
|
2017-07-03 09:48:25 +02:00
|
|
|
|
|
|
|
- name: Disable hibernation/resume
|
|
|
|
copy: src=resume dest=/etc/initramfs-tools/conf.d/resume
|
|
|
|
notify: update-initramfs
|
2018-06-13 14:43:13 +02:00
|
|
|
|
2018-06-27 20:04:45 +02:00
|
|
|
# TODO template /etc/network/interfaces
|
|
|
|
|
|
|
|
- name: Fix network interface names
|
|
|
|
copy: src={{ item }} dest=/etc/systemd/network/{{ item }}
|
|
|
|
with_items:
|
|
|
|
- 50-virtio-kernel-names.link
|
|
|
|
- 99-default.link
|
|
|
|
notify: update-initramfs
|
|
|
|
|
2018-06-13 14:43:13 +02:00
|
|
|
- name: Prevent normal users from running su
|
|
|
|
lineinfile:
|
|
|
|
path: /etc/pam.d/su
|
2018-07-17 13:26:45 +02:00
|
|
|
regexp: '^.*auth\s+required\s+pam_wheel.so$'
|
2018-06-13 14:43:13 +02:00
|
|
|
line: 'auth required pam_wheel.so'
|