common: handle proxmox differently, install acpi, fix network interface

names
2019-10-07 15:35:54 +02:00 · 2019-10-07 15:35:54 +02:00 · 64663f74d3
commit 64663f74d3
parent 2297707bed
3 changed files with 96 additions and 37 deletions
--- a/roles/common/tasks/Debian.yml
+++ b/roles/common/tasks/Debian.yml
@ -0,0 +1,55 @@
 ---
 - name: Install misc software
  apt: name={{ item }}
  with_items:
  - dnsutils
  - git
  - htop
  - less
  - net-tools
  - openssl
  - psmisc
  - pydf
  - rsync
  - sudo
  - vim-nox
  - zsh
  - fail2ban
 - name: Install software on KVM VMs
  apt: name={{ item }}
  with_items:
  - acpid
  - qemu-guest-agent
  when: ansible_virtualization_role == "guest" and ansible_virtualization_type == "kvm"
 - name: Configure misc software
  copy: src={{ item.src }} dest={{ item.dest }}
  with_items:
  - { src: '.zshrc', dest: '/root/.zshrc' }
  - { src: '.zshrc.local', dest: '/root/.zshrc.local' }
  - { src: 'motd', dest: '/etc/motd' }
  - { src: 'vimrc.local', dest: '/etc/vim/vimrc.local' }
 - name: Set shell for root user
  user: name=root shell=/bin/zsh
 - name: Disable hibernation/resume
  copy: src=resume dest=/etc/initramfs-tools/conf.d/resume
  notify: update-initramfs
 # TODO template /etc/network/interfaces
 - name: Fix network interface names
  copy: src={{ item }} dest=/etc/systemd/network/{{ item }}
  with_items:
  - 50-virtio-kernel-names.link
  - 99-default.link
  notify: update-initramfs
 - name: Prevent normal users from running su
  lineinfile:
    path: /etc/pam.d/su
    regexp: '^.*auth\s+required\s+pam_wheel.so$'
    line: 'auth       required   pam_wheel.so'
--- a/roles/common/tasks/Proxmox.yml
+++ b/roles/common/tasks/Proxmox.yml
@ -0,0 +1,25 @@
 ---
 - name: Install misc software
  apt: name={{ item }}
  with_items:
  - dnsutils
  - htop
  - less
  - rsync
  - vim-nox
  - zsh
 - name: Configure misc software
  copy: src={{ item.src }} dest={{ item.dest }}
  with_items:
  - { src: '.zshrc', dest: '/root/.zshrc' }
  - { src: '.zshrc.local', dest: '/root/.zshrc.local' }
  - { src: 'motd', dest: '/etc/motd' }
  - { src: 'vimrc.local', dest: '/etc/vim/vimrc.local' }
 - name: Set shell for root user
  user: name=root shell=/bin/zsh
 - name: Set vm.swappiness
  sysctl: name=vm.swappiness value=10
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@ -1,43 +1,22 @@
 ---
- name: Install misc software
+- name: Cleanup
-  apt: name={{ item }}
+  apt: autoclean=yes
-  with_items:
+  when: ansible_os_family == 'Debian'
  - dnsutils
  - git
  - htop
  - less
  - net-tools
  - openssl
  - psmisc
  - pydf
  - rsync
  - sudo
  - vim-nox
  - zsh
  - fail2ban
- name: Install qemu-agent on KVM VMs
+- name: Gather package facts
-  apt: name=qemu-guest-agent
+  package_facts:
-  when: ansible_virtualization_role == "guest" and ansible_virtualization_type == "kvm"
+    manager: apt
  when: ansible_os_family == 'Debian'
- name: Configure misc software
+- name: Proxmox
-  copy: src={{ item.src }} dest={{ item.dest }}
+  include: Proxmox.yml
-  with_items:
+  when: ansible_os_family == 'Debian' and 'pve-manager' in ansible_facts.packages
  - { src: '.zshrc', dest: '/root/.zshrc' }
  - { src: '.zshrc.local', dest: '/root/.zshrc.local' }
  - { src: 'motd', dest: '/etc/motd' }
  - { src: 'vimrc.local', dest: '/etc/vim/vimrc.local' }
- name: Set shell for root user
+- name: Debian
-  user: name=root shell=/bin/zsh
+  include: Debian.yml
  when: ansible_os_family == 'Debian' and 'pve-manager' not in ansible_facts.packages
- name: Disable hibernation/resume
+- name: FreeBSD
-  copy: src=resume dest=/etc/initramfs-tools/conf.d/resume
+  include: FreeBSD.yml
-  notify: update-initramfs
+  when: ansible_distribution == 'FreeBSD'
 - name: Prevent normal users from running su
  lineinfile:
    path: /etc/pam.d/su
    regexp: '^.*auth\s+required\s+pam_wheel.so$'
    line: 'auth       required   pam_wheel.so'