tom/ansible
1
0
Fork 0
forked from infra/ansible
Code Issues Pull Requests Projects Releases Wiki Activity
c0070e042b
ansible/roles/common/tasks/Debian.yml

80 lines
2.0 KiB
YAML
Raw Blame History

---
- name: Install snmpd
apt: name=snmpd
- name: Create snmpd service override directory
file: path=/etc/systemd/system/snmpd.service.d state=directory
- name: Make snmpd less verbose
copy: src=snmpd dest=/etc/systemd/system/snmpd.service.d/local.conf
notify:
- Reload systemd
- Restart snmpd
- name: Configure snmpd
template: src=snmpd.conf.j2 dest=/etc/snmp/snmpd.conf
notify: Restart snmpd
- name: Start the snmpd service
service: name=snmpd state=started enabled=yes
- name: Install misc software
apt: name={{ item }}
with_items:
- dnsutils
- htop
- less
- net-tools
- openssl
- psmisc
- pydf
- rsync
- sudo
- vim-nox
- zsh
- name: Install qemu-agent on KVM VMs
apt: name=qemu-guest-agent
when: ansible_virtualization_role == "guest" and ansible_virtualization_type == "kvm"
- name: Configure misc software
copy: src={{ item.src }} dest={{ item.dest }}
with_items:
- { src: '.zshrc', dest: '/root/.zshrc' }
- { src: '.zshrc.local', dest: '/root/.zshrc.local' }
- { src: 'motd', dest: '/etc/motd' }
- { src: 'vimrc.local', dest: '/etc/vim/vimrc.local' }
- name: Set shell for root user
user: name=root shell=/bin/zsh
- name: Create BKCA certificate directory
file: path=/usr/local/share/ca-certificates state=directory
- name: Copy BKCA certificate
copy: src=BKCA.crt dest=/usr/local/share/ca-certificates/BKCA.crt mode=0444
notify: update-ca-certificates
- name: Create LDAP client config
template: src=ldap.conf.j2 dest=/etc/ldap/ldap.conf mode=0644
- name: Disable hibernation/resume
copy: src=resume dest=/etc/initramfs-tools/conf.d/resume
notify: update-initramfs
# TODO template /etc/network/interfaces
- name: Fix network interface names
copy: src={{ item }} dest=/etc/systemd/network/{{ item }}
with_items:
- 50-virtio-kernel-names.link
- 99-default.link
notify: update-initramfs
- name: Prevent normal users from running su
lineinfile:
path: /etc/pam.d/su
regexp: '^.*auth\s+required\s+pam_wheel.so$'
line: 'auth required pam_wheel.so'
Reference in New Issue View Git Blame Copy Permalink