Compare commits
1 Commits
role_commo
...
role_ansib
| Author | SHA1 | Date | |
|---|---|---|---|
| 8537ea2b9e |
5
ansible/tasks/main.yml
Normal file
5
ansible/tasks/main.yml
Normal file
@@ -0,0 +1,5 @@
|
|||||||
|
- name: Install ansible packages
|
||||||
|
package:
|
||||||
|
name:
|
||||||
|
- python3
|
||||||
|
state: latest
|
||||||
@@ -1 +0,0 @@
|
|||||||
ipv6_stable_secret: 1111:2222:3333:4444:5555:6666:7777:8888
|
|
||||||
@@ -1,2 +0,0 @@
|
|||||||
- name: reload_sysctl
|
|
||||||
command: sysctl --system
|
|
||||||
@@ -1,20 +0,0 @@
|
|||||||
- name: General aliases
|
|
||||||
blockinfile:
|
|
||||||
path: "{{ ansible_facts.env.HOME }}/.bashrc"
|
|
||||||
marker: "# {mark} ANSIBLE MANAGED BLOCK | General aliases"
|
|
||||||
block: |
|
|
||||||
alias clr="clear"
|
|
||||||
alias hgrep="history | grep"
|
|
||||||
alias syslog="tail -f --lines=100 /var/log/syslog"
|
|
||||||
alias cp="rsync -hlAXEptgoDS --numeric-ids --info=progress2"
|
|
||||||
|
|
||||||
- name: ls aliases and colors
|
|
||||||
blockinfile:
|
|
||||||
path: "{{ ansible_facts.env.HOME }}/.bashrc"
|
|
||||||
marker: "# {mark} ANSIBLE MANAGED BLOCK | ls aliases and colors"
|
|
||||||
block: |
|
|
||||||
export LS_OPTIONS='--color=auto'
|
|
||||||
eval "`dircolors`"
|
|
||||||
alias ls='ls $LS_OPTIONS'
|
|
||||||
alias ll='ls $LS_OPTIONS -l'
|
|
||||||
alias l='ls $LS_OPTIONS -la'
|
|
||||||
@@ -1,9 +0,0 @@
|
|||||||
- import_tasks: ./packages.yml
|
|
||||||
|
|
||||||
- import_tasks: ./ssh.yml
|
|
||||||
|
|
||||||
- import_tasks: ./packages.yml
|
|
||||||
|
|
||||||
- import_tasks: ./aliases.yml
|
|
||||||
|
|
||||||
- import_tasks: ./networking.yml
|
|
||||||
@@ -1,22 +0,0 @@
|
|||||||
- name: Set sysctl settings for ip-forwarding
|
|
||||||
copy:
|
|
||||||
dest: "/etc/sysctl.d/ip-forwarding.conf"
|
|
||||||
content: |
|
|
||||||
net.ipv4.ip_forward = 1
|
|
||||||
net.ipv6.conf.all.forwarding = 1
|
|
||||||
notify: reload_sysctl
|
|
||||||
|
|
||||||
- name: Set sysctl settings for ipv6-address-generation
|
|
||||||
copy:
|
|
||||||
dest: "/etc/sysctl.d/ipv6-slaac-address-generation.conf"
|
|
||||||
content: |
|
|
||||||
net.ipv6.conf.default.addr_gen_mode = 2
|
|
||||||
net.ipv6.conf.default.stable_secret = {{ ipv6_stable_secret }}
|
|
||||||
notify: reload_sysctl
|
|
||||||
|
|
||||||
- name: Set sysctl settings to override ipv6-slaac with enabled forwarding
|
|
||||||
copy:
|
|
||||||
dest: "/etc/sysctl.d/ipv6-slaac-override.conf"
|
|
||||||
content: |
|
|
||||||
net.ipv6.conf.all.accept_ra = 2
|
|
||||||
notify: reload_sysctl
|
|
||||||
@@ -1,20 +0,0 @@
|
|||||||
- name: Update Packages
|
|
||||||
apt:
|
|
||||||
update_cache: yes
|
|
||||||
upgrade: yes
|
|
||||||
when: ansible_facts.distribution == "Debian"
|
|
||||||
|
|
||||||
- name: Install Packages
|
|
||||||
package:
|
|
||||||
name:
|
|
||||||
- gpg
|
|
||||||
- htop
|
|
||||||
- iotop
|
|
||||||
- slurm
|
|
||||||
- sudo
|
|
||||||
- screen
|
|
||||||
- curl
|
|
||||||
- rsync
|
|
||||||
- zstd
|
|
||||||
state: latest
|
|
||||||
when: ansible_facts.distribution == "Debian"
|
|
||||||
@@ -1,12 +0,0 @@
|
|||||||
- name: Disable SSH password auth
|
|
||||||
lineinfile:
|
|
||||||
dest: /etc/ssh/sshd_config
|
|
||||||
regexp: '^PasswordAuthentication\s*yes'
|
|
||||||
line: "PasswordAuthentication no"
|
|
||||||
register: sshd_config
|
|
||||||
|
|
||||||
- name: Restart SSH daemon
|
|
||||||
service:
|
|
||||||
name: sshd
|
|
||||||
state: restarted
|
|
||||||
when: sshd_config.changed
|
|
||||||
Reference in New Issue
Block a user