Mercurial Mercurial > ansible-roles / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Expanded yaml file extension name.
authorLuke Hoersten <luke@hoersten.org>
Thu, 26 Nov 2020 18:29:22 -0600
changeset 146 3e5aac52f2bd
parent 145 7d94a7cab2f6
child 147 83e9097520a0
Expanded yaml file extension name.
rpi-base/tasks/main.yaml file | annotate | diff | comparison | revisions
rpi-base/tasks/main.yml file | annotate | diff | comparison | revisions 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/rpi-base/tasks/main.yaml	Thu Nov 26 18:29:22 2020 -0600
@@ -0,0 +1,81 @@
+---
+
+- name: turn swap off
+  become: yes
+  command: "swapoff -a"
+  changed_when: false
+
+- name: remove swap apt package
+  become: yes
+  apt: state="absent" name="dphys-swapfile"
+
+- name: add log2ram apt key
+  become: yes
+  apt_key: url="https://azlux.fr/repo.gpg.key"
+
+- name: add log2ram apt repo
+  become: yes
+  apt_repository: repo="deb http://packages.azlux.fr/debian/ buster main"
+
+- name: set timezone
+  become: yes
+  timezone: name="{{rpi_base_timezone}}"
+
+- name: setup wifi
+  become: yes
+  template: src="wpa_supplicant.conf.j2" dest="/etc/wpa_supplicant/wpa_supplicant.conf" mode="0600"
+
+- name: update apt package cache
+  become: yes
+  apt: upgrade="dist" autoremove="yes" autoclean="yes" update_cache="yes" cache_valid_time="3600"
+
+- name: install extra apt packages
+  become: yes
+  apt: name="{{rpi_base_apt_packages}}" state="latest"
+
+- name: configure auto upgrades
+  become: yes
+  copy: src="20auto-upgrades" dest="/etc/apt/apt.conf.d/20auto-upgrades"
+
+- name: configure log2ram disk size
+  become: yes
+  lineinfile:
+    path: "/etc/log2ram.conf"
+    regexp: "^SIZE="
+    line: "SIZE={{rpi_base_log_size}}"
+  notify: restart log2ram service
+
+- name: configure fail2ban
+  become: yes
+  copy: src="jail.local" dest="/etc/fail2ban/jail.local"
+
+- name: add users
+  become: yes
+  user:
+    name: "{{admin_user_name}}"
+    password: "{{admin_user_password}}"
+    groups: "sudo,users"
+    shell: "/bin/bash"
+    append: yes
+
+- name: authorize admin ssh keys
+  become: yes
+  authorized_key: user="{{admin_user_name}}" key="https://github.com/{{github_user}}.keys"
+
+- name: authorize ssh keys
+  become: yes
+  authorized_key: user="{{ansible_user}}" key="https://github.com/{{github_user}}.keys"
+
+- name: nopasswd sudo for admin user
+  become: yes
+  template:
+    src: "010_admin-nopasswd"
+    dest: "/etc/sudoers.d/010_admin-nopasswd"
+
+- name: disable ssh password login
+  become: yes
+  lineinfile:
+    path: "/etc/ssh/sshd_config"
+    regexp: "^PasswordAuthentication"
+    insertafter: "^#PasswordAuthentication"
+    line: "PasswordAuthentication no"
--- a/rpi-base/tasks/main.yml	Fri Nov 20 13:50:42 2020 -0600
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,81 +0,0 @@
----
-
-- name: turn swap off
-  become: yes
-  command: "swapoff -a"
-  changed_when: false
-
-- name: remove swap apt package
-  become: yes
-  apt: state="absent" name="dphys-swapfile"
-
-- name: add log2ram apt key
-  become: yes
-  apt_key: url="https://azlux.fr/repo.gpg.key"
-
-- name: add log2ram apt repo
-  become: yes
-  apt_repository: repo="deb http://packages.azlux.fr/debian/ buster main"
-
-- name: set timezone
-  become: yes
-  timezone: name="{{rpi_base_timezone}}"
-
-- name: setup wifi
-  become: yes
-  template: src="wpa_supplicant.conf.j2" dest="/etc/wpa_supplicant/wpa_supplicant.conf" mode="0600"
-
-- name: update apt package cache
-  become: yes
-  apt: upgrade="dist" autoremove="yes" autoclean="yes" update_cache="yes" cache_valid_time="3600"
-
-- name: install extra apt packages
-  become: yes
-  apt: name="{{rpi_base_apt_packages}}" state="latest"
-
-- name: configure auto upgrades
-  become: yes
-  copy: src="20auto-upgrades" dest="/etc/apt/apt.conf.d/20auto-upgrades"
-
-- name: configure log2ram disk size
-  become: yes
-  lineinfile:
-    path: "/etc/log2ram.conf"
-    regexp: "^SIZE="
-    line: "SIZE={{rpi_base_log_size}}"
-  notify: restart log2ram service
-
-- name: configure fail2ban
-  become: yes
-  copy: src="jail.local" dest="/etc/fail2ban/jail.local"
-
-- name: add users
-  become: yes
-  user:
-    name: "{{admin_user_name}}"
-    password: "{{admin_user_password}}"
-    groups: "sudo,users"
-    shell: "/bin/bash"
-    append: yes
-
-- name: authorize admin ssh keys
-  become: yes
-  authorized_key: user="{{admin_user_name}}" key="https://github.com/{{github_user}}.keys"
-
-- name: authorize ssh keys
-  become: yes
-  authorized_key: user="{{ansible_user}}" key="https://github.com/{{github_user}}.keys"
-
-- name: nopasswd sudo for admin user
-  become: yes
-  template:
-    src: "010_admin-nopasswd"
-    dest: "/etc/sudoers.d/010_admin-nopasswd"
-
-- name: disable ssh password login
-  become: yes
-  lineinfile:
-    path: "/etc/ssh/sshd_config"
-    regexp: "^PasswordAuthentication"
-    insertafter: "^#PasswordAuthentication"
-    line: "PasswordAuthentication no"
ansible-roles