64 lines
1.1 KiB
YAML
64 lines
1.1 KiB
YAML
# vim: ft=yaml.ansible
|
|
---
|
|
- name: Set hostname
|
|
hostname:
|
|
name: "{{ hostname }}"
|
|
|
|
- name: Set timezone
|
|
timezone:
|
|
name: "{{ timezone }}"
|
|
|
|
- name: Upgrade system packages
|
|
apt:
|
|
update_cache: true
|
|
upgrade: full
|
|
|
|
- name: Install packages via apt
|
|
apt:
|
|
name: "{{ pkgs }}"
|
|
state: present
|
|
vars:
|
|
pkgs:
|
|
- apparmor
|
|
- curl
|
|
- git
|
|
- haveged
|
|
- needrestart
|
|
- python3-pip
|
|
- ufw
|
|
- unattended-upgrades
|
|
|
|
- name: Check if a reboot is needed
|
|
stat:
|
|
path: /var/run/reboot-required
|
|
register: needs_reboot
|
|
tags:
|
|
- reboot
|
|
|
|
- name: Reboot host
|
|
reboot:
|
|
connect_timeout: 120
|
|
when: needs_reboot.stat.exists or
|
|
(force_reboot is defined and force_reboot)
|
|
register: reboot
|
|
tags:
|
|
- reboot
|
|
|
|
- name: Re-gather facts
|
|
setup:
|
|
filter:
|
|
- ansible_mounts
|
|
- ansible_swaptotal_mb
|
|
when: reboot.rebooted
|
|
|
|
- name: Clone apt-update-push
|
|
git:
|
|
dest: "/home/{{ ansible_user }}/apt-update-push"
|
|
repo: https://github.com/samsapti/apt-update-push.git
|
|
clone: true
|
|
update: true
|
|
single_branch: true
|
|
depth: 1
|
|
become: false
|
|
notify: Install apt-update-push
|