-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathmain.yml
More file actions
49 lines (38 loc) · 1.46 KB
/
main.yml
File metadata and controls
49 lines (38 loc) · 1.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
---
- name: Create the deploy user
user: name={{user}} comment="deploy user" generate_ssh_key=yes ssh_key_bits=2048 state=present shell=/bin/bash
- name: Authorize my key for deploy user
authorized_key: user={{user}} key="{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
- name: Authorize my key as root
authorized_key: user=root key="{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
- name: Set {{user}} as sudoer
lineinfile: dest=/etc/sudoers line="{{user}} ALL=(ALL) NOPASSWD:ALL"
- name: Remove ubuntu's user
user: name=ubuntu state=absent remove=yes
- name: Update apt cache if needed
apt: update_cache=yes cache_valid_time=3600
- name: Install needed packages
apt: pkg={{item}} state=installed
with_items:
- cron
- logrotate
- curl
- git-core
- git
- update-motd
- firefox
- xvfb
- vim
- name: Check if anything needs autoremoving
shell: apt-get -y --dry-run autoremove | grep -q "0 to remove"
register: check_autoremove
ignore_errors: True
changed_when: False
always_run: True
- name: Autoremove unused packages
command: apt-get -y autoremove
when: "check_autoremove.rc != 0"
- name: Disable periodic OS update checks
lineinfile: dest=/etc/apt/apt.conf.d/10periodic regexp="^APT::Periodic::Update-Package-Lists \"1\"" line="APT::Periodic::Update-Package-Lists \"0\";" state=present
- name: FW Allow everything
ufw: state=enabled policy=allow