-
jurgenhaas authoredjurgenhaas authored
common.yml 13.91 KiB
---
# file: roles/common/tasks/common.yml
- name: Ensure directories
file:
path: '{{ item }}'
state: directory
with_items:
- /etc/ansible/facts.d
- name: Sudoers Policy
template:
src: etc_sudoers_d_policy
dest: /etc/sudoers.d/policy
owner: root
group: root
mode: 0440
# Regarding resolve service, see https://www.ctrl.blog/entry/resolvconf-tutorial.html
- name: Install resolvconf
apt:
pkg: '{{ packages }}'
state: present
update_cache: yes
vars:
packages:
- resolvconf
- name: Disable systemd.resolved
service:
name: systemd-resolved
state: stopped
enabled: no
- name: Configure resolv.conf
template:
src: etc_resolv_conf
dest: /etc/resolvconf/resolv.conf.d/head
owner: root
group: root
mode: 0644
when: nameserver is defined
notify:
- Update resolv config
- name: Configure limits.conf
template:
src: etc_security_limits.conf
dest: /etc/security/limits.d/limits.conf
owner: root
group: root
mode: 0644
- name: Remove default apt.conf
file:
path: /etc/apt/apt.conf
state: absent
- name: Configure APT Proxy
template:
src: etc_apt_apt_conf_d_02proxy
dest: /etc/apt/apt.conf.d/02proxy
owner: root
group: root
mode: 0644
when: apt_proxy
- name: Turn off unattended upgrades
template: