83 lines
1.8 KiB
YAML
83 lines
1.8 KiB
YAML
- name: Run Package tasks
|
|
ansible.builtin.include_tasks:
|
|
file: ./templates/packages.yml
|
|
|
|
- name: Create user account
|
|
ansible.builtin.user:
|
|
name: "{{ username }}"
|
|
password: "{{ userpassword }}"
|
|
groups: sudo
|
|
shell: /bin/bash
|
|
state: present
|
|
createhome: true
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: Create user account
|
|
ansible.builtin.user:
|
|
name: "{{ username }}"
|
|
password: "{{ userpassword }}"
|
|
shell: /bin/bash
|
|
groups: wheel
|
|
state: present
|
|
createhome: true
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- name: Run SSH tasks
|
|
ansible.builtin.include_tasks:
|
|
file: ssh.yml
|
|
|
|
- name: Copy unattended-upgrades file
|
|
ansible.builtin.copy:
|
|
src: files/10periodic
|
|
dest: /etc/apt/apt.conf.d/10periodic
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
force: true
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: Remove undesirable packages
|
|
ansible.builtin.package:
|
|
name: "{{ unnecessary_software }}"
|
|
state: absent
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: Stop and disable unnecessary services
|
|
ansible.builtin.service:
|
|
name: "{{ item }}"
|
|
state: stopped
|
|
enabled: false
|
|
with_items: "{{ unnecessary_services }}"
|
|
ignore_errors: "{{ ansible_check_mode }}"
|
|
|
|
- name: Set a message of the day
|
|
ansible.builtin.copy:
|
|
dest: /etc/motd
|
|
src: files/motd
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
|
|
- name: Set a login banner
|
|
ansible.builtin.copy:
|
|
dest: "{{ item }}"
|
|
src: files/issue
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
with_items:
|
|
- /etc/issue
|
|
- /etc/issue.net
|
|
|
|
- name: Set timezone
|
|
ansible.builtin.command: timedatectl set-timezone America/Chicago
|
|
changed_when: my_output.rc != 0
|
|
|
|
- name: Enable cockpit
|
|
ansible.builtin.systemd:
|
|
name: cockpit
|
|
daemon_reload: true
|
|
state: restarted
|
|
enabled: true
|
|
when: ansible_os_family == "RedHat"
|