--- /dev/null
+---
+- name: change ansible-user password
+ ansible.builtin.user:
+ name: ansible
+ update_password: always
+ password: "{{ ansibleuser|password_hash('sha512') }}"
+- name: hide system-account
+ ansible.builtin.lineinfile:
+ path: /var/lib/AccountsService/users/ansible
+ regex: 'SystemAccount=*'
+ line: 'SystemAccount=true'
+- name: remove apt-config-file derived from preseeding
+ ansible.builtin.file:
+ path: /etc/apt/apt.conf
+ state: absent
+#- name: copy new apt-proxy config file to apt.conf.d-dir
+# ansible.builtin.copy:
+# dest: /etc/apt/apt.conf.d/01proxy
+# content: |
+# Acquire::http { Proxy "http://{{ aptproxy }}:3142"; };
+# Acquire::https { Proxy "https://"; };
+#- name: prepare ubuntu-DNS for working in local network
+# file:
+# src: /run/systemd/resolve/resolv.conf
+# dest: /etc/resolv.conf
+# state: link
+# force: yes
+# when: ansible_facts['distribution'] == 'Ubuntu'
+- name: Update and upgrade apt packages
+ apt:
+ update_cache: true
+ upgrade: true
+- name: Update and upgrade apt packages
+ apt:
+ autoremove: true
+- name: install core-packages
+ apt:
+ pkg:
+ - htop
+ - glances
+ - inxi
+ - bmon
+ - vim
+ - mtr-tiny
+ - tmux
+ - ncdu
+- name: configure apt-unattended-upgrades part one
+ ansible.builtin.copy:
+ dest: /etc/apt/apt.conf.d/10periodic
+ content: |
+ APT::Periodic::Update-Package-Lists "1";
+ APT::Periodic::Unattended-Upgrade "1";
+ APT::Periodic::Download-Upgradeable-Packages "1";
+ APT::Periodic::AutocleanInterval "7";
+#- name: configure apt-unattended-upgrades part two
+# ansible.builtin.lineinfile:
+# Müssen wir noch an einem neuen Gerät nachvollziehen :-)
+#- name: stop automatic remote printer installation
+# ansible.builtin.systemd:
+# name: cups-browsed
+# state: stopped
+#- name: disable automatic remote printer installation
+# ansible.builtin.systemd:
+# name: cups-browsed
+# enabled: no
+...
projects / fsit-ansible8home.git / commitdiff