library/bootstrap.yml

   1 ---
   2 - name: change ansible-user password
   3   ansible.builtin.user:
   4     name: ansible
   5     update_password: always
   6     password: "{{ ansibleuser|password_hash('sha512') }}"
   7 - name: hide system-account
   8   ansible.builtin.lineinfile:
   9     path: /var/lib/AccountsService/users/ansible
  10     regex: 'SystemAccount=*'
  11     line: 'SystemAccount=true'
  12 - name: remove apt-config-file derived from preseeding
  13   ansible.builtin.file:
  14     path: /etc/apt/apt.conf
  15     state: absent
  16 - name: copy new apt-proxy config file to apt.conf.d-dir
  17   ansible.builtin.copy:
  18     dest: /etc/apt/apt.conf.d/01proxy
  19     content: |
  20       Acquire::http { Proxy "http://{{ aptproxy }}:3142"; };
  21       Acquire::https { Proxy "https://"; };
  22 - name: prepare ubuntu-DNS for working in local network
  23   file:
  24     src: /run/systemd/resolve/resolv.conf
  25     dest: /etc/resolv.conf
  26     state: link
  27     force: yes
  28   when: ansible_facts['distribution'] == 'Ubuntu'
  29 - name: Update and upgrade apt packages
  30   apt:
  31     update_cache: true
  32     upgrade: true
  33 - name: Update and upgrade apt packages
  34   apt:
  35     autoremove: true
  36 - name: install core-packages
  37   apt:
  38     pkg:
  39     - htop
  40 #    - glances
  41     - inxi
  42     - bmon
  43     - vim
  44     - mtr-tiny
  45     - tmux
  46 - name: configure apt-unattended-upgrades part one
  47   ansible.builtin.copy:
  48     dest: /etc/apt/apt.conf.d/10periodic
  49     content: |
  50       APT::Periodic::Update-Package-Lists "1";
  51       APT::Periodic::Unattended-Upgrade "1";
  52       APT::Periodic::Download-Upgradeable-Packages "1";
  53       APT::Periodic::AutocleanInterval "7";
  54 #- name: configure apt-unattended-upgrades part two
  55 #  ansible.builtin.lineinfile:
  56 # Müssen wir noch an einem neuen Gerät nachvollziehen :-)
  57 #- name: stop automatic remote printer installation
  58 #  ansible.builtin.systemd:
  59 #    name: cups-browsed
  60 #    state: stopped
  61 #- name: disable automatic remote printer installation
  62 #  ansible.builtin.systemd:
  63 #    name: cups-browsed
  64 #    enabled: no
  65 ...