]> freie-schul-it.de Git - fsit_smgt.git/blobdiff - tasks/bootstrap.yml
projects / fsit_smgt.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Task für Paperless-NGX
[fsit_smgt.git] / tasks / bootstrap.yml
diff --git a/tasks/bootstrap.yml b/tasks/bootstrap.yml
index c5e37da544552a9dd780bf72a2456d234562487a..52d18833a5ef6dbd6a59586fbe92c60a9aa82d9d 100644 (file)
--- a/tasks/bootstrap.yml
+++ b/tasks/bootstrap.yml
@@ -1,68 +1,51 @@
 ---
 ---
-- block:
-  - name: Remove apt-config-file derived from preseeding
-    ansible.builtin.file:
-      path: /etc/apt/apt.conf
-      state: absent
-    when: ("baremetal" in group_names)
-  - name: Create apt-proxy config file
-    ansible.builtin.template:
-      src: apt-proxy_01proxy.j2
-      dest: /etc/apt/apt.conf.d/01proxy
-    when: ("DMZ" not in group_names)
-  - name: Remove apt-config-file only for aptproxy
-    ansible.builtin.file:
-      path: /etc/apt/apt.conf.d/01proxy
-      state: absent
-    when: ("aptproxy" in inventory_hostname)
-  - name: Copy apt-unattended-upgrades config file
-    ansible.builtin.copy:
-      src: apt-unattended-upgrades_10periodic
-      dest: /etc/apt/apt.conf.d/10periodic
-  - name: Update and upgrade apt packages
-    ansible.builtin.apt:
-      update_cache: true
-      upgrade: true
-      autoremove: true
-  - name: Install core-packages
-    ansible.builtin.apt:
-      pkg:
-        - sudo
-        - gnupg
-        - htop
-        - ncdu
-        - vim
-        - tmux
-        - gnupg2
-        - nethogs
-        - iftop
-        - rsync
-        - ripgrep
-  - name: Install core-packages for bare-metal-server
-    ansible.builtin.apt:
-      pkg:
-        - inxi
-    when: ("baremetal" in group_names)
-  - name: Install core-packages for server in DMZ
-    ansible.builtin.apt:
-      pkg:
-        - fail2ban
-    when: ("DMZ" in group_names)
-  - name: Add ansible user to server
-    ansible.builtin.user:
-      name: ansible
-      shell: /bin/bash
-  - name: Allow "ansible"-user to have passwordless sudo
-    ansible.builtin.copy:
-      src: sudo_ansible
-      dest: /etc/sudoers.d/ansible
-      owner: root
-      group: root
-      mode: "0440"
-  - name: Add installbox-ansible-user _public_ ssh-key to the servers authorized_keys file
-    ansible.posix.authorized_key:
-      user: ansible
-      state: present
-      manage_dir: true
-      key: "{{ lookup('file', '/home/ansible/.ssh/id_ed25519.pub') }}"
-  remote_user: root  
+- name: Remove apt-config-file derived from preseeding
+  ansible.builtin.file:
+    path: /etc/apt/apt.conf
+    state: absent
+  when: ("baremetal" in group_names)
+- name: Create apt-proxy config file
+  ansible.builtin.template:
+    src: apt-proxy_01proxy.j2
+    dest: /etc/apt/apt.conf.d/01proxy
+  when: ("DMZ" not in group_names)
+- name: Remove apt-config-file only for aptproxy
+  ansible.builtin.file:
+    path: /etc/apt/apt.conf.d/01proxy
+    state: absent
+  when: ("aptproxy" in inventory_hostname)
+- name: Copy apt-unattended-upgrades config file
+  ansible.builtin.copy:
+    src: apt-unattended-upgrades_10periodic
+    dest: /etc/apt/apt.conf.d/10periodic
+- name: Update and upgrade apt packages
+  ansible.builtin.apt:
+    update_cache: true
+    upgrade: true
+    autoremove: true
+- name: Install core-packages
+  ansible.builtin.apt:
+    pkg:
+      - sudo
+      - gnupg
+      - htop
+      - ncdu
+      - vim
+      - tmux
+      - gnupg2
+      - nethogs
+      - iftop
+      - rsync
+      - ripgrep
+      - nnn
+      #- duf
+- name: Install core-packages for bare-metal-server
+  ansible.builtin.apt:
+    pkg:
+      - inxi
+  when: ("baremetal" in group_names)
+- name: Install core-packages for server in DMZ
+  ansible.builtin.apt:
+    pkg:
+      - fail2ban
+  when: ("DMZ" in group_names)
Ansible Rolle für Server-Management