68 lines
1.5 KiB
YAML
68 lines
1.5 KiB
YAML
---
|
|
# Set System Hostname
|
|
- name: Ensure hostname set
|
|
hostname:
|
|
name: "{{ inventory_hostname }}"
|
|
when: not inventory_hostname|trim is match('(\d{1,3}\.){3}\d{1,3}')
|
|
become: yes
|
|
register: hostname_set
|
|
|
|
- name: Reboot host and wait for it to restart
|
|
reboot:
|
|
msg: "Reboot initiated by Ansible"
|
|
connect_timeout: 5
|
|
reboot_timeout: 600
|
|
pre_reboot_delay: 0
|
|
post_reboot_delay: 30
|
|
test_command: whoami
|
|
when: hostname_set.changed
|
|
|
|
# Users defined in /vars/main.yml
|
|
# pub key files in /files/{USER}.key.pub
|
|
|
|
- name: "Create user accounts and add users to groups"
|
|
user:
|
|
name: "{{ item }}"
|
|
groups: sudo
|
|
with_items: "{{ users }}"
|
|
|
|
- name: "Add authorized keys"
|
|
authorized_key:
|
|
user: "{{ item }}"
|
|
key: "{{ lookup('file', 'files/'+ item + '.key.pub') }}"
|
|
with_items: "{{ users }}"
|
|
|
|
- name: Allow 'wheel' group to have passwordless sudo
|
|
lineinfile:
|
|
path: /etc/sudoers
|
|
state: present
|
|
regexp: '^%wheel'
|
|
line: '%wheel ALL=(ALL) NOPASSWD: ALL'
|
|
validate: '/usr/sbin/visudo -cf %s'
|
|
|
|
# Install basic packages for Ubuntu minimal Systems
|
|
- name: Install all Packages
|
|
ansible.builtin.apt:
|
|
name:
|
|
- curl
|
|
- nano
|
|
- vim
|
|
- htop
|
|
- screen
|
|
- iproute2
|
|
- iptables
|
|
- cron
|
|
- qemu-guest-agent
|
|
- iputils-ping
|
|
- iw
|
|
- speedtest-cli
|
|
- telnet
|
|
state: latest
|
|
update_cache: yes
|
|
|
|
- name: uninstall unneeded packages
|
|
apt:
|
|
name:
|
|
- rpcbind
|
|
update_cache: yes
|
|
state: absent |