diff --git a/roles/hostname/tasks/main.yaml b/roles/hostname/tasks/main.yaml index 966373a..928212e 100644 --- a/roles/hostname/tasks/main.yaml +++ b/roles/hostname/tasks/main.yaml @@ -1,3 +1,4 @@ - name: Set hostname command: "hostnamectl set-hostname {{ inventory_hostname }}" - when: inventory_hostname in groups["oracle"] + when: + - inventory_hostname != 'localhost' diff --git a/roles/grub-opnxng/tasks/main.yaml b/roles/oracle-grub/tasks/main.yaml similarity index 100% rename from roles/grub-opnxng/tasks/main.yaml rename to roles/oracle-grub/tasks/main.yaml diff --git a/roles/grub-opnxng/templates/grub.j2 b/roles/oracle-grub/templates/grub.j2 similarity index 100% rename from roles/grub-opnxng/templates/grub.j2 rename to roles/oracle-grub/templates/grub.j2 diff --git a/roles/systemd-resolved/files/oracle.conf b/roles/oracle-systemd-resolved/files/oracle.conf similarity index 100% rename from roles/systemd-resolved/files/oracle.conf rename to roles/oracle-systemd-resolved/files/oracle.conf diff --git a/roles/systemd-resolved/tasks/main.yaml b/roles/oracle-systemd-resolved/tasks/main.yaml similarity index 100% rename from roles/systemd-resolved/tasks/main.yaml rename to roles/oracle-systemd-resolved/tasks/main.yaml diff --git a/roles/ssh/tasks/main.yaml b/roles/ssh/tasks/main.yaml index 06ac7d8..fb839ff 100644 --- a/roles/ssh/tasks/main.yaml +++ b/roles/ssh/tasks/main.yaml @@ -10,7 +10,7 @@ - name: Restart SSH service systemd: - name: sshd + name: ssh enabled: true state: restarted diff --git a/roles/ssh/templates/sshd.conf.j2 b/roles/ssh/templates/sshd.conf.j2 index 2e50e37..65b852e 100644 --- a/roles/ssh/templates/sshd.conf.j2 +++ b/roles/ssh/templates/sshd.conf.j2 @@ -5,7 +5,7 @@ PermitRootLogin no PasswordAuthentication no AddressFamily inet ChallengeResponseAuthentication no -AllowUsers {{ user }} +AllowUsers {{ ansible_user }} KbdInteractiveAuthentication no UsePAM yes -X11Forwarding no \ No newline at end of file +X11Forwarding no diff --git a/roles/timezone/tasks/main.yaml b/roles/timezone/tasks/main.yaml index f8fb961..b352508 100644 --- a/roles/timezone/tasks/main.yaml +++ b/roles/timezone/tasks/main.yaml @@ -1,4 +1,4 @@ -- name: Set timezone to Asia/Singapore +- name: Set timezone community.general.timezone: name: "{{ TZ }}" - become: true \ No newline at end of file + become: true diff --git a/roles/touch-hushlogin/tasks/main.yml b/roles/touch-hushlogin/tasks/main.yml new file mode 100644 index 0000000..217f0d2 --- /dev/null +++ b/roles/touch-hushlogin/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: touch .hushlogin + file: + path: "/home/{{ user }}/.hushlogin" + state: touch + diff --git a/roles/sources-list/files/sources.list b/roles/vps-sources-list/files/sources.list similarity index 100% rename from roles/sources-list/files/sources.list rename to roles/vps-sources-list/files/sources.list diff --git a/roles/sources-list/tasks/main.yaml b/roles/vps-sources-list/tasks/main.yaml similarity index 100% rename from roles/sources-list/tasks/main.yaml rename to roles/vps-sources-list/tasks/main.yaml diff --git a/roles/ufw-opnxng/tasks/main.yaml b/roles/vps-ufw/tasks/main.yaml similarity index 100% rename from roles/ufw-opnxng/tasks/main.yaml rename to roles/vps-ufw/tasks/main.yaml diff --git a/roles/ufw-opnxng/templates/oracle4.user.rules.j2 b/roles/vps-ufw/templates/oracle4.user.rules.j2 similarity index 100% rename from roles/ufw-opnxng/templates/oracle4.user.rules.j2 rename to roles/vps-ufw/templates/oracle4.user.rules.j2 diff --git a/roles/ufw-opnxng/templates/oracle4.user6.rules.j2 b/roles/vps-ufw/templates/oracle4.user6.rules.j2 similarity index 100% rename from roles/ufw-opnxng/templates/oracle4.user6.rules.j2 rename to roles/vps-ufw/templates/oracle4.user6.rules.j2 diff --git a/roles/ufw-opnxng/templates/user.rules.j2 b/roles/vps-ufw/templates/user.rules.j2 similarity index 100% rename from roles/ufw-opnxng/templates/user.rules.j2 rename to roles/vps-ufw/templates/user.rules.j2 diff --git a/roles/ufw-opnxng/templates/user6.rules.j2 b/roles/vps-ufw/templates/user6.rules.j2 similarity index 100% rename from roles/ufw-opnxng/templates/user6.rules.j2 rename to roles/vps-ufw/templates/user6.rules.j2 diff --git a/set-up.yaml b/set-up.yaml index b47fd6b..fa1cd0c 100644 --- a/set-up.yaml +++ b/set-up.yaml @@ -5,47 +5,52 @@ vars_files: - vars/secrets.yaml become: true + tasks: +# ---------------------------------------------------------------------------------------------------- + + - name: Install packages + apt: + name: + - iputils-ping + - cron + - fzf + - git + - curl + - zip + - unzip + - trash-cli + state: latest + install_recommends: false + update_cache: true + autoclean: true + autoremove: true # ---------------------------------------------------------------------------------------------------- - pre_tasks: -# - name: Install packages -# apt: -# name: -# - iputils-ping -# - cron -# - fzf -# - git -# - curl -# - zip -# - unzip -# - trash-cli -# state: latest -# install_recommends: false -# update_cache: true -# autoclean: true -# autoremove: true + - name: Include roles + include_role: + name: "{{ item }}" + loop: + - disable-root + - timezone + - chrony + - vps-sources-list + - vps-ufw + - ssh + - fail2ban + - unattended-upgrades + - nfs-opnxng + - docker + - touch-hushlogin + - set-vm-overcommit-memory + #- docker-buildx - - name: Touch .hushlogin - file: - path: "/home/{{ user }}/.hushlogin" - state: touch - -# ---------------------------------------------------------------------------------------------------- - - roles: -# - grub-opnxng -# - disable-root -# - timezone -# - chrony -# - hostname -# - systemd-resolved -# - sources-list -# - ssh - - ufw-opnxng -# - fail2ban -# - unattended-upgrades -# - nfs-opnxng -# - docker -# - set-vm-overcommit-memory -# - docker-buildx + - name: Include roles + include_role: + name: "{{ item }}" + loop: + - oracle-systemd-resolved + - oracle-grub-opnxng + - hostname + when: + - inventory_hostname in groups["oracle"]