From 5c56b9917383032b22b5c1cb99d1a8d56323d21f Mon Sep 17 00:00:00 2001
From: Opnxng <opnxng@tuta.io>
Date: Tue, 29 Oct 2024 18:05:22 +0800
Subject: [PATCH] Updated playbook

---
 roles/hostname/tasks/main.yaml                |  3 +-
 .../tasks/main.yaml                           |  0
 .../templates/grub.j2                         |  0
 .../files/oracle.conf                         |  0
 .../tasks/main.yaml                           |  0
 roles/ssh/tasks/main.yaml                     |  2 +-
 roles/ssh/templates/sshd.conf.j2              |  4 +-
 roles/timezone/tasks/main.yaml                |  4 +-
 roles/touch-hushlogin/tasks/main.yml          |  6 ++
 .../files/sources.list                        |  0
 .../tasks/main.yaml                           |  0
 roles/{ufw-opnxng => vps-ufw}/tasks/main.yaml |  0
 .../templates/oracle4.user.rules.j2           |  0
 .../templates/oracle4.user6.rules.j2          |  0
 .../templates/user.rules.j2                   |  0
 .../templates/user6.rules.j2                  |  0
 set-up.yaml                                   | 85 ++++++++++---------
 17 files changed, 58 insertions(+), 46 deletions(-)
 rename roles/{grub-opnxng => oracle-grub}/tasks/main.yaml (100%)
 rename roles/{grub-opnxng => oracle-grub}/templates/grub.j2 (100%)
 rename roles/{systemd-resolved => oracle-systemd-resolved}/files/oracle.conf (100%)
 rename roles/{systemd-resolved => oracle-systemd-resolved}/tasks/main.yaml (100%)
 create mode 100644 roles/touch-hushlogin/tasks/main.yml
 rename roles/{sources-list => vps-sources-list}/files/sources.list (100%)
 rename roles/{sources-list => vps-sources-list}/tasks/main.yaml (100%)
 rename roles/{ufw-opnxng => vps-ufw}/tasks/main.yaml (100%)
 rename roles/{ufw-opnxng => vps-ufw}/templates/oracle4.user.rules.j2 (100%)
 rename roles/{ufw-opnxng => vps-ufw}/templates/oracle4.user6.rules.j2 (100%)
 rename roles/{ufw-opnxng => vps-ufw}/templates/user.rules.j2 (100%)
 rename roles/{ufw-opnxng => vps-ufw}/templates/user6.rules.j2 (100%)

diff --git a/roles/hostname/tasks/main.yaml b/roles/hostname/tasks/main.yaml
index 966373a..928212e 100644
--- a/roles/hostname/tasks/main.yaml
+++ b/roles/hostname/tasks/main.yaml
@@ -1,3 +1,4 @@
 - name: Set hostname
   command: "hostnamectl set-hostname {{ inventory_hostname }}"
-  when: inventory_hostname in groups["oracle"]
+  when:
+    - inventory_hostname != 'localhost'
diff --git a/roles/grub-opnxng/tasks/main.yaml b/roles/oracle-grub/tasks/main.yaml
similarity index 100%
rename from roles/grub-opnxng/tasks/main.yaml
rename to roles/oracle-grub/tasks/main.yaml
diff --git a/roles/grub-opnxng/templates/grub.j2 b/roles/oracle-grub/templates/grub.j2
similarity index 100%
rename from roles/grub-opnxng/templates/grub.j2
rename to roles/oracle-grub/templates/grub.j2
diff --git a/roles/systemd-resolved/files/oracle.conf b/roles/oracle-systemd-resolved/files/oracle.conf
similarity index 100%
rename from roles/systemd-resolved/files/oracle.conf
rename to roles/oracle-systemd-resolved/files/oracle.conf
diff --git a/roles/systemd-resolved/tasks/main.yaml b/roles/oracle-systemd-resolved/tasks/main.yaml
similarity index 100%
rename from roles/systemd-resolved/tasks/main.yaml
rename to roles/oracle-systemd-resolved/tasks/main.yaml
diff --git a/roles/ssh/tasks/main.yaml b/roles/ssh/tasks/main.yaml
index 06ac7d8..fb839ff 100644
--- a/roles/ssh/tasks/main.yaml
+++ b/roles/ssh/tasks/main.yaml
@@ -10,7 +10,7 @@
 
 - name: Restart SSH service
   systemd:
-    name: sshd
+    name: ssh
     enabled: true
     state: restarted
 
diff --git a/roles/ssh/templates/sshd.conf.j2 b/roles/ssh/templates/sshd.conf.j2
index 2e50e37..65b852e 100644
--- a/roles/ssh/templates/sshd.conf.j2
+++ b/roles/ssh/templates/sshd.conf.j2
@@ -5,7 +5,7 @@ PermitRootLogin no
 PasswordAuthentication no
 AddressFamily inet
 ChallengeResponseAuthentication no
-AllowUsers {{ user }}
+AllowUsers {{ ansible_user }}
 KbdInteractiveAuthentication no
 UsePAM yes
-X11Forwarding no
\ No newline at end of file
+X11Forwarding no
diff --git a/roles/timezone/tasks/main.yaml b/roles/timezone/tasks/main.yaml
index f8fb961..b352508 100644
--- a/roles/timezone/tasks/main.yaml
+++ b/roles/timezone/tasks/main.yaml
@@ -1,4 +1,4 @@
-- name: Set timezone to Asia/Singapore
+- name: Set timezone
   community.general.timezone:
     name: "{{ TZ }}"
-  become: true
\ No newline at end of file
+  become: true
diff --git a/roles/touch-hushlogin/tasks/main.yml b/roles/touch-hushlogin/tasks/main.yml
new file mode 100644
index 0000000..217f0d2
--- /dev/null
+++ b/roles/touch-hushlogin/tasks/main.yml
@@ -0,0 +1,6 @@
+---
+- name: touch .hushlogin
+  file:
+    path: "/home/{{ user }}/.hushlogin"
+    state: touch
+
diff --git a/roles/sources-list/files/sources.list b/roles/vps-sources-list/files/sources.list
similarity index 100%
rename from roles/sources-list/files/sources.list
rename to roles/vps-sources-list/files/sources.list
diff --git a/roles/sources-list/tasks/main.yaml b/roles/vps-sources-list/tasks/main.yaml
similarity index 100%
rename from roles/sources-list/tasks/main.yaml
rename to roles/vps-sources-list/tasks/main.yaml
diff --git a/roles/ufw-opnxng/tasks/main.yaml b/roles/vps-ufw/tasks/main.yaml
similarity index 100%
rename from roles/ufw-opnxng/tasks/main.yaml
rename to roles/vps-ufw/tasks/main.yaml
diff --git a/roles/ufw-opnxng/templates/oracle4.user.rules.j2 b/roles/vps-ufw/templates/oracle4.user.rules.j2
similarity index 100%
rename from roles/ufw-opnxng/templates/oracle4.user.rules.j2
rename to roles/vps-ufw/templates/oracle4.user.rules.j2
diff --git a/roles/ufw-opnxng/templates/oracle4.user6.rules.j2 b/roles/vps-ufw/templates/oracle4.user6.rules.j2
similarity index 100%
rename from roles/ufw-opnxng/templates/oracle4.user6.rules.j2
rename to roles/vps-ufw/templates/oracle4.user6.rules.j2
diff --git a/roles/ufw-opnxng/templates/user.rules.j2 b/roles/vps-ufw/templates/user.rules.j2
similarity index 100%
rename from roles/ufw-opnxng/templates/user.rules.j2
rename to roles/vps-ufw/templates/user.rules.j2
diff --git a/roles/ufw-opnxng/templates/user6.rules.j2 b/roles/vps-ufw/templates/user6.rules.j2
similarity index 100%
rename from roles/ufw-opnxng/templates/user6.rules.j2
rename to roles/vps-ufw/templates/user6.rules.j2
diff --git a/set-up.yaml b/set-up.yaml
index b47fd6b..fa1cd0c 100644
--- a/set-up.yaml
+++ b/set-up.yaml
@@ -5,47 +5,52 @@
   vars_files:
     - vars/secrets.yaml
   become: true
+  tasks:
+# ----------------------------------------------------------------------------------------------------
+
+    - name: Install packages
+      apt:
+        name:
+          - iputils-ping
+          - cron
+          - fzf
+          - git
+          - curl
+          - zip
+          - unzip
+          - trash-cli
+        state: latest
+        install_recommends: false
+        update_cache: true
+        autoclean: true
+        autoremove: true
 
 # ----------------------------------------------------------------------------------------------------
 
-  pre_tasks:
-#    - name: Install packages
-#      apt:
-#        name:
-#          - iputils-ping
-#          - cron
-#          - fzf
-#          - git
-#          - curl
-#          - zip
-#          - unzip
-#          - trash-cli
-#        state: latest
-#        install_recommends: false
-#        update_cache: true
-#        autoclean: true
-#        autoremove: true
+    - name: Include roles
+      include_role:
+        name: "{{ item }}"
+      loop:
+        - disable-root
+        - timezone
+        - chrony
+        - vps-sources-list
+        - vps-ufw
+        - ssh
+        - fail2ban
+        - unattended-upgrades
+        - nfs-opnxng
+        - docker
+        - touch-hushlogin
+        - set-vm-overcommit-memory
+        #- docker-buildx
 
-    - name: Touch .hushlogin
-      file:
-        path: "/home/{{ user }}/.hushlogin"
-        state: touch
-
-# ----------------------------------------------------------------------------------------------------
-
-  roles:
-#    - grub-opnxng
-#    - disable-root
-#    - timezone
-#    - chrony
-#    - hostname
-#    - systemd-resolved
-#    - sources-list
-#    - ssh
-    - ufw-opnxng
-#    - fail2ban
-#    - unattended-upgrades
-#    - nfs-opnxng
-#    - docker
-#    - set-vm-overcommit-memory
-#    - docker-buildx
+    - name: Include roles
+      include_role:
+        name: "{{ item }}"
+      loop:
+        - oracle-systemd-resolved
+        - oracle-grub-opnxng
+        - hostname
+      when:
+       - inventory_hostname in groups["oracle"]