Updated playbook

roles/hostname/tasks/main.yaml

@@ -1,3 +1,4 @@
 - name: Set hostname
   command: "hostnamectl set-hostname {{ inventory_hostname }}"
-  when: inventory_hostname in groups["oracle"]
+  when:
+    - inventory_hostname != 'localhost'

roles/ssh/tasks/main.yaml

@@ -10,7 +10,7 @@
 
 - name: Restart SSH service
   systemd:
-    name: sshd
+    name: ssh
     enabled: true
     state: restarted
 

roles/ssh/templates/sshd.conf.j2

@@ -5,7 +5,7 @@ PermitRootLogin no
 PasswordAuthentication no
 AddressFamily inet
 ChallengeResponseAuthentication no
-AllowUsers {{ user }}
+AllowUsers {{ ansible_user }}
 KbdInteractiveAuthentication no
 UsePAM yes
 X11Forwarding no

roles/timezone/tasks/main.yaml

@@ -1,4 +1,4 @@
-- name: Set timezone to Asia/Singapore
+- name: Set timezone
   community.general.timezone:
     name: "{{ TZ }}"
   become: true

roles/touch-hushlogin/tasks/main.yml

@@ -0,0 +1,6 @@
+---
+- name: touch .hushlogin
+  file:
+    path: "/home/{{ user }}/.hushlogin"
+    state: touch
+

set-up.yaml

@@ -5,47 +5,52 @@
   vars_files:
     - vars/secrets.yaml
   become: true
+  tasks:
+# ----------------------------------------------------------------------------------------------------
+
+    - name: Install packages
+      apt:
+        name:
+          - iputils-ping
+          - cron
+          - fzf
+          - git
+          - curl
+          - zip
+          - unzip
+          - trash-cli
+        state: latest
+        install_recommends: false
+        update_cache: true
+        autoclean: true
+        autoremove: true
 
 # ----------------------------------------------------------------------------------------------------
 
-  pre_tasks:
+    - name: Include roles
-#    - name: Install packages
+      include_role:
-#      apt:
+        name: "{{ item }}"
-#        name:
+      loop:
-#          - iputils-ping
+        - disable-root
-#          - cron
+        - timezone
-#          - fzf
+        - chrony
-#          - git
+        - vps-sources-list
-#          - curl
+        - vps-ufw
-#          - zip
+        - ssh
-#          - unzip
+        - fail2ban
-#          - trash-cli
+        - unattended-upgrades
-#        state: latest
+        - nfs-opnxng
-#        install_recommends: false
+        - docker
-#        update_cache: true
+        - touch-hushlogin
-#        autoclean: true
+        - set-vm-overcommit-memory
-#        autoremove: true
-
-    - name: Touch .hushlogin
-      file:
-        path: "/home/{{ user }}/.hushlogin"
-        state: touch
-
-# ----------------------------------------------------------------------------------------------------
-
-  roles:
-#    - grub-opnxng
-#    - disable-root
-#    - timezone
-#    - chrony
-#    - hostname
-#    - systemd-resolved
-#    - sources-list
-#    - ssh
-    - ufw-opnxng
-#    - fail2ban
-#    - unattended-upgrades
-#    - nfs-opnxng
-#    - docker
-#    - set-vm-overcommit-memory
         #- docker-buildx
+
+    - name: Include roles
+      include_role:
+        name: "{{ item }}"
+      loop:
+        - oracle-systemd-resolved
+        - oracle-grub-opnxng
+        - hostname
+      when:
+       - inventory_hostname in groups["oracle"]