diff --git a/roles/common/tasks/ansible-pull.yml b/roles/common/tasks/ansible-pull.yml new file mode 100644 index 00000000..aeb95e82 --- /dev/null +++ b/roles/common/tasks/ansible-pull.yml @@ -0,0 +1,23 @@ +- name: Add ansible cron job + copy: + src: ../files/ansible-pull + dest: /etc/cron.hourly/ansible-pull + owner: root + mode: 744 + +- name: Adding ansible git repo locally + git: + repo: 'https://tildegit.org/thunix/ansibe.git' + dest: /var/thunix/ansible + +- name: adding deploy key + authorized_key: + user: root + state: present + key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC2ZFqUDHL4KTkjqaNdWLGVPyHfz7uBh7j48uab1ywbOScDIvW/6Lhnxg41J48o0IGASyT0ijwBX6Se/IkKM6vHVJ5H7wEIZ1YL1351ytacZ7/zsh/LWvGi3YkMblboN6SesXwXnvih9dWWMpW/ifz10IeOw7cB5OjIomIYTre3J5f4WmqYCB4NxDHAVSszv62wZrnpb6QrQOG4YvbxvhynHEJN2OmvMPufIjICZap/fGd3BtFafWSjCL4ZbBnNK9TlwGw6LFeJrHHoL77prwl/tIFr+XQg1FnzNAbhT0QEgF/7LasrjrgjK06yHWEOw0eWDKRAAHvXJ9ESwP6NWi9CBkV2gVBDzJUyKREPQNg+LZ5xNQoP9x4bSglhnPSoE8YYLIkgApaUVhTuWbBB+vtsEgK5HI9X63jCfYUpRwOXw+S6YMI8wo+ZFMLY1uQi66/3w+nyg0jp/+3VVUK6wEv5f+7iO5KVaLM1KY9GYwZmixJgOukJzC9MT3vHF60+fZFAZMB5iTjhBGYdHpGPDpOyICYuo7uKpmSPa72GfuSE6oZ6ighJyQEONWIKF+fr0ngb1/N7f6yns1qyJ1rd9PyQ08moSsbBeVCmR963rmv+RrYA756KXxLrsH4UOtVQFO/8vwjTkigXf2Xc+85YTrXJV+w5xS6RQUwuoc+GrerJsw==" + +- name: adding deploy key + authorized_key: + user: root + state: present + key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDWGH2FhPe/TB1zhF4vQPn0xg4e0RI6baNJrINPROcGg8oHDnhHx7WtBY5SIT9dYhUR07SWFooxygKNYiUaZ02oTZfWsAo1zv50cP6G0GqYGDuETp7s9pzgpRFgHfPAEo4fbe6gSGK1FsgxSQOjE7Us5IE6GIQK5kqIV9N5AZIuKgwur7XiB6hIcMQHJ/UV0YQezvWcprxPFOYPTy8VszF+BenjqkHXcD3OK8CsoxKPd3UFV1Ah4JTgf+WnQGz5T4wffWVwDAP/+6SImkyqMH7sa9h+2gjKaWvrgTu+2K73JxyFBbpgIlJVOZpyTVP89STz5ZIGJa3Ul3bJiYOQ4yooaE4BhtSjaH3neaAF5mD/h7QftooifixkLYzZQf3jGJuX2OqpnWu+C0CySNR2FtyuQcU5xsqGgUhQ9SP3SjxkVk79ixbtH5UDeRabNrx1mX35LJVLBgUbsm+ailYGQYM55n7UPAEEVaWmNEZg9FwLVdX5BAf4Rc3NC5mNRIj5FL1Vu9nYqybiO50nf+UozfxmFyy5GLYSHIVs6U4ICpwAd9h7T/8pO5cgRAhANe7Umqtubkdi+jmRx57i0qlnC2cPYa/4Zp/dCIg5WyIMkO9SIIhIznkwLMQULdS7SsunTZfSp1YxPwAmLlnpobuneHTR7iQ4l/dIrJHIXyIA9ZxYFw==" diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 5622b6cd..d931ab15 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -6,3 +6,4 @@ - include: resolv.yml - include: sshd.yml - include: motd.yml +- include: ansible-pull.yml diff --git a/roles/common/tasks/packages.yml b/roles/common/tasks/packages.yml index 5aa5743b..f83f3c1f 100644 --- a/roles/common/tasks/packages.yml +++ b/roles/common/tasks/packages.yml @@ -1,9 +1,14 @@ # Install our baseline packages for all machines, irrespective of what role they might have --- - name: Install baseline packages - apt: name={{ item }} state=present - with_items: - - aptitude - - git - - python - - man + apt: + name: "{{ packages }}" + state: present + update_cache: yes + vars: + packages: + - aptitude + - git + - python + - man + diff --git a/roles/common/tasks/users.yml b/roles/common/tasks/users.yml index af680c3a..b8629ac0 100644 --- a/roles/common/tasks/users.yml +++ b/roles/common/tasks/users.yml @@ -4,10 +4,10 @@ name: sudo state: present - - name: Allow 'sudo' group to have passwordless sudo - lineinfile: - dest: /etc/sudoers - state: present - regexp: '^%sudo' - line: '%sudo ALL=(ALL) NOPASSWD: ALL' - validate: visudo -cf %s +- name: Allow 'sudo' group to have passwordless sudo + lineinfile: + dest: /etc/sudoers + state: present + regexp: '^%sudo' + line: '%sudo ALL=(ALL) NOPASSWD: ALL' + validate: visudo -cf %s diff --git a/roles/shell/tasks/packages.yml b/roles/shell/tasks/packages.yml index 4b952dc3..895fae24 100644 --- a/roles/shell/tasks/packages.yml +++ b/roles/shell/tasks/packages.yml @@ -1,21 +1,28 @@ # Install our baseline packages for all machines, irrespective of what role they might have --- - name: Install baseline packages - apt: name={{ item }} state=present - with_items: - - vim - - alpine - - weechat - - mutt - - python - - rtv - - lynx - - w3m-img - - python-pip - - cowsay - - byobu + apt: + name: "{{ packages }}" + state: present + update_cache: yes + vars: + packages: + - vim + - alpine + - weechat + - mutt + - python + - rtv + - lynx + - w3m-img + - python-pip + - cowsay + - byobu + - bsdgames + - emacs + - elinks -# Install (Bottle) python package. +# Install ansible python package, because it's the latest - name: Install ansible pip: name: ansible diff --git a/roles/webserver/tasks/packages.yml b/roles/webserver/tasks/packages.yml index 753abe81..222c46f1 100644 --- a/roles/webserver/tasks/packages.yml +++ b/roles/webserver/tasks/packages.yml @@ -1,25 +1,30 @@ # Install apache and accoutrements www, irrespective of what role they might have --- -- name: Install packages - apt: name={{ item }} state=present - with_items: - - apache2 - - mariadb-server - - mariadb-client - - php7.0 - - libapache2-mod-php7.0 - - php7.0-mysql - - php7.0-curl - - php7.0-gd - - php7.0-intl - - php-pear - - php-imagick - - php7.0-imap - - php7.0-mcrypt - - php-memcache - - php7.0-pspell - - php7.0-recode - - php7.0-sqlite3 - - php7.0-tidy - - php7.0-xmlrpc - - php7.0-xsl +- name: Install packages for webserver + apt: + name: "{{ packages }}" + state: present + update_cache: yes + vars: + packages: + - apache2 + - mariadb-server + - mariadb-client + - php7.0 + - libapache2-mod-php7.0 + - php7.0-mysql + - php7.0-curl + - php7.0-gd + - php7.0-intl + - php-pear + - php-imagick + - php7.0-imap + - php7.0-mcrypt + - php-memcache + - php7.0-pspell + - php7.0-recode + - php7.0-sqlite3 + - php7.0-tidy + - php7.0-xmlrpc + - php7.0-xsl +