blob: b332414b54ad45a43892356eb145dc013beee9de (
plain) (
tree)
|
|
- name: "Check that host runs Debian buster/sid on armv7l or x86_64"
assert:
that:
- "ansible_architecture == 'aarch64' or ansible_architecture == 'armv7l' or ansible_architecture == 'x86_64'"
- "ansible_os_family == 'Debian'"
- name: "Upgrade system"
apt:
upgrade: dist # Should we do a full uprade instead of a dist one?
update_cache: yes
cache_valid_time: 3600
autoclean: yes
autoremove: yes
- name: "Install base tools"
apt:
name:
# Essentials
- curl
- less
- sudo
- tar
- unzip
# User tooling
- screen
- vim
# Monitoring
- bmon
- htop
- iftop
- iotop
- iputils-ping
- pciutils
- strace
- tcpdump
# Networking
- dnsutils # now called bind9-dnsutils (still valid)
- ethtool
- iproute2 # advanced net-tools
- iptables # legacy firewall (still used by diplonat)
- iptables-persistent
- net-tools # basic network tools
- nftables # iptables' successor (will replace it eventually)
# Optional / Dispensable
#- docker.io # Adrien n'approuve pas (il faut utiliser le repo Docker)
- parted
#- btrfs-tools
#- libnss-resolve # provides DNS/LLMNR utilities via systemd-resolved
state: present
# Install Docker if need be
- name: Check if Docker is installed
command: 'which docker'
args:
warn: no
register: docker_exists
changed_when: docker_exists.rc != 0
ignore_errors: true
- name: "Install Docker"
include_tasks: docker.yml
when: docker_exists.rc != 0
# Install Nomad & Consul if need be
- name: Check if Nomad is installed
command: 'which nomad'
args:
warn: no
register: nomad_exists
changed_when: nomad_exists.rc != 0
ignore_errors: true
- name: "Install Nomad & Consul"
include_tasks: hashicorp.yml
when: nomad_exists.rc != 0
# Cool stuff
- name: "Passwordless sudo"
lineinfile:
path: /etc/sudoers
state: present
regexp: '^%sudo'
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'
|
