66 lines
1.3 KiB
YAML
66 lines
1.3 KiB
YAML
---
|
|
- name: Setup ansible custom facts
|
|
ansible.builtin.file:
|
|
dest: "{{ item }}"
|
|
mode: "0755"
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
state: directory
|
|
with_items:
|
|
- /etc/ansible
|
|
- /etc/ansible/facts.d
|
|
|
|
- name: Add ansible_export fact
|
|
ansible.builtin.copy:
|
|
dest: /etc/ansible/facts.d/export.fact
|
|
content: |
|
|
#!/bin/sh
|
|
if [ -d /export ]; then
|
|
echo "true"
|
|
else
|
|
echo "false"
|
|
fi
|
|
mode: "0755"
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
|
|
- name: Reload facts
|
|
ansible.builtin.setup:
|
|
filter: ansible_local
|
|
|
|
- name: Include os specific tasks
|
|
ansible.builtin.include_tasks:
|
|
file: "{{ ansible_os_family }}.yml"
|
|
|
|
- name: Disable at from all users
|
|
ansible.builtin.copy:
|
|
content: "\n"
|
|
dest: "/etc/at.allow"
|
|
mode: "0600"
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
|
|
- name: Install basic roles
|
|
ansible.builtin.include_role:
|
|
name: "{{ role }}"
|
|
with_items:
|
|
- network
|
|
- pki
|
|
- psacct
|
|
- sshd
|
|
- sshd_cert
|
|
- node_exporter
|
|
loop_control:
|
|
loop_var: role
|
|
|
|
- name: Install roles for physical hardware
|
|
ansible.builtin.include_role:
|
|
name: "{{ role }}"
|
|
with_items:
|
|
- lm_sensors
|
|
- smartd
|
|
loop_control:
|
|
loop_var: role
|
|
when:
|
|
- ansible_virtualization_role == "host"
|
|
- ansible_virtualization_type != "vmm"
|