2014-08-16 23:35:57 +02:00
|
|
|
---
|
|
|
|
- name: Configure apt mirror
|
|
|
|
template: src=sources.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644
|
2016-09-29 15:47:44 +02:00
|
|
|
when: ansible_architecture != 'armv7l'
|
2014-08-16 23:35:57 +02:00
|
|
|
|
|
|
|
- name: Upgrade base OS
|
2016-08-25 11:58:15 +02:00
|
|
|
apt: upgrade=dist update_cache=yes
|
2014-08-16 23:35:57 +02:00
|
|
|
|
|
|
|
- name: Install base packages
|
|
|
|
apt: pkg={{ item }}
|
2018-04-02 14:52:51 +02:00
|
|
|
loop:
|
2014-08-16 23:35:57 +02:00
|
|
|
- git
|
|
|
|
- tmux
|
|
|
|
- iotop
|
|
|
|
- htop
|
|
|
|
- strace
|
|
|
|
- s3cmd
|
|
|
|
- cron-apt
|
|
|
|
- safe-rm
|
|
|
|
- debian-goodies
|
|
|
|
- mosh
|
|
|
|
- python-pycurl # for ansible's apt_repository
|
|
|
|
- sysv-rc-conf
|
|
|
|
- lzop
|
|
|
|
- vim
|
2014-09-07 15:32:06 +02:00
|
|
|
- lrzip
|
2014-10-05 14:21:47 +02:00
|
|
|
- unzip
|
2017-11-05 00:29:00 +01:00
|
|
|
- apt-transport-https # for https support in apt
|
2014-08-16 23:35:57 +02:00
|
|
|
|
|
|
|
- name: Security hardening (CIS Benchmark 1.0)
|
|
|
|
apt: pkg={{ item }} state=absent purge=yes
|
2018-04-02 14:52:51 +02:00
|
|
|
loop:
|
2014-08-16 23:35:57 +02:00
|
|
|
- whoopsie # CIS 4.1
|
|
|
|
- apport # CIS 4.1
|
|
|
|
|
|
|
|
- name: Remove annoying packages
|
|
|
|
apt: pkg={{ item }} state=absent purge=yes
|
2018-04-02 14:52:51 +02:00
|
|
|
loop:
|
2014-08-16 23:35:57 +02:00
|
|
|
- command-not-found
|
|
|
|
- command-not-found-data
|
|
|
|
- python3-commandnotfound
|
|
|
|
|
2017-10-03 16:46:55 +02:00
|
|
|
- name: Configure cron-apt
|
|
|
|
import_tasks: cron-apt.yml
|
2015-08-22 22:39:22 +02:00
|
|
|
tags: cron-apt
|
2015-05-24 22:55:04 +02:00
|
|
|
|
2017-10-03 16:46:55 +02:00
|
|
|
- name: Install tarsnap
|
|
|
|
import_tasks: tarsnap.yml
|
2017-02-07 16:28:35 +01:00
|
|
|
|
2015-05-24 22:55:04 +02:00
|
|
|
# vim: set sw=2 ts=2:
|