ansible-personal/roles/common/tasks/packages_Ubuntu.yml

50 lines
1.2 KiB
YAML
Raw Normal View History

---
- name: Configure apt mirror
template: src=sources.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644
when: ansible_architecture != 'armv7l'
- name: Add GPG key for Extras repo
2016-08-22 15:30:20 +02:00
apt_key: id=0xC47415DFF48C09645B78609416126D3A3E5C1192 url=https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xC47415DFF48C09645B78609416126D3A3E5C1192 state=present
when: ansible_distribution_version | version_compare('14.04', '==')
- name: Upgrade base OS
apt: upgrade=dist update_cache=yes
- name: Install base packages
apt: pkg={{ item }}
with_items:
- git
- tmux
- iotop
- htop
- strace
- s3cmd
- cron-apt
- safe-rm
- debian-goodies
- mosh
- python-pycurl # for ansible's apt_repository
- sysv-rc-conf
- lzop
- vim
- lrzip
- unzip
- name: Security hardening (CIS Benchmark 1.0)
apt: pkg={{ item }} state=absent purge=yes
with_items:
- whoopsie # CIS 4.1
- apport # CIS 4.1
- name: Remove annoying packages
apt: pkg={{ item }} state=absent purge=yes
with_items:
- command-not-found
- command-not-found-data
- python3-commandnotfound
- include: cron-apt.yml
tags: cron-apt
# vim: set sw=2 ts=2: