2014-08-17 00:35:57 +03:00
# not needed on OpenStack images...
#- name: Set hostname
# hostname: name={{ inventory_hostname }}
# tags: hostname
#- name: Add hostname to /etc/hosts
# lineinfile: dest=/etc/hosts insertafter=^ line=' {{ inventory_hostname }}'
# tags: hostname
- include: packages_Ubuntu.yml
2015-03-15 17:29:41 +03:00
when: ansible_distribution == 'Ubuntu'
2014-08-17 00:35:57 +03:00
tags: packages
- include: iptables_Debian.yml
when: ansible_os_family == 'Debian'
2015-03-15 17:33:48 +03:00
tags: firewall
2014-08-17 00:35:57 +03:00
- name: Reconfigure /etc/ssh/sshd_config
template: src=sshd_config_{{ansible_distribution}}-{{ansible_distribution_version}}.j2 dest=/etc/ssh/sshd_config owner=root group=root mode=0600
2015-03-15 17:31:29 +03:00
- restart sshd
2014-08-17 00:35:57 +03:00
tags: sshd
2015-01-20 16:28:06 +03:00
- name: Remove DSA and ECDSA host keys
file: name=/etc/ssh/{{ item }} state=absent
- ssh_host_dsa_key
- ssh_host_dsa_key.pub
- ssh_host_ecdsa_key
- ssh_host_ecdsa_key.pub
- restart sshd
tags: sshd
2014-08-17 00:35:57 +03:00
- name: Reconfigure /etc/sysctl.conf
template: src=sysctl_{{ ansible_distribution }}.j2 dest=/etc/sysctl.conf owner=root group=root mode=0644
2015-03-15 17:31:29 +03:00
- reload sysctl
2014-08-17 00:35:57 +03:00
tags: sysctl
- name: Reconfigure /etc/rc.local
2015-03-15 17:43:21 +03:00
when: ansible_distribution == 'Ubuntu'
2014-08-17 00:35:57 +03:00
template: src=rc.local_{{ ansible_distribution }}.j2 dest=/etc/rc.local owner=root group=root mode=0755
2015-03-15 17:52:05 +03:00
- name: Set I/O scheduler
template: src=etc/udev/rules.d/60-scheduler.rules.j2 dest=/etc/udev/rules.d/60-scheduler.rules owner=root group=root mode=0644
tags: udev
2014-10-11 12:13:45 +03:00
- include: ssh-keys.yml
tags: ssh-keys
2014-08-17 00:35:57 +03:00
# vim: set sw=2 ts=2: