roles/common: Use one task to remove Ubuntu packages

I had previously been removing some packages for security reasons, then removing others because they were annoying, and yet *others* because they were annoying on newer Ubuntus only. It is easier to just unify these tasks and remove them all in one go. On older Ubuntus where some packages don't exist the task will just succeed because the package is absent anyways.
2018-12-20 09:54:46 +02:00 · 2018-12-20 09:54:46 +02:00 · 6aed22b633
parent a15faabe32
commit 6aed22b633
1 changed files with 14 additions and 22 deletions
--- a/roles/common/tasks/packages_Ubuntu.yml
+++ b/roles/common/tasks/packages_Ubuntu.yml
@ -30,32 +30,24 @@
  - name: Install base packages
    apt: pkg={{ ubuntu_base_packages }} state=present update_cache=yes cache_valid_time=3600

-  - name: Security hardening (CIS Benchmark 1.0)
-    apt: pkg={{ item }} state=absent purge=yes
-    loop:
-      - whoopsie # CIS 4.1
-      - apport   # CIS 4.1

-  - name: Set fact for annoying packages
+  - name: Set fact for packages to remove
    set_fact:
      ubuntu_annoying_packages:
-        - command-not-found
-        - command-not-found-data
-        - python3-commandnotfound
+        - whoopsie # security (CIS 4.1)
+        - apport   # security (CIS 4.1)
+        - command-not-found # annoying
+        - command-not-found-data # annoying
+        - python3-commandnotfound # annoying
+        - snapd # annoying (Ubuntu >= 16.04)
+        - lxd # annoying (Ubuntu >= 16.04)
+        - lxd-client # annoying (Ubuntu >= 16.04)
+        - liblxc1 # annoying (Ubuntu >= 16.04)
+        - lxc-common # annoying (Ubuntu >= 16.04)
+        - lxcfs #annoying (Ubuntu >= 16.04)

-  - name: Set fact for more annoying packages
-    set_fact:
-      ubuntu_more_annoying_packages:
-        - snapd
-        - lxd
-        - lxd-client
-        - liblxc1
-        - lxc-common
-        - lxcfs
-    when: ansible_distribution_version is version_compare('16.04', '>=')
-
-  - name: Remove more annoying packages
-    apt: name={{ ubuntu_annoying_packages | union(ubuntu_more_annoying_packages) }} state=absent purge=yes
+  - name: Remove packages
+    apt: name={{ ubuntu_annoying_packages }} state=absent purge=yes

  - name: Configure cron-apt
    import_tasks: cron-apt.yml