alanorth/ansible-personal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity

roles/common: Use one task to remove Ubuntu packages

Browse Source 
I had previously been removing some packages for security reasons,
then removing others because they were annoying, and yet *others*
because they were annoying on newer Ubuntus only. It is easier to
just unify these tasks and remove them all in one go.

On older Ubuntus where some packages don't exist the task will just
succeed because the package is absent anyways.
This commit is contained in:
Alan Orth 2018-12-20 09:54:46 +02:00
parent a15faabe32
commit 6aed22b633
Signed by: alanorth
GPG Key ID: 0FB860CC9C45B1B9
1 changed files with 14 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
roles/common/tasks/packages_Ubuntu.yml
View File

@ -30,32 +30,24 @@
- name: Install base packages - name: Install base packages
apt: pkg={{ ubuntu_base_packages }} state=present update_cache=yes cache_valid_time=3600 apt: pkg={{ ubuntu_base_packages }} state=present update_cache=yes cache_valid_time=3600
- name: Security hardening (CIS Benchmark 1.0)
apt: pkg={{ item }} state=absent purge=yes
loop:
- whoopsie # CIS 4.1
- apport # CIS 4.1
- name: Set fact for annoying packages - name: Set fact for packages to remove
set_fact: set_fact:
ubuntu_annoying_packages: ubuntu_annoying_packages:
- command-not-found - whoopsie # security (CIS 4.1)
- command-not-found-data - apport # security (CIS 4.1)
- python3-commandnotfound - command-not-found # annoying
- command-not-found-data # annoying
- python3-commandnotfound # annoying
- snapd # annoying (Ubuntu >= 16.04)
- lxd # annoying (Ubuntu >= 16.04)
- lxd-client # annoying (Ubuntu >= 16.04)
- liblxc1 # annoying (Ubuntu >= 16.04)
- lxc-common # annoying (Ubuntu >= 16.04)
- lxcfs #annoying (Ubuntu >= 16.04)
- name: Set fact for more annoying packages - name: Remove packages
set_fact: apt: name={{ ubuntu_annoying_packages }} state=absent purge=yes
ubuntu_more_annoying_packages:
- snapd
- lxd
- lxd-client
- liblxc1
- lxc-common
- lxcfs
when: ansible_distribution_version is version_compare('16.04', '>=')
- name: Remove more annoying packages
apt: name={{ ubuntu_annoying_packages | union(ubuntu_more_annoying_packages) }} state=absent purge=yes
- name: Configure cron-apt - name: Configure cron-apt
import_tasks: cron-apt.yml import_tasks: cron-apt.yml