roles/common: Use dynamic include_tasks for packages
Basically, when using conditionals or variables in your tasks you should use include_tasks instead of import_tasks. The down side is that you now need to tag all included tasks individually or with a block, unlike when using static imports (tags are applied to all imported child tasks). I would actually like to reduce this task to a single one that uses the host's ansible_distribution variable, but Ansible 2.5.1 currently gives the following error: ansible_distribution is undefined.
This commit is contained in:
parent
9445541f51
commit
8b660dcfbe
GPG Key ID:
0FB860CC9C45B1B9
|
|
@ -8,12 +8,12 @@
|
|||
tags: ntp
|
||||
|
||||
- name: Install common packages
|
||||
import_tasks: packages_Debian.yml
|
||||
include_tasks: packages_Debian.yml
|
||||
when: ansible_distribution == 'Debian'
|
||||
tags: packages
|
||||
|
||||
- name: Install common packages
|
||||
import_tasks: packages_Ubuntu.yml
|
||||
include_tasks: packages_Ubuntu.yml
|
||||
when: ansible_distribution == 'Ubuntu'
|
||||
tags: packages
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
- name: Configure apt mirror
|
||||
template: src=sources.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644
|
||||
tags: packages
|
||||
|
||||
- name: Install base packages
|
||||
apt: name={{ item }} update_cache=yes
|
||||
|
|
@ -20,6 +21,7 @@
|
|||
- lrzip
|
||||
- unzip
|
||||
- apt-transport-https # for https support in apt
|
||||
tags: packages
|
||||
|
||||
- name: Configure cron-apt
|
||||
import_tasks: cron-apt.yml
|
||||
|
|
@ -27,5 +29,6 @@
|
|||
|
||||
- name: Install tarsnap
|
||||
import_tasks: tarsnap.yml
|
||||
tags: packages
|
||||
|
||||
# vim: set sw=2 ts=2:
|
||||
|
|
|
|||
|
|
@ -2,9 +2,11 @@
|
|||
- name: Configure apt mirror
|
||||
template: src=sources.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644
|
||||
when: ansible_architecture != 'armv7l'
|
||||
tags: packages
|
||||
|
||||
- name: Upgrade base OS
|
||||
apt: upgrade=dist update_cache=yes
|
||||
tags: packages
|
||||
|
||||
- name: Install base packages
|
||||
apt: pkg={{ item }}
|
||||
|
|
@ -25,12 +27,14 @@
|
|||
- lrzip
|
||||
- unzip
|
||||
- apt-transport-https # for https support in apt
|
||||
tags: packages
|
||||
|
||||
- name: Security hardening (CIS Benchmark 1.0)
|
||||
apt: pkg={{ item }} state=absent purge=yes
|
||||
loop:
|
||||
- whoopsie # CIS 4.1
|
||||
- apport # CIS 4.1
|
||||
tags: packages
|
||||
|
||||
- name: Remove annoying packages
|
||||
apt: pkg={{ item }} state=absent purge=yes
|
||||
|
|
@ -38,6 +42,7 @@
|
|||
- command-not-found
|
||||
- command-not-found-data
|
||||
- python3-commandnotfound
|
||||
tags: packages
|
||||
|
||||
- name: Configure cron-apt
|
||||
import_tasks: cron-apt.yml
|
||||
|
|
@ -45,5 +50,6 @@
|
|||
|
||||
- name: Install tarsnap
|
||||
import_tasks: tarsnap.yml
|
||||
tags: packages
|
||||
|
||||
# vim: set sw=2 ts=2:
|
||||
|
|
|
|||
Loading…
Reference in New Issue