alanorth
/
ansible-personal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity

roles/common: Use dynamic include_tasks for packages 

Basically, when using conditionals or variables in your tasks you should
use include_tasks instead of import_tasks. The down side is that you now
need to tag all included tasks individually or with a block, unlike when
using static imports (tags are applied to all imported child tasks).

I would actually like to reduce this task to a single one that uses the
host's ansible_distribution variable, but Ansible 2.5.1 currently gives
the following error: ansible_distribution is undefined.
This commit is contained in:
Alan Orth 2018-04-25 18:46:28 +03:00
parent 9445541f51
commit 8b660dcfbe
Signed by: alanorth
GPG Key ID: 0FB860CC9C45B1B9
3 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
roles/common/tasks/main.yml
View File

@ -8,12 +8,12 @@
tags: ntp tags: ntp
- name: Install common packages - name: Install common packages
import_tasks: packages_Debian.yml include_tasks: packages_Debian.yml
when: ansible_distribution == 'Debian' when: ansible_distribution == 'Debian'
tags: packages tags: packages
- name: Install common packages - name: Install common packages
import_tasks: packages_Ubuntu.yml include_tasks: packages_Ubuntu.yml
when: ansible_distribution == 'Ubuntu' when: ansible_distribution == 'Ubuntu'
tags: packages tags: packages

3
roles/common/tasks/packages_Debian.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Configure apt mirror - name: Configure apt mirror
template: src=sources.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644 template: src=sources.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644
tags: packages
- name: Install base packages - name: Install base packages
apt: name={{ item }} update_cache=yes apt: name={{ item }} update_cache=yes
@ -20,6 +21,7 @@
- lrzip - lrzip
- unzip - unzip
- apt-transport-https # for https support in apt - apt-transport-https # for https support in apt
tags: packages
- name: Configure cron-apt - name: Configure cron-apt
import_tasks: cron-apt.yml import_tasks: cron-apt.yml
@ -27,5 +29,6 @@
- name: Install tarsnap - name: Install tarsnap
import_tasks: tarsnap.yml import_tasks: tarsnap.yml
tags: packages
# vim: set sw=2 ts=2: # vim: set sw=2 ts=2:

6
roles/common/tasks/packages_Ubuntu.yml
View File

@ -2,9 +2,11 @@
- name: Configure apt mirror - name: Configure apt mirror
template: src=sources.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644 template: src=sources.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644
when: ansible_architecture != 'armv7l' when: ansible_architecture != 'armv7l'
tags: packages
- name: Upgrade base OS - name: Upgrade base OS
apt: upgrade=dist update_cache=yes apt: upgrade=dist update_cache=yes
tags: packages
- name: Install base packages - name: Install base packages
apt: pkg={{ item }} apt: pkg={{ item }}
@ -25,12 +27,14 @@
- lrzip - lrzip
- unzip - unzip
- apt-transport-https # for https support in apt - apt-transport-https # for https support in apt
tags: packages
- name: Security hardening (CIS Benchmark 1.0) - name: Security hardening (CIS Benchmark 1.0)
apt: pkg={{ item }} state=absent purge=yes apt: pkg={{ item }} state=absent purge=yes
loop: loop:
- whoopsie # CIS 4.1 - whoopsie # CIS 4.1
- apport # CIS 4.1 - apport # CIS 4.1
tags: packages
- name: Remove annoying packages - name: Remove annoying packages
apt: pkg={{ item }} state=absent purge=yes apt: pkg={{ item }} state=absent purge=yes
@ -38,6 +42,7 @@
- command-not-found - command-not-found
- command-not-found-data - command-not-found-data
- python3-commandnotfound - python3-commandnotfound
tags: packages
- name: Configure cron-apt - name: Configure cron-apt
import_tasks: cron-apt.yml import_tasks: cron-apt.yml
@ -45,5 +50,6 @@
- name: Install tarsnap - name: Install tarsnap
import_tasks: tarsnap.yml import_tasks: tarsnap.yml
tags: packages
# vim: set sw=2 ts=2: # vim: set sw=2 ts=2: