roles/common: fix unnamed blocks
This commit is contained in:
parent
587bd6dcdd
commit
fc0fcc5742
@ -1,41 +1,42 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- block:
|
- name: Configure Debian packages
|
||||||
- name: Configure apt mirror
|
block:
|
||||||
ansible.builtin.template: src=sources.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644
|
- name: Configure apt mirror
|
||||||
when: ansible_architecture != 'armv7l'
|
ansible.builtin.template: src=sources.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644
|
||||||
|
when: ansible_architecture != 'armv7l'
|
||||||
|
|
||||||
- name: Set fact for base packages
|
- name: Set fact for base packages
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
base_packages:
|
base_packages:
|
||||||
- git
|
- git
|
||||||
- git-lfs
|
- git-lfs
|
||||||
- tmux
|
- tmux
|
||||||
- iotop
|
- iotop
|
||||||
- htop
|
- htop
|
||||||
- strace
|
- strace
|
||||||
- cron-apt
|
- cron-apt
|
||||||
- safe-rm
|
- safe-rm
|
||||||
- debian-goodies
|
- debian-goodies
|
||||||
- mosh
|
- mosh
|
||||||
- python3-pycurl # for ansible's apt_repository
|
- python3-pycurl # for ansible's apt_repository
|
||||||
- vim
|
- vim
|
||||||
- unzip
|
- unzip
|
||||||
- apt-transport-https # for https support in apt
|
- apt-transport-https # for https support in apt
|
||||||
- gnupg2
|
- gnupg2
|
||||||
- zstd
|
- zstd
|
||||||
- rsync
|
- rsync
|
||||||
- lsof
|
- lsof
|
||||||
|
|
||||||
- name: Install base packages
|
- name: Install base packages
|
||||||
ansible.builtin.apt: name={{ base_packages }} state=present cache_valid_time=3600
|
ansible.builtin.apt: name={{ base_packages }} state=present cache_valid_time=3600
|
||||||
|
|
||||||
- name: Configure cron-apt
|
- name: Configure cron-apt
|
||||||
ansible.builtin.import_tasks: cron-apt.yml
|
ansible.builtin.import_tasks: cron-apt.yml
|
||||||
tags: cron-apt
|
tags: cron-apt
|
||||||
|
|
||||||
- name: Install tarsnap
|
- name: Install tarsnap
|
||||||
ansible.builtin.import_tasks: tarsnap.yml
|
ansible.builtin.import_tasks: tarsnap.yml
|
||||||
tags: packages
|
tags: packages
|
||||||
|
|
||||||
# vim: set sw=2 ts=2:
|
# vim: set sw=2 ts=2:
|
||||||
|
@ -1,108 +1,109 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- block:
|
- name: Configure Ubuntu packages
|
||||||
- name: Configure apt mirror
|
block:
|
||||||
ansible.builtin.template: src=sources.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644
|
- name: Configure apt mirror
|
||||||
when: ansible_architecture != 'armv7l'
|
ansible.builtin.template: src=sources.list.j2 dest=/etc/apt/sources.list owner=root group=root mode=0644
|
||||||
|
when: ansible_architecture != 'armv7l'
|
||||||
|
|
||||||
- name: Upgrade base OS
|
- name: Upgrade base OS
|
||||||
ansible.builtin.apt: upgrade=dist cache_valid_time=3600
|
ansible.builtin.apt: upgrade=dist cache_valid_time=3600
|
||||||
|
|
||||||
- name: Set Ubuntu base packages
|
- name: Set Ubuntu base packages
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
ubuntu_base_packages:
|
ubuntu_base_packages:
|
||||||
- git
|
- git
|
||||||
- git-lfs
|
- git-lfs
|
||||||
- tmux
|
- tmux
|
||||||
- iotop
|
- iotop
|
||||||
- htop
|
- htop
|
||||||
- strace
|
- strace
|
||||||
- cron-apt
|
- cron-apt
|
||||||
- safe-rm
|
- safe-rm
|
||||||
- debian-goodies
|
- debian-goodies
|
||||||
- mosh
|
- mosh
|
||||||
- python-pycurl # for ansible's apt_repository
|
- python-pycurl # for ansible's apt_repository
|
||||||
- vim
|
- vim
|
||||||
- unzip
|
- unzip
|
||||||
- apt-transport-https # for https support in apt
|
- apt-transport-https # for https support in apt
|
||||||
- zstd
|
- zstd
|
||||||
- rsync
|
- rsync
|
||||||
- lsof
|
- lsof
|
||||||
|
|
||||||
- name: Install base packages
|
- name: Install base packages
|
||||||
ansible.builtin.apt: pkg={{ ubuntu_base_packages }} state=present cache_valid_time=3600
|
ansible.builtin.apt: pkg={{ ubuntu_base_packages }} state=present cache_valid_time=3600
|
||||||
|
|
||||||
# We have to remove snaps one by one in a specific order because some depend
|
# We have to remove snaps one by one in a specific order because some depend
|
||||||
# on others. Only after that can we remove the corresponding system packages.
|
# on others. Only after that can we remove the corresponding system packages.
|
||||||
- name: Remove lxd snap
|
- name: Remove lxd snap
|
||||||
community.general.snap: name=lxd state=absent
|
community.general.snap: name=lxd state=absent
|
||||||
when: ansible_distribution_version is version('20.04', '==')
|
when: ansible_distribution_version is version('20.04', '==')
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
|
|
||||||
- name: Remove core18 snap
|
- name: Remove core18 snap
|
||||||
community.general.snap: name=core18 state=absent
|
community.general.snap: name=core18 state=absent
|
||||||
when: ansible_distribution_version is version('20.04', '==')
|
when: ansible_distribution_version is version('20.04', '==')
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
|
|
||||||
- name: Remove snapd snap
|
- name: Remove snapd snap
|
||||||
community.general.snap: name=snapd state=absent
|
community.general.snap: name=snapd state=absent
|
||||||
when: ansible_distribution_version is version('20.04', '==')
|
when: ansible_distribution_version is version('20.04', '==')
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
|
|
||||||
- name: Set fact for packages to remove (Ubuntu <= 18.04)
|
- name: Set fact for packages to remove (Ubuntu <= 18.04)
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
ubuntu_annoying_packages:
|
ubuntu_annoying_packages:
|
||||||
- whoopsie # security (CIS 4.1)
|
- whoopsie # security (CIS 4.1)
|
||||||
- apport # security (CIS 4.1)
|
- apport # security (CIS 4.1)
|
||||||
- command-not-found # annoying
|
- command-not-found # annoying
|
||||||
- command-not-found-data # annoying
|
- command-not-found-data # annoying
|
||||||
- python3-commandnotfound # annoying
|
- python3-commandnotfound # annoying
|
||||||
- snapd # annoying (Ubuntu >= 16.04)
|
- snapd # annoying (Ubuntu >= 16.04)
|
||||||
- lxd # annoying (Ubuntu >= 16.04)
|
- lxd # annoying (Ubuntu >= 16.04)
|
||||||
- lxd-client # annoying (Ubuntu >= 16.04)
|
- lxd-client # annoying (Ubuntu >= 16.04)
|
||||||
- liblxc1 # annoying (Ubuntu >= 16.04)
|
- liblxc1 # annoying (Ubuntu >= 16.04)
|
||||||
- lxc-common # annoying (Ubuntu >= 16.04)
|
- lxc-common # annoying (Ubuntu >= 16.04)
|
||||||
- lxcfs #annoying (Ubuntu >= 16.04)
|
- lxcfs #annoying (Ubuntu >= 16.04)
|
||||||
when: ansible_distribution_version is version('18.04', '<=')
|
when: ansible_distribution_version is version('18.04', '<=')
|
||||||
|
|
||||||
- name: Set fact for packages to remove (Ubuntu 20.04)
|
- name: Set fact for packages to remove (Ubuntu 20.04)
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
ubuntu_annoying_packages:
|
ubuntu_annoying_packages:
|
||||||
- whoopsie # security (CIS 4.1)
|
- whoopsie # security (CIS 4.1)
|
||||||
- apport # security (CIS 4.1)
|
- apport # security (CIS 4.1)
|
||||||
- command-not-found # annoying
|
- command-not-found # annoying
|
||||||
- command-not-found-data # annoying
|
- command-not-found-data # annoying
|
||||||
- python3-commandnotfound # annoying
|
- python3-commandnotfound # annoying
|
||||||
- snapd # annoying (Ubuntu >= 16.04)
|
- snapd # annoying (Ubuntu >= 16.04)
|
||||||
- lxd-agent-loader # annoying (Ubuntu 20.04)
|
- lxd-agent-loader # annoying (Ubuntu 20.04)
|
||||||
when: ansible_distribution_version is version('20.04', '==')
|
when: ansible_distribution_version is version('20.04', '==')
|
||||||
|
|
||||||
- name: Remove packages
|
- name: Remove packages
|
||||||
ansible.builtin.apt: name={{ ubuntu_annoying_packages }} state=absent purge=yes
|
ansible.builtin.apt: name={{ ubuntu_annoying_packages }} state=absent purge=yes
|
||||||
|
|
||||||
- name: Disable annoying Canonical spam in MOTD
|
- name: Disable annoying Canonical spam in MOTD
|
||||||
ansible.builtin.file: path={{ item }} mode=0644 state=absent
|
ansible.builtin.file: path={{ item }} mode=0644 state=absent
|
||||||
loop:
|
loop:
|
||||||
- /etc/update-motd.d/99-esm # Ubuntu 14.04
|
- /etc/update-motd.d/99-esm # Ubuntu 14.04
|
||||||
- /etc/update-motd.d/10-help-text # Ubuntu 14.04+
|
- /etc/update-motd.d/10-help-text # Ubuntu 14.04+
|
||||||
- /etc/update-motd.d/50-motd-news # Ubuntu 18.04+
|
- /etc/update-motd.d/50-motd-news # Ubuntu 18.04+
|
||||||
- /etc/update-motd.d/80-esm # Ubuntu 18.04+
|
- /etc/update-motd.d/80-esm # Ubuntu 18.04+
|
||||||
- /etc/update-motd.d/80-livepatch # Ubuntu 18.04+
|
- /etc/update-motd.d/80-livepatch # Ubuntu 18.04+
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
|
|
||||||
- name: Disable annoying Canonical spam in MOTD
|
- name: Disable annoying Canonical spam in MOTD
|
||||||
ansible.builtin.systemd: name={{ item }} state=stopped enabled=no
|
ansible.builtin.systemd: name={{ item }} state=stopped enabled=no
|
||||||
when: ansible_service_mgr == 'systemd'
|
when: ansible_service_mgr == 'systemd'
|
||||||
loop:
|
loop:
|
||||||
- motd-news.service
|
- motd-news.service
|
||||||
- motd-news.timer
|
- motd-news.timer
|
||||||
|
|
||||||
- name: Configure cron-apt
|
- name: Configure cron-apt
|
||||||
ansible.builtin.import_tasks: cron-apt.yml
|
ansible.builtin.import_tasks: cron-apt.yml
|
||||||
tags: cron-apt
|
tags: cron-apt
|
||||||
|
|
||||||
- name: Install tarsnap
|
- name: Install tarsnap
|
||||||
ansible.builtin.import_tasks: tarsnap.yml
|
ansible.builtin.import_tasks: tarsnap.yml
|
||||||
tags: packages
|
tags: packages
|
||||||
|
|
||||||
# vim: set sw=2 ts=2:
|
# vim: set sw=2 ts=2:
|
||||||
|
Loading…
Reference in New Issue
Block a user