alanorth/ansible-personal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity

Compare commits

base: alanorth:37e148d00931a567977d13e4bd4f199c64ddad2f
Branches Tags
alanorth:master alanorth:debian13 alanorth:alpine
...
compare: alanorth:9357265d278c0b3bcacc95e1ad1eba06a87cdab8
Branches Tags
alanorth:debian13 alanorth:master alanorth:alpine

5 Commits
37e148d009 ... 9357265d27

Author SHA1 Message Date
Alan Orth
9357265d27 roles/common: use ansible.builtin.apt module 2025-09-21 22:00:39 +03:00
Alan Orth
dd62266340 roles/common: update comment in ntp task 2025-09-21 21:58:11 +03:00
Alan Orth
a1bec20824 roles/common: simplify when logic in ntp task 2025-09-21 21:57:34 +03:00
Alan Orth
8e91c44529 roles/common: fix syntax error in npt when 2025-09-21 21:56:15 +03:00
Alan Orth
02d4135c79 roles/common: adjust ntp task 
On Debian 12 we need to explicitly remove ntp because it does not
conflict with other time daemons.
 2025-09-21 21:55:09 +03:00
3 changed files with 10 additions and 8 deletions
Expand all files Collapse all files

2
roles/common/tasks/fail2ban.yml
View File

@@ -1,7 +1,7 @@
---
- name: Install fail2ban
when: ansible_distribution_major_version is version('11', '>=')
ansible.builtin.package:
ansible.builtin.apt:
name:
- fail2ban
- python3-systemd

2
roles/common/tasks/firewall.yml
View File

@@ -3,7 +3,7 @@
- name: Install Debian firewall packages
when: ansible_distribution_major_version is version('11', '>=')
ansible.builtin.package:
ansible.builtin.apt:
name: nftables
state: present
cache_valid_time: 3600

14
roles/common/tasks/ntp.yml
View File

@@ -12,11 +12,9 @@
# Apparently some cloud images don't have this installed by default. From what
# I can see on existing servers, systemd-timesyncd is a standalone package on
# Debian 11.
# Debian 11 and Debian 12.
- name: Install systemd-timesyncd
when:
- ansible_distribution == 'Debian'
- ansible_distribution_version is version('11', '>='))
when: ansible_distribution_version is version('11', '>=')
ansible.builtin.apt:
name: systemd-timesyncd
state: present
@@ -29,8 +27,12 @@
state: started
enabled: true
- name: Uninstall ntp on modern Debian
when: ansible_service_mgr == 'systemd'
# On Debian 12 ntp doesn't conflict with systemd-timesyncd so we should try to
# remove it to be sure.
- name: Uninstall ntp on Debian 12
when:
- ansible_service_mgr == 'systemd'
- ansible_distribution_major_version is version('12', '==')
ansible.builtin.apt:
name: ntp
state: absent