alanorth/ansible-personal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity

Compare commits

base: alanorth:37e148d00931a567977d13e4bd4f199c64ddad2f
Branches Tags
alanorth:master alanorth:debian13 alanorth:alpine
..
compare: alanorth:9357265d278c0b3bcacc95e1ad1eba06a87cdab8
Branches Tags
alanorth:debian13 alanorth:master alanorth:alpine

5 Commits
37e148d009 ... 9357265d27

Author SHA1 Message Date
Alan Orth
9357265d27 roles/common: use ansible.builtin.apt module 2025-09-21 22:00:39 +03:00
Alan Orth
dd62266340 roles/common: update comment in ntp task 2025-09-21 21:58:11 +03:00
Alan Orth
a1bec20824 roles/common: simplify when logic in ntp task 2025-09-21 21:57:34 +03:00
Alan Orth
8e91c44529 roles/common: fix syntax error in npt when 2025-09-21 21:56:15 +03:00
Alan Orth
02d4135c79 roles/common: adjust ntp task 
On Debian 12 we need to explicitly remove ntp because it does not
conflict with other time daemons.
 2025-09-21 21:55:09 +03:00
3 changed files with 10 additions and 8 deletions
Expand all files Collapse all files

2
roles/common/tasks/fail2ban.yml
View File

@@ -1,7 +1,7 @@
--- ---
- name: Install fail2ban - name: Install fail2ban
when: ansible_distribution_major_version is version('11', '>=') when: ansible_distribution_major_version is version('11', '>=')
ansible.builtin.package: ansible.builtin.apt:
name: name:
- fail2ban - fail2ban
- python3-systemd - python3-systemd

2
roles/common/tasks/firewall.yml
View File

@@ -3,7 +3,7 @@
- name: Install Debian firewall packages - name: Install Debian firewall packages
when: ansible_distribution_major_version is version('11', '>=') when: ansible_distribution_major_version is version('11', '>=')
ansible.builtin.package: ansible.builtin.apt:
name: nftables name: nftables
state: present state: present
cache_valid_time: 3600 cache_valid_time: 3600

14
roles/common/tasks/ntp.yml
View File

@@ -12,11 +12,9 @@
# Apparently some cloud images don't have this installed by default. From what # Apparently some cloud images don't have this installed by default. From what
# I can see on existing servers, systemd-timesyncd is a standalone package on # I can see on existing servers, systemd-timesyncd is a standalone package on
# Debian 11. # Debian 11 and Debian 12.
- name: Install systemd-timesyncd - name: Install systemd-timesyncd
when: when: ansible_distribution_version is version('11', '>=')
- ansible_distribution == 'Debian'
- ansible_distribution_version is version('11', '>='))
ansible.builtin.apt: ansible.builtin.apt:
name: systemd-timesyncd name: systemd-timesyncd
state: present state: present
@@ -29,8 +27,12 @@
state: started state: started
enabled: true enabled: true
- name: Uninstall ntp on modern Debian # On Debian 12 ntp doesn't conflict with systemd-timesyncd so we should try to
when: ansible_service_mgr == 'systemd' # remove it to be sure.
- name: Uninstall ntp on Debian 12
when:
- ansible_service_mgr == 'systemd'
- ansible_distribution_major_version is version('12', '==')
ansible.builtin.apt: ansible.builtin.apt:
name: ntp name: ntp
state: absent state: absent