alanorth/ansible-personal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity

Compare commits

base: alanorth:ed8cb880382c0f3b4db79889b1d0f21cd40e4749
Branches Tags
alanorth:master alanorth:alpine
...
compare: alanorth:alpine
Branches Tags
alanorth:master alanorth:alpine

5 Commits
ed8cb88038 ... alpine

Author SHA1 Message Date
Alan Orth
4846cbd968 roles/common: Add firewall task for Alpine 2021-02-13 12:18:58 +02:00
Alan Orth
aa63f5946c roles/common: Add TODO about tarsnap on Alpine 2021-02-13 12:18:58 +02:00
Alan Orth
53d574dd12 roles/common: Add Alpine packages 2021-02-13 12:18:58 +02:00
Alan Orth
92c23bc2b5 roles/common: Use chrony for NTP on Alpine 2021-02-13 12:18:58 +02:00
Alan Orth
e93b8af949 Add vars/Alpine.yml 2021-02-13 12:18:58 +02:00
5 changed files with 63 additions and 0 deletions
Expand all files Collapse all files

15
roles/common/tasks/firewall_Alpine.yml Normal file
View File

@ -0,0 +1,15 @@
---
# TODO: configure awall (ipsets?)
# TODO: configure fail2ban
- block:
- name: Set Alpine firewall packages
set_fact:
alpine_firewall_packages:
- awall
- fail2ban
- name: Install Alpine firewall packages
apk: name={{ alpine_firewall_packages }} state=present
# vim: set sw=2 ts=2:

5
roles/common/tasks/main.yml
View File

@ -17,6 +17,11 @@
when: ansible_distribution == 'Ubuntu' when: ansible_distribution == 'Ubuntu'
tags: packages tags: packages
- name: Install common packages
include_tasks: packages_Alpine.yml
when: ansible_distribution == 'Alpine'
tags: packages
- name: Configure firewall - name: Configure firewall
include_tasks: firewall_Debian.yml include_tasks: firewall_Debian.yml
when: ansible_distribution == 'Debian' when: ansible_distribution == 'Debian'

5
roles/common/tasks/ntp.yml
View File

@ -1,6 +1,7 @@
--- ---
# Hosts running Ubuntu 16.04+ and Debian 9+ use systemd init system and should # Hosts running Ubuntu 16.04+ and Debian 9+ use systemd init system and should
# use timedatectl as a network time client instead of the standalone ntp client. # use timedatectl as a network time client instead of the standalone ntp client.
# Alpine can use chrony.
- name: Set timezone - name: Set timezone
when: timezone is defined and ansible_service_mgr == 'systemd' when: timezone is defined and ansible_service_mgr == 'systemd'
@ -15,4 +16,8 @@
apt: name=ntp state=absent update_cache=yes apt: name=ntp state=absent update_cache=yes
when: ansible_service_mgr == 'systemd' when: ansible_service_mgr == 'systemd'
- name: Install chronyd on Alpine
apt: name=chrony state=present
when: ansible_distribution == 'Alpine'
# vim: set ts=2 sw=2: # vim: set ts=2 sw=2:

28
roles/common/tasks/packages_Alpine.yml Normal file
View File

@ -0,0 +1,28 @@
---
# requires: ansible-galaxy collection install community.general
# TODO: configure tarsnap
- block:
- name: Upgrade base OS
apk: upgrade=yes update_cache=yes
- name: Set Alpine base packages
set_fact:
alpine_base_packages:
- git
- tmux
- htop
- strace
- mosh
- vim
- unzip
- zstd
- name: Install Alpine base packages
apk: name={{ alpine_base_packages }} state=present update_cache=yes
#- name: Install tarsnap
# import_tasks: tarsnap.yml
tags: packages
# vim: set sw=2 ts=2:

10
vars/Alpine.yml Normal file
View File

@ -0,0 +1,10 @@
---
# sshd service name is `ssh` on Debian/Ubuntu, but it's
# `sshd` on CentOS and Alpine
sshd_service_name: sshd
# provisioning user vars
provisioning_user: { name: 'provisioning', home: '/home/provisioning' }
# vim: set ts=2 sw=2: