Alan Orth
19f5b60cb7
We aren't managing the provisioning user anymore, it is just assumed to be there. Signed-off-by: Alan Orth <alan.orth@gmail.com>
53 lines
1.5 KiB
YAML
53 lines
1.5 KiB
YAML
---
|
|
# not needed on OpenStack images...
|
|
#- name: Set hostname
|
|
# hostname: name={{ inventory_hostname }}
|
|
# tags: hostname
|
|
#
|
|
#- name: Add hostname to /etc/hosts
|
|
# lineinfile: dest=/etc/hosts insertafter=^127.0.0.1 line='127.0.1.1 {{ inventory_hostname }}'
|
|
# tags: hostname
|
|
|
|
- include: packages_Ubuntu.yml
|
|
when: "ansible_distribution == 'Ubuntu'"
|
|
tags: packages
|
|
|
|
- include: iptables_Debian.yml
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Reconfigure /etc/ssh/sshd_config
|
|
template: src=sshd_config_{{ansible_distribution}}-{{ansible_distribution_version}}.j2 dest=/etc/ssh/sshd_config owner=root group=root mode=0600
|
|
notify:
|
|
- restart sshd
|
|
tags: sshd
|
|
|
|
- name: Remove DSA and ECDSA host keys
|
|
file: name=/etc/ssh/{{ item }} state=absent
|
|
with_items:
|
|
- ssh_host_dsa_key
|
|
- ssh_host_dsa_key.pub
|
|
- ssh_host_ecdsa_key
|
|
- ssh_host_ecdsa_key.pub
|
|
notify:
|
|
- restart sshd
|
|
tags: sshd
|
|
|
|
- name: Reconfigure /etc/sysctl.conf
|
|
template: src=sysctl_{{ ansible_distribution }}.j2 dest=/etc/sysctl.conf owner=root group=root mode=0644
|
|
notify:
|
|
- reload sysctl
|
|
tags: sysctl
|
|
|
|
- name: Reconfigure /etc/rc.local
|
|
when: "ansible_distribution == 'CentOS'"
|
|
template: src=rc.local_{{ ansible_distribution }}.j2 dest=/etc/rc.d/rc.local owner=root group=root mode=0755
|
|
|
|
- name: Reconfigure /etc/rc.local
|
|
when: "ansible_distribution == 'Debian'"
|
|
template: src=rc.local_{{ ansible_distribution }}.j2 dest=/etc/rc.local owner=root group=root mode=0755
|
|
|
|
- include: ssh-keys.yml
|
|
tags: ssh-keys
|
|
|
|
# vim: set sw=2 ts=2:
|