Alan Orth
d3a6e71ab8
The `timedatectl set-ntp on` command is actually just enabling the systemd service anyways, so it's better we use Ansible's service module.
59 lines
1.6 KiB
YAML
59 lines
1.6 KiB
YAML
---
|
|
# not needed on OpenStack images...
|
|
#- name: Set hostname
|
|
# hostname: name={{ inventory_hostname }}
|
|
# tags: hostname
|
|
#
|
|
#- name: Add hostname to /etc/hosts
|
|
# lineinfile: dest=/etc/hosts insertafter=^127.0.0.1 line='127.0.1.1 {{ inventory_hostname }}'
|
|
# tags: hostname
|
|
|
|
- name: Set timezone
|
|
when: timezone is defined
|
|
command: /usr/bin/timedatectl set-timezone {{ timezone }}
|
|
tags: timezone
|
|
|
|
- name: Enable NTP
|
|
service: name=systemd-timesyncd enabled=yes
|
|
tags: ntp
|
|
|
|
- include: packages_Ubuntu.yml
|
|
when: ansible_distribution == 'Ubuntu'
|
|
tags: packages
|
|
|
|
- include: packages_Debian.yml
|
|
when: ansible_distribution == 'Debian'
|
|
tags: packages
|
|
|
|
- include: iptables_Ubuntu.yml
|
|
when: ansible_distribution == 'Ubuntu'
|
|
tags: firewall
|
|
|
|
- include: iptables_Debian.yml
|
|
when: ansible_distribution == 'Debian'
|
|
tags: firewall
|
|
|
|
- include: sshd.yml
|
|
tags: sshd
|
|
|
|
# containers identify as virtualization hosts, which makes this tricky, because we have actual Debian VM hosts!
|
|
- name: Reconfigure /etc/sysctl.conf
|
|
when: ansible_virtualization_role != 'host'
|
|
template: src=sysctl_{{ ansible_distribution }}.j2 dest=/etc/sysctl.conf owner=root group=root mode=0644
|
|
notify:
|
|
- reload sysctl
|
|
tags: sysctl
|
|
|
|
- name: Reconfigure /etc/rc.local
|
|
when: ansible_distribution == 'Ubuntu'
|
|
template: src=rc.local_{{ ansible_distribution }}.j2 dest=/etc/rc.local owner=root group=root mode=0755
|
|
|
|
- name: Set I/O scheduler
|
|
template: src=etc/udev/rules.d/60-scheduler.rules.j2 dest=/etc/udev/rules.d/60-scheduler.rules owner=root group=root mode=0644
|
|
tags: udev
|
|
|
|
- include: ssh-keys.yml
|
|
tags: ssh-keys
|
|
|
|
# vim: set sw=2 ts=2:
|