Alan Orth
ab27caf877
Use dynamic includes instead of static imports when you are running tasks conditionally or using variable interpolation. The down side is that you need to then tag the parent task as well as all child tasks, as tags only apply to children of statically imported tasks.
55 lines
1.5 KiB
YAML
55 lines
1.5 KiB
YAML
---
|
|
- name: Import OS-specific variables
|
|
include_vars: "vars/{{ ansible_distribution }}.yml"
|
|
tags: always
|
|
|
|
- name: Configure network time
|
|
import_tasks: ntp.yml
|
|
tags: ntp
|
|
|
|
- name: Install common packages
|
|
include_tasks: packages_Debian.yml
|
|
when: ansible_distribution == 'Debian'
|
|
tags: packages
|
|
|
|
- name: Install common packages
|
|
include_tasks: packages_Ubuntu.yml
|
|
when: ansible_distribution == 'Ubuntu'
|
|
tags: packages
|
|
|
|
- name: Configure firewall
|
|
include_tasks: firewall_Debian.yml
|
|
when: ansible_distribution == 'Debian'
|
|
tags: firewall
|
|
|
|
- name: Configure firewall
|
|
include_tasks: firewall_Ubuntu.yml
|
|
when: ansible_distribution == 'Ubuntu'
|
|
tags: firewall
|
|
|
|
- name: Configure secure shell daemon
|
|
import_tasks: sshd.yml
|
|
tags: sshd
|
|
|
|
# containers identify as virtualization hosts, which makes this tricky, because we have actual Debian VM hosts!
|
|
- name: Reconfigure /etc/sysctl.conf
|
|
when: ansible_virtualization_role != 'host'
|
|
template: src=sysctl_{{ ansible_distribution }}.j2 dest=/etc/sysctl.conf owner=root group=root mode=0644
|
|
notify:
|
|
- reload sysctl
|
|
tags: sysctl
|
|
|
|
- name: Reconfigure /etc/rc.local
|
|
when: ansible_distribution == 'Ubuntu'
|
|
template: src=rc.local_Ubuntu.j2 dest=/etc/rc.local owner=root group=root mode=0755
|
|
|
|
- name: Set I/O scheduler
|
|
template: src=etc/udev/rules.d/60-scheduler.rules.j2 dest=/etc/udev/rules.d/60-scheduler.rules owner=root group=root mode=0644
|
|
tags: udev
|
|
|
|
- name: Copy admin SSH keys
|
|
import_tasks: ssh-keys.yml
|
|
tags: ssh-keys
|
|
|
|
# vim: set sw=2 ts=2:
|