mirror of
https://codeberg.org/hyperreal/ansible-homelab
synced 2024-11-01 16:43:09 +01:00
166 lines
4.3 KiB
YAML
166 lines
4.3 KiB
YAML
---
|
|
- name: Setup homelab basics for DietPi systems
|
|
hosts: homelab
|
|
become: true
|
|
tasks:
|
|
- name: Update apt cache
|
|
ansible.builtin.apt:
|
|
cache_valid_time: 1200
|
|
|
|
- name: Update cache and all packages
|
|
register: updatesys
|
|
ansible.builtin.apt:
|
|
upgrade: dist
|
|
update_cache: true
|
|
|
|
- name: Display the last line of the previous task to check the stats
|
|
ansible.builtin.debug:
|
|
msg: "{{updatesys.stdout_lines|last}}"
|
|
|
|
- name: Install basic packages
|
|
ansible.builtin.apt:
|
|
update_cache: true
|
|
name:
|
|
- apt-file
|
|
- apt-listchanges
|
|
- apt-utils
|
|
- atop
|
|
- autoconf
|
|
- automake
|
|
- build-essential
|
|
- byobu
|
|
- clamav
|
|
- clamav-daemon
|
|
- clamav-freshclam
|
|
- cmake
|
|
- curl
|
|
- firewalld
|
|
- git
|
|
- glances
|
|
- htop
|
|
- httpie
|
|
- ifplugd
|
|
- iotop
|
|
- less
|
|
- libpam-systemd
|
|
- lynis
|
|
- man-db
|
|
- manpages
|
|
- nfs-common
|
|
- nmon
|
|
- pipx
|
|
- python3-dev
|
|
- python3-pip
|
|
- rkhunter
|
|
- rsync
|
|
- unattended-upgrades
|
|
- vim
|
|
- wget
|
|
- zsh
|
|
state: present
|
|
|
|
- name: Unmask systemd-logind
|
|
ansible.builtin.systemd_service:
|
|
name: systemd-logind
|
|
enabled: true
|
|
masked: no
|
|
|
|
- name: Configure ifplugd for eth0 interface
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/default/ifplugd
|
|
search_string: "INTERFACES="
|
|
line: 'INTERFACES="eth0"'
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
|
|
- name: Ensure ifplugd service is enabled
|
|
ansible.builtin.systemd_service:
|
|
name: ifplugd
|
|
enabled: true
|
|
|
|
- name: Ensure systemd-networkd is enabled
|
|
ansible.builtin.systemd_service:
|
|
name: systemd-networkd
|
|
enabled: true
|
|
|
|
- name: Ensure clamav-daemon is enabled
|
|
ansible.builtin.systemd_service:
|
|
name: clamav-daemon
|
|
enabled: true
|
|
|
|
- name: Ensure clamav-freshclam is enabled
|
|
ansible.builtin.systemd_service:
|
|
name: clamav-freshclam
|
|
enabled: true
|
|
|
|
- name: Ensure man-db.timer is enabled
|
|
ansible.builtin.systemd_service:
|
|
name: man-db.timer
|
|
enabled: true
|
|
|
|
- name: Configure systemd-networkd for eth0 interface
|
|
ansible.builtin.blockinfile:
|
|
path: /etc/systemd/network/eth0.network
|
|
create: true
|
|
block: |
|
|
[Match]
|
|
Name=eth0
|
|
|
|
[Network]
|
|
DHCP=yes
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
|
|
- name: Configure unattended-upgrades mail user
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/apt/apt.conf.d/50unattended-upgrades
|
|
search_string: "//Unattended-Upgrade::Mail"
|
|
line: 'Unattended-Upgrade::Mail "dietpi";'
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
|
|
- name: Configure unattended-upgrades automatic reboot
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/apt/apt.conf.d/50unattended-upgrades
|
|
search_string: "//Unattended-Upgrade::Automatic-Reboot"
|
|
line: 'Unattended-Upgrade::Automatic-Reboot "true";'
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
|
|
- name: Disable apt downloading translations
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/apt/apt.conf.d/99translations
|
|
create: true
|
|
line: 'Acquire::Languages "none";'
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
|
|
- name: Set the shell to zsh for dietpi user
|
|
ansible.builtin.user:
|
|
name: dietpi
|
|
shell: /usr/bin/zsh
|
|
|
|
- name: Check if reboot is required
|
|
ansible.builtin.stat:
|
|
path: /var/run/reboot-required
|
|
register: reboot_required
|
|
|
|
- name: Set is_reboot_required fact
|
|
ansible.builtin.set_fact:
|
|
is_reboot_required: "{{ True if reboot_required.stat.exists else False }}"
|
|
|
|
- name: Reboot is needed
|
|
ansible.builtin.reboot:
|
|
reboot_timeout: 120
|
|
when: is_reboot_required | bool
|
|
|
|
- name: Post-reboot confirmation
|
|
ansible.builtin.debug:
|
|
msg: "{{ ansible_host }} is now back up and running"
|
|
when: is_reboot_required | bool
|