Something went wrong on our end
-
Emmanuel Cohen authoredEmmanuel Cohen authored
main.yml 1.27 KiB
---
- include: repos.yml
- name: install system utilities
apt:
force_apt_get: true
install_recommends: false
name: "{{ sysconfig_packages }}"
- name: install ubicast-config
apt:
force_apt_get: true
install_recommends: false
name: ubicast-config
- name: enable unattended upgrades
copy:
dest: /etc/apt/apt.conf.d/20auto-upgrades
content: |
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";
- name: enable root login via ssh with key
replace:
dest: /etc/ssh/sshd_config
regexp: '^#PermitRootLogin (yes|without-password|prohibit-password)'
replace: "PermitRootLogin without-password"
notify: restart sshd
- name: remove disabled root login
replace:
dest: /root/.ssh/authorized_keys
regexp: "^no-port-forwarding,(.+) ssh-"
replace: "ssh-"
ignore_errors: yes
# FIREWALL
- name: firewall
when: sysconfig_firewall_enabled
vars:
ferm_rules_filename: "{{ sysconfig_ferm_rules_filename }}"
ferm_input_rules: "{{ sysconfig_ferm_input_rules }}"
ferm_output_rules: "{{ sysconfig_ferm_output_rules }}"
ferm_global_settings: "{{ sysconfig_ferm_global_settings }}"
include_role:
name: ferm-configure
- include: logs.yml
- include: locale.yml
- include: ntp.yml
...