2023-04-24 10:11:09 +00:00
|
|
|
|
---
|
|
|
|
|
|
# tasks file for jean-cloud-common
|
|
|
|
|
|
|
|
|
|
|
|
- name: Set hostname
|
|
|
|
|
|
ansible.builtin.hostname:
|
|
|
|
|
|
name: "{{inventory_hostname}}"
|
|
|
|
|
|
when: inventory_hostname is defined
|
|
|
|
|
|
|
|
|
|
|
|
- name: Set hostname IP
|
|
|
|
|
|
ansible.builtin.lineinfile:
|
|
|
|
|
|
path: /etc/hosts
|
|
|
|
|
|
line: "{{item}}"
|
|
|
|
|
|
with_items:
|
|
|
|
|
|
- "172.0.0.1 {{inventory_hostname}}"
|
|
|
|
|
|
- "::1 {{inventory_hostname}}"
|
|
|
|
|
|
|
|
|
|
|
|
- name: Show last changed password for security
|
|
|
|
|
|
copy:
|
|
|
|
|
|
dest: /etc/profile.d/user_last_passwd.sh
|
|
|
|
|
|
owner: root
|
|
|
|
|
|
group: root
|
|
|
|
|
|
mode: '0644'
|
|
|
|
|
|
content: |
|
|
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
RED='\033[0;31m'
|
|
|
|
|
|
NC='\033[0m' # No Color
|
|
|
|
|
|
echo -e "Password last changed on $RED$(passwd -S $USER | cut -d ' ' -f 3)$NC"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- name: Install some softwares
|
|
|
|
|
|
apt:
|
2023-07-06 15:37:16 +00:00
|
|
|
|
name: ['bind9', 'certbot', 'curl', 'dnsutils', 'git', 'gnupg2', 'htop', 'netcat-openbsd', 'nginx', 'rsync', 'screen', 'sshfs', 'sudo', 'traceroute', 'vim', 'wget', 'zip']
|
2023-04-24 10:11:09 +00:00
|
|
|
|
state: latest
|
|
|
|
|
|
|
2023-05-02 08:59:13 +00:00
|
|
|
|
# TODO disable certbot and certbot.timer services. We are using our own
|
|
|
|
|
|
|
2023-04-24 10:11:09 +00:00
|
|
|
|
- name: create needed dirs
|
|
|
|
|
|
ansible.builtin.file:
|
|
|
|
|
|
path: "{{item}}"
|
|
|
|
|
|
state: directory
|
|
|
|
|
|
with_items:
|
|
|
|
|
|
- /docker
|
|
|
|
|
|
- /data
|
|
|
|
|
|
- /etc/letsencrypt
|
|
|
|
|
|
|
|
|
|
|
|
- name: Install docker-compose bash autocompletion
|
|
|
|
|
|
get_url:
|
|
|
|
|
|
url: https://raw.githubusercontent.com/docker/compose/1.29.2/contrib/completion/bash/docker-compose
|
|
|
|
|
|
dest: /etc/bash_completion.d/docker-compose
|
|
|
|
|
|
mode: '0705'
|
|
|
|
|
|
owner: 'root'
|
|
|
|
|
|
|
|
|
|
|
|
- name: Add letsencrypt crontab
|
|
|
|
|
|
ansible.builtin.lineinfile:
|
|
|
|
|
|
path: /etc/crontab
|
|
|
|
|
|
line: '26 03 * * * root letsencrypt.sh'
|
2023-07-06 15:37:16 +00:00
|
|
|
|
|
|
|
|
|
|
- name: Docker config
|
|
|
|
|
|
ansible.builtin.copy:
|
|
|
|
|
|
dest: /etc/docker/daemon.json
|
|
|
|
|
|
content: |
|
|
|
|
|
|
{
|
|
|
|
|
|
"log-driver": "json-file",
|
|
|
|
|
|
"log-opts": {
|
|
|
|
|
|
"max-size": "10m",
|
|
|
|
|
|
"max-file": "3"
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2023-04-24 10:11:09 +00:00
|
|
|
|
#TODO add this to /etc/docker/daemon.json
|
|
|
|
|
|
#{
|
|
|
|
|
|
# "iptables": false
|
|
|
|
|
|
#}
|
2023-07-06 15:37:16 +00:00
|
|
|
|
|
|
|
|
|
|
- name: Bash history
|
|
|
|
|
|
ansible.builtin.copy:
|
|
|
|
|
|
dest: /etc/profile.d/history.sh
|
|
|
|
|
|
mode : 755
|
|
|
|
|
|
content: |
|
|
|
|
|
|
HISTSIZE=
|
|
|
|
|
|
HISTFILESIZE=10000
|
|
|
|
|
|
HISTTIMEFORMAT="%Y%m%d-%T "
|
|
|
|
|
|
export HISTSIZE HISTFILESIZE HISTTIMEFORMAT
|
2023-04-24 10:11:09 +00:00
|
|
|
|
|
