/
bootstrap.yml
73 lines (61 loc) · 2.44 KB
/
bootstrap.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
---
#ansible-playbook bootstrap.yml --extra-vars="hostip=50.57.171.80 host=s113.okserver.org user=root" -vvvv -k -i inventory/hosts
- hosts: $host
gather_facts: false
connection: ssh
user: $user
sudo: true
vars_files:
- ~/ansible/vars/global.yml
- ~/ansible/vars/users.yml
- ~/ansible/.private/p.yml
pre_tasks:
- name: -> set correct date
action: shell /usr/sbin/ntpdate pool.ntp.org
ignore_errors: True
tags: set_date
## Add DME record, the DME module is timestamp sensitive, ensure the system clock is in syncd using ntpdate
## msg: http://api.dnsmadeeasy.com/V2.0/dns/managed returned 403, with body: {error: ["Request sent with date header too far out of sync. Difference in times is -98077, header value is 1376666747000"]}
- name: -> Add DME record
dnsmadeeasy: account_key="{{ dme_key }}" account_secret="{{ dme_secret }}" domain="{{ host.split('.', 1)[1] }}" state=present record_name="{{ host.split('.')[0] }}" record_type='A' record_value="{{ hostip }}"
tags: setup_dns
- name: set_hostname
action: shell echo "{{ host }}" > /etc/hostname && echo hostname "{{ host }}"
tags: set_hostname
- name: -> generate_locale
action: shell locale-gen $item
with_items: $locale_list
tags: generate_locale
- name: -> preseed debconf
action: copy src=~/ansible/files/bootstrap/debconf.preseed dest=/tmp/debconf.preseed force=yes
tags: preseed_debconf
- name: -> apt update
action: apt update_cache=yes
- name: -> run debconf
action: shell /usr/bin/debconf-set-selections /tmp/debconf.preseed
tags: run_debconf
- name: apt upgrade
environment:
DEBIAN_FRONTEND: noninteractive
action: apt upgrade=yes
tags: apt_upgrade
- name: install basic packages
action: apt state=installed pkg=${item}
with_items:
- vim-nox
- sudo
- man-db
- bsd-mailx
roles:
- users
- motd
tasks:
- name: add project sysadmin alias
lineinfile: "dest=/etc/aliases state=present regexp='^root:' line='root: ${sysadmin_email}'"
tags: set_project_sysadmin_email
- name: newaliases
action: command /usr/bin/newaliases
tags: run_newaliases
# - name: disable_root_login
# lineinfile: "dest=/etc/ssh/sshd_config state=present regexp='^PermitRootLogin' line='PermitRootLogin no'"
# tags: disable_root_login