-
Notifications
You must be signed in to change notification settings - Fork 0
/
playbook.yml
41 lines (39 loc) · 1.59 KB
/
playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
---
# Without a vault:
# $ ansible-playbook -i "localhost," -c local [--ask-become-pass] [-e "var_one=true var_two=false"] -v ./playbook.yml
# $ ansible-playbook -i inventory/inventory.ini [-b] [--ask-become-pass] -v playbook.yml
# Using a vault:
# $ echo "Enter Vault Password"; read -s vault_pass; export ANSIBLE_VAULT_PASSWORD=$vault_pass
# [type vault password here, then enter]
# $ ansible-playbook -i <inventory> -e "@~/vault.yml" --vault-pass-file <(cat <<<$ANSIBLE_VAULT_PASSWORD) -v ./playbook.yml
# Creating roles: https://galaxy.ansible.com/docs/contributing/creating_role.html
- name: "Default Playbook"
hosts:
# List groups from your inventory here
# You could also use the built in "all" or "ungrouped"
# "all" is necessary when Vagrant is auto-generating the inventory
all
# localgroup
# remotegroup
roles:
# List roles to run
- role: "update_packages"
# - role: "install_unbound"
# - role: "install_ykman"
# - role: "install_chrome"
# - role: "build_wireguard_server"
# - role: "build_tailscale_node"
# - role: "build_ubuntu_desktop"
# - role: "build_kali_desktop"
# - role: "build_atomic_node"
# - role: "manage_keys"
# - role: "deploy_uac"
# - role: "install_auditd"
# - role: "hyperv_guest_tools"
# - role: "configure_gnupg"
# - role: "configure_microsoft_repos"
# - role: "install_vscode"
# - role: "install_powershell"
# - role: "install_sysmon"
# - role: "rootkit_detection" # rootkit_detection should be run last, but before aide
# - role: "aide" # aide should always be run last