ansible-ffibk/roles/ffmwu-server/tasks/main.yml

49 lines
1.4 KiB
YAML

---
# we don't want to disrupt servers where this role is manually maintained!
# thus: warning and block statement
- name: full-stop if server role is manually maintained on this server
debug: msg="server role skipped to not disrupt manual maintenance - set ansible_managed_server to True to enable ansible control"
when: (not ansible_managed_server is defined) or (not ansible_managed_server)
- block:
- name: ensure needed system users are present
user: name=admin comment="Freifunk MWU Admin" shell=/bin/bash state=present
become: True
- name: ensure all wanted ssh keys exclusively
authorized_key: exclusive=True state=present user=admin
key={{ mwu_s_admin_keys ~ ( h_v_add_auth_keys | default('') ) }}
- name: ensure some basic packages
apt:
state: present
name: "{{mwu_s_item}}"
update_cache: yes
cache_valid_time: 21600
with_items:
- software-properties-common
- apt-transport-https
- man-db
- mosh
- ntp
- sudo
- sysfsutils
- vim
- vnstat
- vnstati
loop_control:
loop_var: mwu_s_item
become: True
- name: ensure vim is default editor
alternatives: name=editor path=/usr/bin/vim.basic
become: True
- name: set timezone to Europe/Berlin
timezone: name=Europe/Berlin
become: True
when: (ansible_managed_server is defined) and (ansible_managed_server)
# end block