blee/ansible-role-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix up includes and perform updates.

Browse Source
This commit is contained in:
Brian Lee 2023-08-19 18:52:51 -07:00
parent 78a7ee208d
commit 05eca24134
4 changed files with 18 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
tasks/main.yml
View File

@ -29,4 +29,7 @@
regex: 'HostKey /etc/ssh/ssh_host_ed25519_key' regex: 'HostKey /etc/ssh/ssh_host_ed25519_key'
line: 'HostKey /etc/ssh/ssh_host_ed25519_key' line: 'HostKey /etc/ssh/ssh_host_ed25519_key'
state: present state: present
notify: restart ssh notify: restart ssh
- name: "Set up {{ ansible_os_family }}-based systems"
include_tasks: "setup-{{ ansible_os_family }}.yml"

4
tasks/setup-Arch.yml
View File

@ -1,4 +0,0 @@
---
- name: Set timezone to UTC
community.general.timezone:
name: UTC

10
tasks/setup-Archlinux.yml Normal file
View File

@ -0,0 +1,10 @@
---
- name: Set timezone to UTC
community.general.timezone:
name: UTC
- name: Update package database
community.general.pacman:
update_cache: yes
upgrade: yes
tags: upgrade

24
tasks/setup-Debian.yml
View File

@ -3,7 +3,7 @@
community.general.timezone: community.general.timezone:
name: UTC name: UTC
- name: Let root authenticate via ssh pubkey, Ubuntu. - name: Let root authenticate via ssh pubkey, Ubuntu
ansible.builtin.replace: ansible.builtin.replace:
path: /root/.ssh/authorized_keys path: /root/.ssh/authorized_keys
regexp: '^no.*(ssh.*)$' regexp: '^no.*(ssh.*)$'
@ -14,7 +14,7 @@
path: /etc/apt/apt.conf.d/20auto-upgrades path: /etc/apt/apt.conf.d/20auto-upgrades
register: unattended_upgrade register: unattended_upgrade
- name: Ensure apt automatic upgrades are not enabled. - name: Ensure apt automatic upgrades are not enabled
lineinfile: lineinfile:
path: /etc/apt/apt.conf.d/20auto-upgrades path: /etc/apt/apt.conf.d/20auto-upgrades
regexp: 'APT::Periodic::Unattended-Upgrade "1";' regexp: 'APT::Periodic::Unattended-Upgrade "1";'
@ -33,21 +33,11 @@
delay: 6 delay: 6
retries: 10 retries: 10
- name: Only run "update_cache=yes" if the last one is more than 3600 seconds ago - name: Upgrade all packages
ansible.builtin.apt: ansible.builtin.apt:
update_cache: yes update_cache: yes
cache_valid_time: 3600 cache_valid_time: 3600
upgrade: yes
#- name: Update Linux Kernel
# ansible.builtin.apt:
# name: linux-image-amd64
# state: latest
# register: kernel_version
#
#- name: Reboot a slow machine that might have lots of updates to apply
# ansible.builtin.reboot:
# reboot_timeout: 3600
# when: kernel_version is changed
- name: Update sources.list to select a fast mirror on Ubuntu - name: Update sources.list to select a fast mirror on Ubuntu
ansible.builtin.replace: ansible.builtin.replace:
@ -56,12 +46,6 @@
replace: 'mirror://mirrors.ubuntu.com/mirrors.txt' replace: 'mirror://mirrors.ubuntu.com/mirrors.txt'
when: ansible_distribution == 'Ubuntu' when: ansible_distribution == 'Ubuntu'
- name: Update all packages to their latest version
ansible.builtin.apt:
name: '*'
state: latest
- name: Remove dependencies that are no longer required - name: Remove dependencies that are no longer required
ansible.builtin.apt: ansible.builtin.apt:
autoremove: yes autoremove: yes