-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcommon_playbook.yml
53 lines (50 loc) · 1.52 KB
/
common_playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
---
- hosts: all
# become: true
remote_user: dietpi # User to log into to run the playbook tasks
tags: bootstrap
vars:
NORMAL_USER_NAME: "ansible"
tasks:
- name: "Create a secondary, non-root user"
user:
name: "{{ NORMAL_USER_NAME }}"
# Password hash generated on https://www.mkpasswd.net/index.php using sha-512 and Category: sha
password: "$6$Yncz4m42B2o9IDWO$Lsi4LWSi3OnvEmp92gVmwKquey4WuYnB./8SwsN7uxhpFh2OKVA7rJWtdf/hsbvkZxUIKc.ev6xpZAd9OiSNU."
group: root
# create_home: "no"
shell: /bin/bash
- name: "Add user ({{ NORMAL_USER_NAME }}) to sudoers"
lineinfile:
dest: /etc/sudoers
regexp: "{{ NORMAL_USER_NAME }} ALL"
line: "{{ NORMAL_USER_NAME }} ALL=(ALL) ALL"
state: present
- name: Add authorized key to user ({{ NORMAL_USER_NAME }})
authorized_key:
user: "{{ NORMAL_USER_NAME }}"
key: "{{ lookup('file', './files/ansible.id_ed25519.pub') }}"
- hosts: all
# become: true
# become_user: ansible
tags: apt,pkg
tasks:
- name: Install htop
package:
name: htop
state: latest
- hosts: all
become: true
become_user: ansible
tags: always
tasks:
- name: Update cache & Upgrade all packages
register: update_sys
apt:
update_cache: true
upgrade: dist
autoremove: true
autoclean: true
- name: Display the last line of the previous task to check the stats
debug:
msg: "{{update_sys.stdout_lines|last}}"