- name: Set authorized keys for root user
authorized_key:
user: root
- key: "{{ lookup('pipe','cat ssh/noc/*.pub') }}"
+ key: "{{ ssh_users_root | user_ssh_keys(users) | join('\n') }}"
exclusive: yes
- name: disable apt suggests and recommends
- lsof
- haveged
- net-tools
- - ntp
- screen
- aptitude
- unp
- ca-certificates
- file
+ - nano
- zsh
- python-apt
+ - command-not-found
+ - man-db
+ - lshw
state: present
+- when: base_managed_ntpd
+ block:
+ - name: check that ISC ntpd is not installed
+ apt:
+ name: ntp
+ state: absent
+ purge: yes
+
+ - name: install openntpd
+ apt:
+ name: openntpd
+
+ - name: configure openntpd
+ copy:
+ dest: /etc/openntpd/ntpd.conf
+ content: |
+ # Use the ffgraz.net NTP server
+ servers ntp.ffgraz.net weight 3
+
+ # Use some servers announced from the NTP Pool
+ servers 0.debian.pool.ntp.org
+ servers 1.debian.pool.ntp.org
+
+ notify: restart openntpd
+
+
- name: make sure grml-(etc|scripts)-core is not installed
apt:
name:
when: ansible_service_mgr == "systemd"
-- name: install zshrc
- with_items:
- - src: "zprofile"
- dest: "/etc/zsh/zprofile"
- - src: "zshrc"
- dest: "/etc/zsh/zshrc"
- - src: "zshrc.skel"
- dest: "/etc/skel/.zshrc"
- copy:
- src: "{{ item.src }}"
- dest: "{{ item.dest }}"
- mode: 0644
+- block:
+ - name: workaround console-setup race condition (1/2)
+ file:
+ path: /etc/systemd/system/console-setup.service.d/
+ state: directory
+
+ - name: workaround console-setup race condition (2/2)
+ copy:
+ content: "[Unit]\nAfter=systemd-tmpfiles-setup.service\n"
+ dest: /etc/systemd/system/console-setup.service.d/override.conf
+ mode: 0644
+ # no need to relaod systemd here, it is only there to fix a boot-time race-condition
+
+ when: ansible_distribution == "Ubuntu"
- name: set root default shell to zsh
user:
shell: /bin/zsh
- name: set default shell for adduser
- with_items:
- - regexp: "^DSHELL"
- line: "DSHELL=/bin/zsh"
+ with_dict:
+ DSHELL: /bin/zsh
lineinfile:
dest: /etc/adduser.conf
- regexp: "{{ item.regexp }}"
- line: "{{ item.line }}"
+ regexp: "^#?{{ item.key }}="
+ line: "{{ item.key }}={{ item.value }}"
+
+- name: Deploy default configuration for tools
+ with_dict:
+ /etc/htoprc: "{{ global_files_dir }}/common/htoprc"
+
+ /etc/zsh/zprofile: zprofile
+ /etc/zsh/zshrc: zshrc
+ /etc/skel/.zshrc: zshrc.skel
+
+ loop_control:
+ label: "{{ item.key }}"
+ copy:
+ mode: 0644
+ src: "{{ item.value }}"
+ dest: "{{ item.key }}"