Update to buster and mount exfat USB
This commit is contained in:
parent
e9926f7a02
commit
b6bec6030e
103
ansible/main.yml
103
ansible/main.yml
@ -5,7 +5,7 @@
|
|||||||
- secrets.yml
|
- secrets.yml
|
||||||
|
|
||||||
vars:
|
vars:
|
||||||
- debian_release: stretch
|
- debian_release: buster
|
||||||
- loki_dir: /srv/loki
|
- loki_dir: /srv/loki
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
@ -22,20 +22,8 @@
|
|||||||
force_apt_get: yes
|
force_apt_get: yes
|
||||||
register: apt_update
|
register: apt_update
|
||||||
|
|
||||||
# Once ansible 2.7 is available will be able to just use reboot module.
|
- name: Reboot the machine
|
||||||
- block:
|
reboot:
|
||||||
- name: Reboot
|
|
||||||
shell: "sleep 1 && reboot"
|
|
||||||
async: 1
|
|
||||||
poll: 0
|
|
||||||
|
|
||||||
- name: Wait for host to come back up
|
|
||||||
wait_for_connection:
|
|
||||||
connect_timeout: 20
|
|
||||||
sleep: 5
|
|
||||||
delay: 5
|
|
||||||
timeout: 300
|
|
||||||
|
|
||||||
when: apt_update is changed
|
when: apt_update is changed
|
||||||
|
|
||||||
# -------------------------------------------------------------------------
|
# -------------------------------------------------------------------------
|
||||||
@ -60,18 +48,35 @@
|
|||||||
state: started
|
state: started
|
||||||
enabled: yes
|
enabled: yes
|
||||||
|
|
||||||
|
# -------------------------------------------------------------------------
|
||||||
|
# Set up the exfat file system for the USB flash drive.
|
||||||
|
# -------------------------------------------------------------------------
|
||||||
|
|
||||||
|
- name: Set up exfat
|
||||||
|
apt:
|
||||||
|
name: exfat-fuse
|
||||||
|
|
||||||
|
- name: Create USB mount directory
|
||||||
|
file:
|
||||||
|
path: /media/usb0
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Ensure USB drive is auto-mounted
|
||||||
|
lineinfile:
|
||||||
|
line: "UUID=64A5-F009 /media/usb0 exfat defaults 0 0"
|
||||||
|
dest: "/etc/fstab"
|
||||||
|
|
||||||
# -------------------------------------------------------------------------
|
# -------------------------------------------------------------------------
|
||||||
# Apparmor.
|
# Apparmor.
|
||||||
# -------------------------------------------------------------------------
|
# -------------------------------------------------------------------------
|
||||||
|
|
||||||
- name: Install apparmor, utilities, and profiles
|
- name: Install apparmor, utilities, and profiles
|
||||||
apt:
|
apt:
|
||||||
name: "{{ item }}"
|
name:
|
||||||
with_items:
|
- apparmor
|
||||||
- apparmor
|
- apparmor-utils
|
||||||
- apparmor-utils
|
- apparmor-profiles
|
||||||
- apparmor-profiles
|
- apparmor-profiles-extra
|
||||||
- apparmor-profiles-extra
|
|
||||||
register: apparmor
|
register: apparmor
|
||||||
|
|
||||||
- name: Ensure /etc/default/grub.d exists
|
- name: Ensure /etc/default/grub.d exists
|
||||||
@ -92,17 +97,8 @@
|
|||||||
- name: Update grub
|
- name: Update grub
|
||||||
command: update-grub
|
command: update-grub
|
||||||
|
|
||||||
- name: Reboot
|
- name: Reboot the machine
|
||||||
shell: "sleep 1 && reboot"
|
reboot:
|
||||||
async: 1
|
|
||||||
poll: 0
|
|
||||||
|
|
||||||
- name: Wait for host to come back up
|
|
||||||
wait_for_connection:
|
|
||||||
connect_timeout: 20
|
|
||||||
sleep: 5
|
|
||||||
delay: 5
|
|
||||||
timeout: 300
|
|
||||||
|
|
||||||
when:
|
when:
|
||||||
apparmor is changed or
|
apparmor is changed or
|
||||||
@ -139,11 +135,10 @@
|
|||||||
|
|
||||||
- name: Install postfix
|
- name: Install postfix
|
||||||
apt:
|
apt:
|
||||||
name: "{{ item }}"
|
name:
|
||||||
with_items:
|
- postfix
|
||||||
- postfix
|
- ca-certificates
|
||||||
- ca-certificates
|
- libsasl2-modules
|
||||||
- libsasl2-modules
|
|
||||||
register: postfix
|
register: postfix
|
||||||
|
|
||||||
- name: Configure credentials
|
- name: Configure credentials
|
||||||
@ -232,10 +227,9 @@
|
|||||||
|
|
||||||
- name: Install logcheck and logrotate
|
- name: Install logcheck and logrotate
|
||||||
apt:
|
apt:
|
||||||
name: "{{ item }}"
|
name:
|
||||||
with_items:
|
- logcheck
|
||||||
- logcheck
|
- logrotate
|
||||||
- logrotate
|
|
||||||
|
|
||||||
- name: Configure logcheck
|
- name: Configure logcheck
|
||||||
template:
|
template:
|
||||||
@ -314,10 +308,9 @@
|
|||||||
|
|
||||||
- name: Install rkhunter and chkrootkit
|
- name: Install rkhunter and chkrootkit
|
||||||
apt:
|
apt:
|
||||||
name: "{{ item }}"
|
name:
|
||||||
with_items:
|
- rkhunter
|
||||||
- rkhunter
|
- chkrootkit
|
||||||
- chkrootkit
|
|
||||||
|
|
||||||
- name: Configure rkhunter
|
- name: Configure rkhunter
|
||||||
template:
|
template:
|
||||||
@ -358,13 +351,12 @@
|
|||||||
|
|
||||||
- name: Install packages to enable HTTPS repository
|
- name: Install packages to enable HTTPS repository
|
||||||
apt:
|
apt:
|
||||||
name: "{{ item }}"
|
name:
|
||||||
with_items:
|
- apt-transport-https
|
||||||
- apt-transport-https
|
- ca-certificates
|
||||||
- ca-certificates
|
- curl
|
||||||
- curl
|
- gnupg2
|
||||||
- gnupg2
|
- software-properties-common
|
||||||
- software-properties-common
|
|
||||||
|
|
||||||
- name: Add Docker GPG key
|
- name: Add Docker GPG key
|
||||||
apt_key:
|
apt_key:
|
||||||
@ -386,10 +378,9 @@
|
|||||||
|
|
||||||
- name: Install docker-ce and docker-compose
|
- name: Install docker-ce and docker-compose
|
||||||
apt:
|
apt:
|
||||||
name: "{{ item }}"
|
name:
|
||||||
with_items:
|
- docker-ce
|
||||||
- docker-ce
|
- docker-compose
|
||||||
- docker-compose
|
|
||||||
|
|
||||||
# -------------------------------------------------------------------------
|
# -------------------------------------------------------------------------
|
||||||
# Loki server.
|
# Loki server.
|
||||||
|
Reference in New Issue
Block a user