merge common-bitlair into common
This commit is contained in:
parent
b210abc77e
commit
7d59c108d6
25 changed files with 93 additions and 42 deletions
|
|
@ -1,4 +1,5 @@
|
|||
---
|
||||
|
||||
- name: Configure auto-upgrades
|
||||
ansible.builtin.template:
|
||||
src: apt-minimal
|
||||
|
|
|
|||
8
roles/common/tasks/common-bitlair.yaml
Normal file
8
roles/common/tasks/common-bitlair.yaml
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
- name: Update authorized_keys
|
||||
ansible.builtin.template:
|
||||
src: authorized_keys.j2
|
||||
dest: /root/.ssh/authorized_keys
|
||||
mode: 0600
|
||||
when: root_access is defined and root_access
|
||||
tags: authorized_keys
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
---
|
||||
- name: Install backports source list
|
||||
ansible.builtin.template:
|
||||
src: backports-source.list
|
||||
dest: /etc/apt/sources.list.d/backports.list
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: apt update
|
||||
|
||||
- ansible.builtin.meta: flush_handlers
|
||||
|
|
@ -1,4 +1,5 @@
|
|||
---
|
||||
|
||||
- name: Install source list
|
||||
ansible.builtin.template:
|
||||
src: stable-sources.list
|
||||
|
|
|
|||
|
|
@ -6,15 +6,25 @@
|
|||
when: ansible_facts['distribution_release'] != "bookworm"
|
||||
tags: [ debian-upgrade, never ]
|
||||
|
||||
- name: Import debian-backports.yaml
|
||||
ansible.builtin.import_tasks:
|
||||
file: debian-backports.yaml
|
||||
- name: Apt config and sources.list
|
||||
ansible.builtin.template:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
mode: "{{ item.mode | default('0644') }}"
|
||||
owner: "{{ item.owner | default('root') }}"
|
||||
group: "{{ item.group | default('root') }}"
|
||||
with_items:
|
||||
- { src: "apt.conf.j2", dest: "/etc/apt/apt.conf" }
|
||||
- { src: "sources.list.j2", dest: "/etc/apt/sources.list" }
|
||||
when:
|
||||
- ansible_os_family == "Debian"
|
||||
tags:
|
||||
- sourceslist
|
||||
|
||||
tags: debian_backports
|
||||
|
||||
- tags: unattended_updates
|
||||
- name: Import unattended-updates
|
||||
ansible.builtin.import_tasks:
|
||||
file: unattended-updates.yaml
|
||||
tags: unattended_updates
|
||||
|
||||
- tags: apt-minimal
|
||||
ansible.builtin.import_tasks:
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
---
|
||||
|
||||
- name: Install node-exporter
|
||||
ansible.builtin.apt:
|
||||
name: prometheus-node-exporter
|
||||
|
|
|
|||
8
roles/common/templates/apt.conf.j2
Normal file
8
roles/common/templates/apt.conf.j2
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
{% if proxy_host is defined and proxy_host != "" %}
|
||||
Acquire::http::Proxy "http://{{ proxy_host }}:{{ proxy_port }}/";
|
||||
{% endif %}
|
||||
|
||||
# Don't download translation-files
|
||||
Acquire::Languages "none";
|
||||
6
roles/common/templates/authorized_keys.j2
Normal file
6
roles/common/templates/authorized_keys.j2
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
# Managed by Ansible
|
||||
|
||||
{% for name in root_access %}
|
||||
# {{ name }}
|
||||
{{ lookup('file', 'authorized_keys/'+name+'.keys') }}
|
||||
{% endfor %}
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
# Managed by Ansible
|
||||
|
||||
deb http://ftp.nl.debian.org/debian/ {{ ansible_facts.distribution_release }}-backports main
|
||||
deb-src http://ftp.nl.debian.org/debian/ {{ ansible_facts.distribution_release }}-backports main
|
||||
24
roles/common/templates/sources.list.j2
Normal file
24
roles/common/templates/sources.list.j2
Normal file
|
|
@ -0,0 +1,24 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
{% if debian_source_repos|default(false) %}
|
||||
{% set SRC = "" %}
|
||||
{% else %}
|
||||
{% set SRC = "# " %}
|
||||
{% endif %}
|
||||
{% set components = "main contrib non-free-firmware" %}
|
||||
|
||||
deb {{ debian_repourl }} {{ ansible_distribution_release }} {{ components }}
|
||||
{{ SRC }}deb-src {{ debian_repourl }} {{ ansible_distribution_release }} {{ components }}
|
||||
#
|
||||
# Updates
|
||||
deb {{ debian_repourl }} {{ ansible_distribution_release }}-updates {{ components }}
|
||||
{{ SRC }}deb-src {{ debian_repourl }} {{ ansible_distribution_release }}-updates {{ components }}
|
||||
#
|
||||
# Backports
|
||||
deb {{ debian_repourl }} {{ ansible_distribution_release }}-backports {{ components }}
|
||||
{{ SRC }}deb-src {{ debian_repourl }} {{ ansible_distribution_release }}-backports {{ components }}
|
||||
#
|
||||
# Security patches
|
||||
deb {{ debian_securityurl }} {{ ansible_distribution_release }}-security {{ components }}
|
||||
{{ SRC }}deb-src {{ debian_securityurl }} {{ ansible_distribution_release }}-security main contrib non- free
|
||||
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
deb http://deb.debian.org/debian bookworm main non-free-firmware
|
||||
deb-src http://deb.debian.org/debian bookworm main non-free-firmware
|
||||
|
||||
deb http://deb.debian.org/debian-security/ bookworm-security main non-free-firmware
|
||||
deb-src http://deb.debian.org/debian-security/ bookworm-security main non-free-firmware
|
||||
|
||||
deb http://deb.debian.org/debian bookworm-updates main non-free-firmware
|
||||
deb-src http://deb.debian.org/debian bookworm-updates main non-free-firmware
|
||||
Loading…
Add table
Add a link
Reference in a new issue