populate debian role
This commit is contained in:
14
playbooks/roles/debian/files/50unattended-upgrades
Normal file
14
playbooks/roles/debian/files/50unattended-upgrades
Normal file
@@ -0,0 +1,14 @@
|
|||||||
|
// Automaticaly reboot after upgrade
|
||||||
|
Unattended-Upgrade::Auto-Reboot "true";
|
||||||
|
|
||||||
|
// Reboot even with logged in users
|
||||||
|
Unattended-Upgrade::Automatic-Reboot-WithUsers "true";
|
||||||
|
|
||||||
|
// Remove dependencies that become useless after upgrade
|
||||||
|
Unattended-Upgrade::Remove-New-Unused-Dependencies "true";
|
||||||
|
|
||||||
|
// Remove unused dependencies after upgrade
|
||||||
|
Unattended-Upgrade::Remove-Unused-Dependencies "true";
|
||||||
|
|
||||||
|
// Enable logging to syslog
|
||||||
|
Unattended-Upgrade::SyslogEnable "true";
|
||||||
BIN
playbooks/roles/debian/files/fastfetch-linux-amd64.deb
Normal file
BIN
playbooks/roles/debian/files/fastfetch-linux-amd64.deb
Normal file
Binary file not shown.
5
playbooks/roles/debian/files/fastfetch-motd.sh
Normal file
5
playbooks/roles/debian/files/fastfetch-motd.sh
Normal file
@@ -0,0 +1,5 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
# Managed by Ansible – run fastfetch on SSH login
|
||||||
|
if [ -n "${SSH_CLIENT}${SSH_CONNECTION}" ]; then
|
||||||
|
fastfetch -c /etc/fastfetch/27.jsonc
|
||||||
|
fi
|
||||||
78
playbooks/roles/debian/tasks/main.yml
Normal file
78
playbooks/roles/debian/tasks/main.yml
Normal file
@@ -0,0 +1,78 @@
|
|||||||
|
#SPDX-License-Identifier: MIT-0
|
||||||
|
---
|
||||||
|
# tasks to setup debian hosts
|
||||||
|
|
||||||
|
- name: Update package cache (Debian/Ubuntu)
|
||||||
|
apt:
|
||||||
|
update_cache: yes
|
||||||
|
when: ansible_facts['os_family'] == "Debian"
|
||||||
|
|
||||||
|
- name: Upgrade all packages (Debian/Ubuntu)
|
||||||
|
apt:
|
||||||
|
upgrade: dist
|
||||||
|
register: debian_update
|
||||||
|
when: ansible_facts['os_family'] == "Debian"
|
||||||
|
|
||||||
|
# Setup unattended-upgrade
|
||||||
|
- name: install packages (Debian)
|
||||||
|
apt:
|
||||||
|
name: [ unattended-upgrades, apt-listchanges, cron ]
|
||||||
|
update_cache: yes
|
||||||
|
state: present
|
||||||
|
when: ansible_facts['os_family'] == 'Debian'
|
||||||
|
tags:
|
||||||
|
- packages
|
||||||
|
|
||||||
|
- name: template unattended-upgrades config (Debian)
|
||||||
|
template:
|
||||||
|
src: 50unattended-upgrades
|
||||||
|
dest: /etc/apt/apt.conf.d/50unattended-upgrades
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
when: ansible_facts['os_family'] == 'Debian'
|
||||||
|
tags:
|
||||||
|
- unattended
|
||||||
|
|
||||||
|
- name: restart unattended-upgrades service (Debian)
|
||||||
|
service:
|
||||||
|
name: unattended-upgrades
|
||||||
|
state: restarted
|
||||||
|
when: ansible_facts['os_family'] == 'Debian'
|
||||||
|
tags:
|
||||||
|
- unattended
|
||||||
|
|
||||||
|
- name: Setup Cronjob for unattended-upgrade
|
||||||
|
ansible.builtin.cron:
|
||||||
|
name: "Auto-Update"
|
||||||
|
minute: "30"
|
||||||
|
hour: "2"
|
||||||
|
job: "/usr/bin/unattended-upgrade"
|
||||||
|
when: ansible_facts['os_family'] == 'Debian'
|
||||||
|
|
||||||
|
# Setup fastfetch prompt
|
||||||
|
- name: Create fastfetch directory
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /etc/fastfetch
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0744'
|
||||||
|
|
||||||
|
- name: Copy fastfetch config
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: 27.jsonc
|
||||||
|
dest: /etc/fastfetch/27.jsonc
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0744'
|
||||||
|
|
||||||
|
- name: Copy fastfetch script
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: fastfetch-motd.sh
|
||||||
|
dest: /etc/profile.d/fastfetch-motd
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
|
||||||
|
|
||||||
Reference in New Issue
Block a user