Linux/Ansible: Difference between revisions

/srv/ansible-config/roles/<role-name>/tasks/main.yml

• apt:

- name: update apt
  apt:
    update_cache: yes
    cache_valid_time: 3600

- name: install apt packages
  apt:
    name: ["aptitude", "git", "mc", "nmap"]

• systemd:

- name: reload systemd config
  systemd:
    daemon_reload: yes

- name: restart fail2ban
  systemd:
    name: fail2ban
    state: restarted

• copy files:

- name: copy openvpn client config files
  copy:
    src: ../files/
    dest: /etc/openvpn

- name: enable fail2ban config
  copy:
    src: /etc/fail2ban/fail2ban.conf
    dest: /etc/fail2ban/fail2ban.local
    remote_src: yes

• edit files:

- name: enable openvpn in /etc/default/openvpn
  lineinfile:
    path: /etc/default/openvpn
    line: AUTOSTART="all"

- name: enable openvpn in /etc/default/openvpn
  lineinfile:
    path: /etc/default/openvpn
    line: AUTOSTART="all"
    create: yes                   # create if file does not exist (default: no)
    backup: yes                   # create a backup file (default: no)
    state: absent                 # the line should not be there
    state: present                # the line should be there (default)
    mode: '644'
    owner: root
    group: root

  lineinfile:
    path: /etc/sudoers
    state: present
    regexp: '^%ADMIN ALL='
    line: '%ADMIN ALL=(ALL) NOPASSWD: ALL'
    validate: '/usr/sbin/visudo -cf %s'