Linux/Ansible: Difference between revisions
< Linux
No edit summary |
No edit summary |
||
Line 54: | Line 54: | ||
owner: root | owner: root | ||
group: root | group: root | ||
insertbefore: BOF | |||
insertafter: EOF | |||
- name: change sudoers | - name: change sudoers |
Revision as of 15:00, 11 November 2018
/srv/ansible-config/roles/<role-name>/tasks/main.yml
- apt:
- name: update apt apt: update_cache: yes cache_valid_time: 3600 - name: install apt packages apt: name: ["aptitude", "git", "mc", "nmap"]
- systemd:
- name: reload systemd config systemd: daemon_reload: yes - name: restart fail2ban systemd: name: fail2ban state: restarted
- copy files:
- name: copy openvpn client config files copy: src: ../files/ dest: /etc/openvpn - name: enable fail2ban config copy: src: /etc/fail2ban/fail2ban.conf dest: /etc/fail2ban/fail2ban.local remote_src: yes
- edit files:
- name: enable openvpn in /etc/default/openvpn lineinfile: path: /etc/default/openvpn line: AUTOSTART="all" - name: enable openvpn in /etc/default/openvpn lineinfile: path: /etc/default/openvpn line: AUTOSTART="all" create: yes # create if file does not exist (default: no) backup: yes # create a backup file (default: no) state: absent # the line should not be there state: present # the line should be there (default) mode: '644' owner: root group: root insertbefore: BOF insertafter: EOF - name: change sudoers lineinfile: path: /etc/sudoers state: present regexp: '^%ADMIN ALL=' line: '%ADMIN ALL=(ALL) NOPASSWD: ALL' validate: '/usr/sbin/visudo -cf %s'