35 lines
789 B
YAML
35 lines
789 B
YAML
- include_tasks: 'sudoers.yml'
|
|
loop:
|
|
- { src: 'sudoers.j2', dest: '/etc/sudoers.d/20-ansible-extra' }
|
|
|
|
- name: copy ssh template
|
|
template:
|
|
src: 'sshd_config.j2'
|
|
dest: '/etc/ssh/sshd_config'
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
notify: reload ssh
|
|
|
|
- name: viva la hollande
|
|
locale_gen:
|
|
name: nl_NL.UTF-8
|
|
state: present
|
|
|
|
- name: ensure basic tooling is installed
|
|
apt:
|
|
name: '{{ common_packages }}'
|
|
state: present
|
|
|
|
- name: copy firewall template
|
|
template:
|
|
src: 'nftables.j2'
|
|
dest: '/etc/nftables.conf'
|
|
owner: root
|
|
group: root
|
|
mode: '0600'
|
|
notify: restart nftables
|
|
|
|
# see https://wiki.debian.org/systemd#Orphaned_processes
|
|
- name: enable loginctl user-linger
|
|
command: 'loginctl enable-linger {{ default_user|quote }}'
|