e8716e742e
If we move these into a subdir, it cleans up the number of things we nave to files match on. Stop running disable-puppet-agent in base. We run it in run-puppet which should be fine. Change-Id: Ia16adb96b11d25a097490882c4c59a50a0b7b23d
71 lines
1.6 KiB
YAML
71 lines
1.6 KiB
YAML
- name: Remove Rackspace APT repo
|
|
file:
|
|
path: /etc/apt/sources.list.d/ospc.list
|
|
state: absent
|
|
register: rax_apt_repo_removed
|
|
|
|
- name: Install base packages
|
|
package:
|
|
state: present
|
|
name: "{{ base_packages }}"
|
|
|
|
- name: Include OS-specific variables
|
|
include_vars: "{{ lookup('first_found', params) }}"
|
|
vars:
|
|
params:
|
|
files: "{{ distro_lookup_path }}"
|
|
paths:
|
|
- 'vars'
|
|
|
|
- name: Install distro specific packages
|
|
package:
|
|
state: present
|
|
name: "{{ distro_packages }}"
|
|
|
|
- name: Increase syslog message size in order to capture python tracebacks
|
|
copy:
|
|
content: '$MaxMessageSize 6k'
|
|
dest: /etc/rsyslog.d/99-maxsize.conf
|
|
mode: 0644
|
|
notify: Restart rsyslog
|
|
|
|
- name: Ensure rsyslog is running
|
|
service:
|
|
name: rsyslog
|
|
enabled: yes
|
|
state: started
|
|
|
|
- name: Set ssh key for managment
|
|
authorized_key:
|
|
state: present
|
|
user: root
|
|
exclusive: "{{ bastion_key_exclusive }}"
|
|
key: "{{ bastion_public_key }}"
|
|
key_options: |
|
|
from="{{ bastion_ipv4 }},{{ bastion_ipv6 }},localhost"
|
|
|
|
- name: Install sshd config
|
|
template:
|
|
src: sshd_config.j2
|
|
dest: /etc/ssh/sshd_config
|
|
owner: root
|
|
group: root
|
|
mode: 0444
|
|
notify: Restart ssh
|
|
|
|
- name: Disable byobu
|
|
file:
|
|
path: /etc/profile.d/Z98-byobu.sh
|
|
state: absent
|
|
|
|
- name: Setup RFC3339 bash history timestamps
|
|
copy:
|
|
mode: 0644
|
|
src: bash-history.sh
|
|
dest: /etc/profile.d/bash-history.sh
|
|
|
|
- name: Include OS-specific tasks
|
|
include_tasks: "{{ lookup('first_found', file_list) }}"
|
|
vars:
|
|
file_list: "{{ distro_lookup_path }}"
|