From da4798c577257683c02bcde4974b26ce8e2c5a97 Mon Sep 17 00:00:00 2001 From: VC Date: Fri, 5 Jul 2024 11:53:35 +0200 Subject: [PATCH] refactor: optimize system role --- roles/system/tasks/apt-transport-https.yml | 6 - roles/system/tasks/aptitude.yml | 7 - roles/system/tasks/bashrc.yml | 9 -- roles/system/tasks/cron-apt.yml | 12 -- roles/system/tasks/cron.yml | 6 - roles/system/tasks/curl.yml | 6 - roles/system/tasks/gpg.yml | 6 - roles/system/tasks/htop.yml | 6 - roles/system/tasks/locales.yml | 27 ---- roles/system/tasks/localtime.yml | 7 - roles/system/tasks/lshw.yml | 6 - roles/system/tasks/main.yml | 149 +++++++++++++++------ roles/system/tasks/overlayfs.yml | 6 - roles/system/tasks/ping.yml | 6 - roles/system/tasks/sshd.yml | 29 ---- roles/system/tasks/sudo.yml | 6 - roles/system/tasks/telnet.yml | 6 - roles/system/tasks/tmux.yml | 6 - roles/system/tasks/vimrc.yml | 14 -- roles/system/tasks/wget.yml | 6 - 20 files changed, 110 insertions(+), 216 deletions(-) delete mode 100644 roles/system/tasks/apt-transport-https.yml delete mode 100644 roles/system/tasks/aptitude.yml delete mode 100644 roles/system/tasks/bashrc.yml delete mode 100644 roles/system/tasks/cron-apt.yml delete mode 100644 roles/system/tasks/cron.yml delete mode 100644 roles/system/tasks/curl.yml delete mode 100644 roles/system/tasks/gpg.yml delete mode 100644 roles/system/tasks/htop.yml delete mode 100644 roles/system/tasks/locales.yml delete mode 100644 roles/system/tasks/localtime.yml delete mode 100644 roles/system/tasks/lshw.yml delete mode 100644 roles/system/tasks/overlayfs.yml delete mode 100644 roles/system/tasks/ping.yml delete mode 100644 roles/system/tasks/sshd.yml delete mode 100644 roles/system/tasks/sudo.yml delete mode 100644 roles/system/tasks/telnet.yml delete mode 100644 roles/system/tasks/tmux.yml delete mode 100644 roles/system/tasks/vimrc.yml delete mode 100644 roles/system/tasks/wget.yml diff --git a/roles/system/tasks/apt-transport-https.yml b/roles/system/tasks/apt-transport-https.yml deleted file mode 100644 index 19b6042..0000000 --- a/roles/system/tasks/apt-transport-https.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Install https transport for apt - ansible.builtin.package: - name: apt-transport-https - state: present diff --git a/roles/system/tasks/aptitude.yml b/roles/system/tasks/aptitude.yml deleted file mode 100644 index 80a24a4..0000000 --- a/roles/system/tasks/aptitude.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- - -- name: Install aptitude - ansible.builtin.package: - name: aptitude - state: present - when: ansible_facts['os_family'] == 'Debian' diff --git a/roles/system/tasks/bashrc.yml b/roles/system/tasks/bashrc.yml deleted file mode 100644 index c6b3edc..0000000 --- a/roles/system/tasks/bashrc.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- - -- name: Copy basic bashrc files - ansible.builtin.copy: - src: files/dotbashrc - dest: /root/.bashrc - mode: 0644 - owner: root - group: root diff --git a/roles/system/tasks/cron-apt.yml b/roles/system/tasks/cron-apt.yml deleted file mode 100644 index 21781a2..0000000 --- a/roles/system/tasks/cron-apt.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- - -- name: Install cron-apt - ansible.builtin.package: - name: cron-apt - state: present - -- name: Default configuration file - ansible.builtin.copy: - src: files/5-install - dest: /etc/cron-apt/action.d/5-install - mode: 0644 diff --git a/roles/system/tasks/cron.yml b/roles/system/tasks/cron.yml deleted file mode 100644 index ec1613e..0000000 --- a/roles/system/tasks/cron.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Install cron - ansible.builtin.package: - name: cron - state: present diff --git a/roles/system/tasks/curl.yml b/roles/system/tasks/curl.yml deleted file mode 100644 index c27f95a..0000000 --- a/roles/system/tasks/curl.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Install curl - ansible.builtin.package: - name: curl - state: present diff --git a/roles/system/tasks/gpg.yml b/roles/system/tasks/gpg.yml deleted file mode 100644 index 2f74e31..0000000 --- a/roles/system/tasks/gpg.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Install gpg package - ansible.builtin.package: - name: gpg - state: present diff --git a/roles/system/tasks/htop.yml b/roles/system/tasks/htop.yml deleted file mode 100644 index 5704e56..0000000 --- a/roles/system/tasks/htop.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Install htop - ansible.builtin.package: - name: htop - state: present diff --git a/roles/system/tasks/locales.yml b/roles/system/tasks/locales.yml deleted file mode 100644 index 0ba06f4..0000000 --- a/roles/system/tasks/locales.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- - -- name: Set default locale to fr_FR.UTF-8 - ansible.builtin.debconf: - name: locales - question: locales/default_environment_locale - value: fr_FR.UTF-8 - vtype: select - -- name: Set to generate locales fr_FR/en_US - ansible.builtin.debconf: - name: locales - question: locales/locales_to_be_generated - value: en_US.UTF-8 UTF-8, fr_FR.UTF-8 UTF-8 - vtype: multiselect - -- name: Delete original locale.gen - ansible.builtin.file: - path: /etc/locale.gen - state: absent - when: ansible_facts['env']['LANG'] != 'fr_FR.UTF-8' - -- name: Update original locale.gen - ansible.builtin.command: - cmd: dpkg-reconfigure -f noninteractive locales - changed_when: true - when: ansible_facts['env']['LANG'] != 'fr_FR.UTF-8' diff --git a/roles/system/tasks/localtime.yml b/roles/system/tasks/localtime.yml deleted file mode 100644 index fc60d5a..0000000 --- a/roles/system/tasks/localtime.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- - -- name: Set localtime - ansible.builtin.file: - src: /usr/share/zoneinfo/Europe/Paris - dest: /etc/localtime - state: link diff --git a/roles/system/tasks/lshw.yml b/roles/system/tasks/lshw.yml deleted file mode 100644 index 04b8628..0000000 --- a/roles/system/tasks/lshw.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Install lshw - ansible.builtin.package: - state: present - name: lshw diff --git a/roles/system/tasks/main.yml b/roles/system/tasks/main.yml index 95766da..822c41d 100644 --- a/roles/system/tasks/main.yml +++ b/roles/system/tasks/main.yml @@ -1,42 +1,113 @@ --- -- name: Include aptitude - ansible.builtin.include_tasks: aptitude.yml -- name: Include localtime - ansible.builtin.include_tasks: localtime.yml -- name: Include locales - ansible.builtin.include_tasks: locales.yml -- name: Include ping - ansible.builtin.include_tasks: ping.yml -- name: Include sudo - ansible.builtin.include_tasks: sudo.yml -- name: Include telnet - ansible.builtin.include_tasks: telnet.yml -- name: Include tmux - ansible.builtin.include_tasks: tmux.yml -- name: Include bashrc - ansible.builtin.include_tasks: bashrc.yml -- name: Include vim - ansible.builtin.include_tasks: vimrc.yml -- name: Include sshd - ansible.builtin.include_tasks: sshd.yml -- name: Include curl - ansible.builtin.include_tasks: curl.yml -- name: Include wget - ansible.builtin.include_tasks: wget.yml -- name: Include cron - ansible.builtin.include_tasks: cron.yml -- name: Include htop - ansible.builtin.include_tasks: htop.yml -- name: Include apt-transport-https - ansible.builtin.include_tasks: apt-transport-https.yml -- name: Include gpg - ansible.builtin.include_tasks: gpg.yml -- name: Include cron-apt - ansible.builtin.include_tasks: cron-apt.yml -- name: Include lshw - ansible.builtin.include_tasks: lshw.yml - when: "'hypervisors' in group_names" -- name: Include overlayfs - ansible.builtin.include_tasks: overlayfs.yml +- name: Install general utilities + ansible.builtin.package: + name: + - apt-transport-https + - aptitude + - cron + - cron-apt + - curl + - gpg + - htop + - iputils-ping + - sudo + - telnet + - tmux + - vim + - wget + state: present + +- name: Install hypervisors’ specific utilities + ansible.builtin.package: + name: + - fuse-overlayfs + - lshw + state: present when: "'hypervisors' in group_names" + +- name: Set localtime + ansible.builtin.file: + src: /usr/share/zoneinfo/Europe/Paris + dest: /etc/localtime + state: link + +- name: Set locale + block: + - name: Set default locale to fr_FR.UTF-8 + ansible.builtin.debconf: + name: locales + question: locales/default_environment_locale + value: fr_FR.UTF-8 + vtype: select + + - name: Set to generate locales fr_FR/en_US + ansible.builtin.debconf: + name: locales + question: locales/locales_to_be_generated + value: en_US.UTF-8 UTF-8, fr_FR.UTF-8 UTF-8 + vtype: multiselect + + - name: Delete original locale.gen + ansible.builtin.file: + path: /etc/locale.gen + state: absent + when: ansible_facts['env']['LANG'] != 'fr_FR.UTF-8' + + - name: Update original locale.gen + ansible.builtin.command: + cmd: dpkg-reconfigure -f noninteractive locales + changed_when: true + when: ansible_facts['env']['LANG'] != 'fr_FR.UTF-8' + +- name: Copy bashrc config file + ansible.builtin.copy: + src: files/dotbashrc + dest: /root/.bashrc + mode: 0644 + owner: root + group: root + +- name: Copy vimrc config file + ansible.builtin.copy: + src: files/vim/ + dest: /root/.vim + mode: 0755 + owner: root + group: root + +- name: SSH configuration + block: + - name: Put SSH configuration file + ansible.builtin.template: + src: sshd_config.j2 + dest: /etc/ssh/sshd_config + mode: 0644 + notify: + - Restart sshd + + - name: SSH key home + ansible.posix.authorized_key: + user: root + state: present + key: "{{ lookup('file', 'ssh/home.id_rsa.pub') }}" + + - name: SSH key work + ansible.posix.authorized_key: + user: root + state: present + key: "{{ lookup('file', 'ssh/work.id_rsa.pub') }}" + + - name: SSH key stef + ansible.posix.authorized_key: + user: root + state: present + key: "{{ lookup('file', 'ssh/stefofficiel.id_rsa.pub') }}" + path: "~/.ssh/instance_keys" + when: inventory_hostname in groups['fedinupesservers'] + +- name: Set cron-apt configuration file + ansible.builtin.copy: + src: files/5-install + dest: /etc/cron-apt/action.d/5-install + mode: 0644 diff --git a/roles/system/tasks/overlayfs.yml b/roles/system/tasks/overlayfs.yml deleted file mode 100644 index 1b9da8f..0000000 --- a/roles/system/tasks/overlayfs.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Install fuse-overlayfs - ansible.builtin.package: - state: present - name: fuse-overlayfs diff --git a/roles/system/tasks/ping.yml b/roles/system/tasks/ping.yml deleted file mode 100644 index e87bfd9..0000000 --- a/roles/system/tasks/ping.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Install ping utility - ansible.builtin.package: - name: iputils-ping - state: present diff --git a/roles/system/tasks/sshd.yml b/roles/system/tasks/sshd.yml deleted file mode 100644 index 3cc6763..0000000 --- a/roles/system/tasks/sshd.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- - -- name: SSH configuration file - ansible.builtin.template: - src: sshd_config.j2 - dest: /etc/ssh/sshd_config - mode: 0644 - notify: - - Restart sshd - -- name: SSH keys home - ansible.posix.authorized_key: - user: root - state: present - key: "{{ lookup('file', 'ssh/home.id_rsa.pub') }}" - -- name: SSH keys work - ansible.posix.authorized_key: - user: root - state: present - key: "{{ lookup('file', 'ssh/work.id_rsa.pub') }}" - -- name: SSH keys stef - ansible.posix.authorized_key: - user: root - state: present - key: "{{ lookup('file', 'ssh/stefofficiel.id_rsa.pub') }}" - path: "~/.ssh/instance_keys" - when: inventory_hostname in groups['fedinupesservers'] diff --git a/roles/system/tasks/sudo.yml b/roles/system/tasks/sudo.yml deleted file mode 100644 index 5b91ecd..0000000 --- a/roles/system/tasks/sudo.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Install sudo utility - ansible.builtin.package: - name: sudo - state: present diff --git a/roles/system/tasks/telnet.yml b/roles/system/tasks/telnet.yml deleted file mode 100644 index d6dbe6d..0000000 --- a/roles/system/tasks/telnet.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Install telnet - ansible.builtin.package: - name: telnet - state: present diff --git a/roles/system/tasks/tmux.yml b/roles/system/tasks/tmux.yml deleted file mode 100644 index 2d45a90..0000000 --- a/roles/system/tasks/tmux.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Install tmux - ansible.builtin.package: - name: tmux - state: present diff --git a/roles/system/tasks/vimrc.yml b/roles/system/tasks/vimrc.yml deleted file mode 100644 index d48b8a1..0000000 --- a/roles/system/tasks/vimrc.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- - -- name: Install vim package - ansible.builtin.package: - name: vim - state: present - -- name: Copy vimrc config file - ansible.builtin.copy: - src: files/vim/ - dest: /root/.vim - mode: 0755 - owner: root - group: root diff --git a/roles/system/tasks/wget.yml b/roles/system/tasks/wget.yml deleted file mode 100644 index eef825a..0000000 --- a/roles/system/tasks/wget.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Install wget package - ansible.builtin.package: - name: wget - state: present