2022-01-14 19:46:59 +01:00
|
|
|
---
|
2022-10-01 16:15:29 +02:00
|
|
|
- name: Gathering facts
|
2022-01-14 19:46:59 +01:00
|
|
|
hosts: all
|
2022-10-16 12:31:57 +02:00
|
|
|
gather_facts: true
|
2022-01-14 19:46:59 +01:00
|
|
|
tags: always
|
2022-10-01 16:15:29 +02:00
|
|
|
|
|
|
|
- name: Sanity checks
|
|
|
|
hosts: all
|
|
|
|
tags: always
|
2022-02-11 18:39:35 +01:00
|
|
|
tasks:
|
2022-10-01 16:15:29 +02:00
|
|
|
- name: Check user ID
|
2022-02-11 18:39:35 +01:00
|
|
|
fail:
|
|
|
|
msg: This playbook should only be run as 'root'
|
|
|
|
when: ansible_real_user_id != 0
|
2022-10-01 16:15:29 +02:00
|
|
|
- name: Import list of accepted values for defined variables
|
|
|
|
include_vars:
|
|
|
|
name: accepted_values
|
|
|
|
file: ./requirements/accepted_variables.yml
|
|
|
|
- name: Check defined values of top-level variables
|
2022-06-19 20:27:32 +02:00
|
|
|
fail:
|
2022-10-01 16:15:29 +02:00
|
|
|
msg: 'Variable `{{ item }}` needs to be 1 of {{ accepted_values[item] }}'
|
|
|
|
when: not vars[item] in accepted_values[item]
|
|
|
|
loop: '{{ accepted_values | flatten }}'
|
2022-01-14 19:46:59 +01:00
|
|
|
|
|
|
|
- name: Setup the system
|
|
|
|
hosts: all
|
2022-08-18 14:56:44 +02:00
|
|
|
# Hard-coded variables that shouldn't be configured
|
|
|
|
vars:
|
|
|
|
# elogind needs polkit to function
|
|
|
|
use_polkit: '{{ (seat_manager == "elogind") | ternary("True", polkit) }}'
|
2022-01-14 19:46:59 +01:00
|
|
|
roles:
|
|
|
|
- role: essential
|
|
|
|
tags: essential
|
2022-05-20 18:55:40 +02:00
|
|
|
- role: devd
|
|
|
|
tags: devd
|
2022-02-17 05:45:52 +01:00
|
|
|
- role: acpi
|
|
|
|
tags: acpi
|
|
|
|
- role: seat
|
|
|
|
tags: seat
|
2022-02-11 18:39:35 +01:00
|
|
|
- role: fstab
|
|
|
|
tags: fstab
|
2022-01-14 19:46:59 +01:00
|
|
|
- role: nftables
|
|
|
|
tags: nftables
|
|
|
|
- role: apparmor
|
|
|
|
tags: apparmor
|
2023-04-05 19:00:00 +02:00
|
|
|
- role: auditd
|
|
|
|
tags: auditd
|
|
|
|
- role: ntpd
|
|
|
|
tags: ntpd
|
2022-01-14 19:46:59 +01:00
|
|
|
- role: cron
|
|
|
|
tags: cron
|
2022-10-01 16:15:29 +02:00
|
|
|
- role: networking
|
|
|
|
tags: networking
|
2022-01-14 19:46:59 +01:00
|
|
|
- role: libvirt
|
|
|
|
tags: libvirt
|
|
|
|
- role: tlp
|
2022-06-19 20:27:32 +02:00
|
|
|
tags: [laptop, tlp]
|
|
|
|
- role: dns
|
|
|
|
tags: dns
|
2022-02-27 17:00:01 +01:00
|
|
|
- role: usbguard
|
|
|
|
tags: usbguard
|
2022-01-14 19:46:59 +01:00
|
|
|
- role: zram
|
|
|
|
tags: zram
|
2022-07-23 13:43:38 +02:00
|
|
|
- role: earlyoom
|
|
|
|
tags: earlyoom
|
2022-01-14 19:46:59 +01:00
|
|
|
- role: user
|
|
|
|
tags: user
|