folliehiyuki/sysconfig
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
This repository has been archived on 2024-02-16. You can view files and clone it, but cannot push or open issues or pull requests.
sysconfig/roles/essential/tasks/main.yml
Hoang Nguyen 39f736f34c
Small changes here and there 
- container: role removed
- ansible:
  - use FQDN module path community.general.packaging.os.apk
  - use "true, false" instead of "yes, no" (stop being annoying, yamllint)
2022-10-16 17:41:04 +07:00

117 lines
2.6 KiB
YAML
Raw Blame History

---
- name: essential | Change repository URLs
template:
src: repositories.j2
dest: /etc/apk/repositories
owner: root
group: root
mode: 0644
- name: essential | Update repository cache and the system
community.general.packaging.os.apk:
available: true
upgrade: true
update_cache: true
- name: essential | Install common dependencies
community.general.packaging.os.apk:
name: zstd, dbus, terminus-font, shadow-login
state: present
- name: essential | Enable logging and unicode support for openrc
lineinfile:
path: /etc/rc.conf
state: present
search_string: '{{ item }}='
line: '{{ item }}="YES"'
owner: root
group: root
mode: 0644
loop:
- rc_logger
- unicode
# https://wiki.gentoo.org/wiki/Elogind
# elogind still requires 'cgroup-hybrid' useflag
- name: essential | Explicitly enable only cgroup v2 for OpenRC
lineinfile:
path: /etc/rc.conf
state: present
search_string: rc_cgroup_mode=
line: rc_cgroup_mode="unified"
owner: root
group: root
mode: 0644
when: seat_manager != 'elogind'
- name: essential | Change the default motd
template:
src: motd.j2
dest: /etc/motd
owner: root
group: root
mode: 0644
- name: essential | Use zstd for initramfs
lineinfile:
path: /etc/mkinitfs/mkinitfs.conf
state: present
search_string: initfscomp=
line: initfscomp="zstd"
owner: root
group: root
mode: 0644
notify: Regenerate initramfs
- name: essential | Blacklist bluetooth related kernel modules
kernel_blacklist:
name: '{{ item }}'
state: present
loop:
- vivid
- bluetooth
- btusb
- name: essential | Use /var/tmp for coredumps
sysctl:
name: kernel.core_pattern
value: /var/tmp/core-%e.%p.%h.%t
state: present
reload: false
- name: essential | Set privacy extension for IPv6
sysctl:
name: net.ipv6.conf.{{ item.name }}.use_tempaddr
value: '2'
state: present
reload: false
loop: '{{ network_interfaces + [{"name": "default"}, {"name": "all"}] }}'
- name: essential | Change the tty font to {{ console_font }}
lineinfile:
path: /etc/conf.d/consolefont
state: present
regexp: '^consolefont='
line: 'consolefont="{{ console_font }}"'
owner: root
group: root
mode: 0644
- name: essential | Start services on runlevel 'boot'
service:
name: '{{ item }}'
runlevel: boot
enabled: true
state: started
loop:
- consolefont
- syslog
- name: essential | Start services on runlevel 'default'
service:
name: '{{ item }}'
runlevel: default
enabled: true
state: started
loop: ['dbus', 'ntpd', 'cgroups']
Reference in a new issue View git blame Copy permalink