folliehiyuki/sysconfig
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
This repository has been archived on 2024-02-16. You can view files and clone it, but cannot push or open issues or pull requests.
sysconfig/roles/essential/tasks/main.yml
Hoang Nguyen 3cd277e97c
essential: add /etc/hosts 
Also validate unbound config
2022-01-18 23:00:14 +07:00

92 lines
2.1 KiB
YAML
Raw Blame History

---
- name: essential | Install system dependencies
apk:
name: >
doas, nftables, zstd, fish, dbus, elogind, polkit-elogind, terminus-font,
apparmor, apparmor-profiles, libvirt-daemon, qemu-img, qemu-system-x86_64,
qemu-modules, libvirt-guests, shadow-login, unbound, openresolv
available: yes
update_cache: yes
state: present
- name: essential | Start elogind service on runlevel 'boot'
service:
name: elogind
runlevel: boot
enabled: yes
state: started
- name: essential | Start other services on runlevel 'default'
service:
name: '{{ item }}'
runlevel: default
enabled: yes
state: started
loop: [ dbus, ntpd, cgroups ]
- name: essential | Setup eudev
command:
cmd: setup-udev
creates: /etc/runlevels/sysinit/udev
- name: essential | Change the default motd
template:
src: motd.j2
dest: /etc/motd
owner: root
group: root
mode: 0644
- name: essential | Rewrite /etc/hosts
copy:
src: hosts
dest: /etc/hosts
owner: root
group: root
mode: 0644
- name: essential | Use zstd for initramfs
lineinfile:
backup: yes
path: /etc/mkinitfs/mkinitfs.conf
state: present
search_string: initfscomp=
line: initfscomp="zstd"
owner: root
group: root
mode: 0644
validate: grep -F 'initfscomp="zstd"' %s
notify: Regenerate initramfs
- name: essential | Enable logging for openrc
lineinfile:
backup: yes
path: /etc/rc.conf
state: present
search_string: rc_logger="
line: rc_logger="YES"
owner: root
group: root
mode: 0644
validate: grep -F 'rc_logger="YES"' %s
- name: essential | Enable unicode support for openrc
lineinfile:
backup: yes
path: /etc/rc.conf
state: present
search_string: unicode="
line: unicode="YES"
owner: root
group: root
mode: 0644
validate: grep -F 'unicode="YES"' %s
- name: essential | Blacklist bluetooth related kernel modules
copy:
src: bluetooth-blacklist.conf
dest: /etc/modprobe.d/bluetooth-blacklist.conf
owner: root
group: root
mode: 0644
Reference in a new issue View git blame Copy permalink