ansible-roles/evolinux-base/tasks/packages.yml

147 lines
3.0 KiB
YAML

---
- name: Install/Update system tools
apt:
name:
- locales
- sudo
- ntpdate
- lsb-release
- dnsutils
- pv
- apg
- conntrack
- logrotate
- bash-completion
- ssl-cert
- ca-certificates
- rename
when: evolinux_packages_system
- name: Install/Update diagnostic tools
apt:
name:
- strace
- htop
- iftop
- iptraf
- ncdu
- iotop
- tcpdump
- mtr-tiny
- curl
- telnet
- traceroute
- man
when: evolinux_packages_diagnostic
- name: Install/Update hardware tools
apt:
name:
- hdparm
- smartmontools
- lm-sensors
when: evolinux_packages_hardware
- name: Install/Update common tools
apt:
name:
- vim
- screen
- tmux
- mutt
- tree
- git
- subversion
- rsync
- bc
- pinentry-curses
- ncurses-term
when: evolinux_packages_common
- name: Be sure that openntpd package is absent/purged
apt:
name: openntpd
state: absent
purge: True
when: evolinux_packages_purge_openntpd
- name: the chrony package is absent
apt:
name: chrony
purge: True
state: absent
when: evolinux_packages_purge_chrony
- name: Be sure locate/mlocate is absent/purged
apt:
name:
- locate
- mlocate
state: absent
purge: yes
when: evolinux_packages_purge_locate
- name: Install/Update serveur-base meta-package
apt:
name: serveur-base
allow_unauthenticated: yes
when: evolinux_packages_serveur_base
- name: Install/Update packages for Stretch and later
apt:
name: net-tools
when:
- evolinux_packages_stretch
- ansible_distribution_major_version is version('9', '>=')
- name: Install/Update packages for Buster and later
apt:
name:
- spectre-meltdown-checker
- binutils
when:
- evolinux_packages_buster
- ansible_distribution_major_version is version('10', '>=')
- name: Customize logcheck recipient
lineinfile:
dest: /etc/logcheck/logcheck.conf
regexp: '^SENDMAILTO=".*"$'
line: 'SENDMAILTO="{{ logcheck_alert_email or general_alert_email | mandatory }}"'
when: evolinux_packages_logcheck_recipient
- name: Deleting rpcbind and nfs-common
apt:
name:
- rpcbind
- nfs-common
state: absent
when: evolinux_packages_delete_nfs
# TODO: use ini_file when Ansible > 2.1 (no_extra_spaces: yes)
- name: Configure Listchanges on Jessie
lineinfile:
dest: /etc/apt/listchanges.conf
regexp: '^{{ item.option }}\s*='
line: "{{ item.option }}={{ item.value }}"
with_items:
- { option: "confirm", value: "1" }
- { option: "which", value: "both" }
when:
- evolinux_packages_listchanges
- ansible_distribution == "Debian"
- ansible_distribution_release == "jessie"
- name: apt-listchanges is absent on Stretch and later
apt:
name: apt-listchanges
state: absent
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version is version('9', '>=')
- meta: flush_handlers