ilia/ansible
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
ansible/roles/base/tasks/main.yml
ilia 378b9d4686
Some checks failed
CI / lint-and-test (pull_request) Successful in 1m16s
Details
CI / ansible-validation (pull_request) Successful in 5m54s
Details
CI / secret-scanning (pull_request) Successful in 1m33s
Details
CI / dependency-scan (pull_request) Successful in 2m49s
Details
CI / sast-scan (pull_request) Successful in 8m53s
Details
CI / license-check (pull_request) Successful in 1m16s
Details
CI / vault-check (pull_request) Failing after 9m5s
Details
CI / playbook-test (pull_request) Successful in 6m10s
Details
CI / container-scan (pull_request) Successful in 4m35s
Details
CI / sonar-analysis (pull_request) Successful in 5m55s
Details
CI / workflow-summary (pull_request) Successful in 1m6s
Details
Enhance Makefile and host configurations for improved usability and error handling 
- Update `dev` target in Makefile to support optional SUDO and SSH_PASS parameters for better flexibility.
- Correct the IP address for `dev02` in the inventory file.
- Add host variables for `KrakenMint`, including user configuration and vault file for sensitive data.
- Modify `dev02` host variables to skip data science stack installation.
- Implement tasks to remove NodeSource repository across multiple roles to prevent GPG errors during apt operations.
- Update development playbook to handle Node.js installation more robustly, including checks for existing installations and repository configurations.
- Ensure apt cache updates ignore NodeSource errors to improve reliability.
2025-12-25 16:46:47 -05:00

89 lines
2.1 KiB
YAML
Raw Blame History

---
- name: Ensure Ansible remote_tmp directory exists with correct permissions
ansible.builtin.file:
path: /root/.ansible/tmp
state: directory
mode: '0755'
owner: root
group: root
become: true
- name: Install base system packages
ansible.builtin.apt:
name:
# Base utilities
- curl
- wget
- unzip
- xclip
- tree
- copyq
# Network and admin tools
- net-tools
- ufw
- mailutils
# Modern CLI tools
- jq
- ripgrep
- fd-find
# Power management (TLP for laptops)
- tlp
- tlp-rdw
state: present
- name: Install yq YAML processor
ansible.builtin.apt:
name: yq
state: present
update_cache: false
failed_when: false
register: yq_apt_install
- name: Install yq from binary if apt fails
when: yq_apt_install.failed or yq_apt_install is not succeeded
block:
- name: Download yq binary
ansible.builtin.get_url:
url: https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
dest: /usr/local/bin/yq
mode: '0755'
register: yq_download
- name: Verify yq installation
ansible.builtin.command: yq --version
changed_when: false
- name: Create fd symlink (Ubuntu uses fd-find)
ansible.builtin.file:
src: /usr/bin/fdfind
dest: /usr/local/bin/fd
state: link
when: ansible_distribution == "Ubuntu"
# fail2ban configuration moved to monitoring role
# UFW enablement moved to ssh role to avoid lockout
- name: Set timezone
community.general.timezone:
name: "{{ timezone | default('UTC') }}"
- name: Configure locale
community.general.locale_gen:
name: "{{ locale | default('en_US.UTF-8') }}"
state: present
- name: Gather package facts to check for TLP
ansible.builtin.package_facts:
manager: apt
when: ansible_facts.packages is not defined
- name: Enable and start TLP service
ansible.builtin.systemd:
name: tlp
enabled: true
state: started
daemon_reload: true
become: true
when: ansible_facts.packages is defined and 'tlp' in ansible_facts.packages
Reference in New Issue View Git Blame Copy Permalink