ansible-playbooks/roles/tasks/debian/setup.yml

---
- hosts:
    - debian
  become: true
  vars_files: "{{ playbook_dir | dirname | dirname | dirname }}/inventory/group_vars/debian.yml"
  tasks:
    - name: Add SSH key to authorized_hosts - Debian
      authorized_key:
        user: root
        state: present
        key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
        path: /root/.ssh/authorized_keys
    - name: Enable Root Login
      lineinfile:
        dest: /etc/ssh/sshd_config
        regexp: "^PermitRootLogin"
        line: "PermitRootLogin yes"
        state: present
      notify: Restart SSHD on Config Change
    - name: Update all packages
      apt:
        update_cache: true
        autoremove: true
        state: latest
    - name: Install Docker
      apt:
        name:
          - docker
        update_cache: false
        autoremove: true
        state: latest
      # Safety net if this script is ran twice
      notify: Restart Docker Containers
    - name: Install packages - Debian
      apt:
        name:
          - vim
          - nginx
          - htop
          - tmux
          - samba
          - docker-compose
          - neofetch
          - cifs-utils
          - borgbackup
          - curl
          - wget
          - syncthing
          - socat
          - fish
          - iperf3
          - resolvconf
        # Cache is already updated from previous step
        update_cache: false
        autoremove: true
        state: latest
    - name: Install ACME
      shell: curl https://get.acme.sh | sh -s email="{{ ACME_EMAIL }}"
    - name: Enable Syncthing Service
      command: systemctl enable syncthing@root.service
    - name: Start Syncthing Service
      command: systemctl start syncthing@root.service
    - name: Allow Syncthing Remote Management
      replace:
        path: /root/.config/syncthing/config.xml
        regexp: "<address>127.0.0.1:8384</address>"
        replace: "<address>0.0.0.0:8384</address>"
      notify: Restart Syncthing Service
    - name: Copy Template Scripts
      copy:
        src: "{{ playbook_dir | dirname | dirname }}/files/debian/setup/scripts/"
        dest: /root/scripts/
        mode: "0644"
        force: false
    - name: Copy Crontab Template
      copy:
        src: "{{ playbook_dir | dirname | dirname }}/files/debian/setup/crontabs/"
        dest: /var/spool/cron/crontabs/
        mode: "0600"
        force: false
    - name: Copy Samba Credentials Template
      copy:
        src: "{{ playbook_dir | dirname | dirname }}/files/debian/setup/samba/"
        dest: /root/.samba/
        mode: "0644"
        force: false

  handlers:
    # Restart Syncthing on Config Change
    - name: Restart Syncthing Service
      command: systemctl restart syncthing@root.service
    # Restart SSHD on Config Change
    - name: Restart SSHD on Config Change
      command: systemctl restart sshd
    # Restart Docker Containers on Docker Update
    - name: Restart Docker Containers
      command: bash "/root/scripts/start_services.sh"
Add first playbooks 2024-10-25 17:35:21 +08:00			`---`
Update groupings in playbooks 2024-10-25 20:36:12 +08:00			`- hosts:`
			`- debian`
Update playbooks 2024-10-29 01:36:24 +08:00			`become: true`
			`vars_files: "{{ playbook_dir \| dirname \| dirname \| dirname }}/inventory/group_vars/debian.yml"`
Add first playbooks 2024-10-25 17:35:21 +08:00			`tasks:`
Update folder structure 2024-10-25 22:35:10 +08:00			`- name: Add SSH key to authorized_hosts - Debian`
Add first playbooks 2024-10-25 17:35:21 +08:00			`authorized_key:`
			`user: root`
			`state: present`
			`key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"`
			`path: /root/.ssh/authorized_keys`
Update playbooks 2024-10-29 01:36:24 +08:00			`- name: Enable Root Login`
			`lineinfile:`
			`dest: /etc/ssh/sshd_config`
			`regexp: "^PermitRootLogin"`
			`line: "PermitRootLogin yes"`
			`state: present`
			`notify: Restart SSHD on Config Change`
Add first playbooks 2024-10-25 17:35:21 +08:00			`- name: Update all packages`
			`apt:`
			`update_cache: true`
			`autoremove: true`
			`state: latest`
Update playbooks 2024-10-29 01:36:24 +08:00			`- name: Install Docker`
			`apt:`
			`name:`
			`- docker`
			`update_cache: false`
			`autoremove: true`
			`state: latest`
			`# Safety net if this script is ran twice`
			`notify: Restart Docker Containers`
Update folder structure 2024-10-25 22:35:10 +08:00			`- name: Install packages - Debian`
Add first playbooks 2024-10-25 17:35:21 +08:00			`apt:`
			`name:`
			`- vim`
			`- nginx`
			`- htop`
			`- tmux`
			`- samba`
			`- docker-compose`
			`- neofetch`
			`- cifs-utils`
Add borg to setup packages 2024-10-25 20:06:19 +08:00			`- borgbackup`
Add first playbooks 2024-10-25 17:35:21 +08:00			`- curl`
Update scripts 2024-11-02 20:41:41 +08:00			`- wget`
Add Ansible OpenWRT role 2024-10-25 21:48:54 +08:00			`- syncthing`
			`- socat`
			`- fish`
Update playbooks 2024-10-29 01:36:24 +08:00			`- iperf3`
Omit use of tmux in playbooks for more verbose error handling 2024-11-07 18:54:42 +08:00			`- resolvconf`
Add distribution filter and update README 2024-10-25 20:00:21 +08:00			`# Cache is already updated from previous step`
Add first playbooks 2024-10-25 17:35:21 +08:00			`update_cache: false`
			`autoremove: true`
			`state: latest`
			`- name: Install ACME`
Update playbooks 2024-10-29 01:36:24 +08:00			`shell: curl https://get.acme.sh \| sh -s email="{{ ACME_EMAIL }}"`
			`- name: Enable Syncthing Service`
			`command: systemctl enable syncthing@root.service`
Update playbooks 2024-10-29 02:05:56 +08:00			`- name: Start Syncthing Service`
			`command: systemctl start syncthing@root.service`
Update playbooks 2024-10-29 01:36:24 +08:00			`- name: Allow Syncthing Remote Management`
			`replace:`
			`path: /root/.config/syncthing/config.xml`
			`regexp: "<address>127.0.0.1:8384</address>"`
			`replace: "<address>0.0.0.0:8384</address>"`
			`notify: Restart Syncthing Service`
			`- name: Copy Template Scripts`
			`copy:`
			`src: "{{ playbook_dir \| dirname \| dirname }}/files/debian/setup/scripts/"`
			`dest: /root/scripts/`
			`mode: "0644"`
			`force: false`
			`- name: Copy Crontab Template`
			`copy:`
			`src: "{{ playbook_dir \| dirname \| dirname }}/files/debian/setup/crontabs/"`
			`dest: /var/spool/cron/crontabs/`
			`mode: "0600"`
			`force: false`
			`- name: Copy Samba Credentials Template`
			`copy:`
			`src: "{{ playbook_dir \| dirname \| dirname }}/files/debian/setup/samba/"`
			`dest: /root/.samba/`
			`mode: "0644"`
			`force: false`

			`handlers:`
			`# Restart Syncthing on Config Change`
			`- name: Restart Syncthing Service`
			`command: systemctl restart syncthing@root.service`
			`# Restart SSHD on Config Change`
			`- name: Restart SSHD on Config Change`
			`command: systemctl restart sshd`
			`# Restart Docker Containers on Docker Update`
			`- name: Restart Docker Containers`
Omit use of tmux in playbooks for more verbose error handling 2024-11-07 18:54:42 +08:00			`command: bash "/root/scripts/start_services.sh"`