2024-10-25 17:35:21 +08:00
|
|
|
---
|
2024-10-25 20:36:12 +08:00
|
|
|
- hosts:
|
|
|
|
- debian
|
2024-10-29 01:36:24 +08:00
|
|
|
become: true
|
|
|
|
vars_files: "{{ playbook_dir | dirname | dirname | dirname }}/inventory/group_vars/debian.yml"
|
2024-10-25 17:35:21 +08:00
|
|
|
tasks:
|
2025-01-07 15:55:20 +08:00
|
|
|
# Ensure SSH directory exists
|
|
|
|
- name: Ensure SSH directory exists
|
|
|
|
file:
|
|
|
|
path: ~/.ssh/
|
|
|
|
state: directory
|
|
|
|
mode: "0700"
|
2024-10-25 22:35:10 +08:00
|
|
|
- name: Add SSH key to authorized_hosts - Debian
|
2024-10-25 17:35:21 +08:00
|
|
|
authorized_key:
|
|
|
|
user: root
|
|
|
|
state: present
|
|
|
|
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
|
2025-01-07 15:55:20 +08:00
|
|
|
path: ~/.ssh/authorized_keys
|
2024-10-29 01:36:24 +08:00
|
|
|
- name: Enable Root Login
|
|
|
|
lineinfile:
|
|
|
|
dest: /etc/ssh/sshd_config
|
|
|
|
regexp: "^PermitRootLogin"
|
|
|
|
line: "PermitRootLogin yes"
|
|
|
|
state: present
|
|
|
|
notify: Restart SSHD on Config Change
|
2024-10-25 17:35:21 +08:00
|
|
|
- name: Update all packages
|
|
|
|
apt:
|
|
|
|
update_cache: true
|
|
|
|
autoremove: true
|
|
|
|
state: latest
|
2024-10-29 01:36:24 +08:00
|
|
|
- name: Install Docker
|
|
|
|
apt:
|
|
|
|
name:
|
|
|
|
- docker
|
|
|
|
update_cache: false
|
|
|
|
autoremove: true
|
|
|
|
state: latest
|
|
|
|
# Safety net if this script is ran twice
|
|
|
|
notify: Restart Docker Containers
|
2024-10-25 22:35:10 +08:00
|
|
|
- name: Install packages - Debian
|
2024-10-25 17:35:21 +08:00
|
|
|
apt:
|
|
|
|
name:
|
|
|
|
- vim
|
|
|
|
- nginx
|
|
|
|
- htop
|
|
|
|
- tmux
|
|
|
|
- samba
|
|
|
|
- docker-compose
|
|
|
|
- neofetch
|
|
|
|
- cifs-utils
|
2024-10-25 20:06:19 +08:00
|
|
|
- borgbackup
|
2024-10-25 17:35:21 +08:00
|
|
|
- curl
|
2024-11-02 20:41:41 +08:00
|
|
|
- wget
|
2024-10-25 21:48:54 +08:00
|
|
|
- syncthing
|
|
|
|
- socat
|
|
|
|
- fish
|
2024-10-29 01:36:24 +08:00
|
|
|
- iperf3
|
2025-01-07 15:55:20 +08:00
|
|
|
- dnsmasq
|
2024-10-25 20:00:21 +08:00
|
|
|
# Cache is already updated from previous step
|
2024-10-25 17:35:21 +08:00
|
|
|
update_cache: false
|
|
|
|
autoremove: true
|
|
|
|
state: latest
|
|
|
|
- name: Install ACME
|
2024-10-29 01:36:24 +08:00
|
|
|
shell: curl https://get.acme.sh | sh -s email="{{ ACME_EMAIL }}"
|
|
|
|
- name: Enable Syncthing Service
|
|
|
|
command: systemctl enable syncthing@root.service
|
2024-10-29 02:05:56 +08:00
|
|
|
- name: Start Syncthing Service
|
|
|
|
command: systemctl start syncthing@root.service
|
2024-10-29 01:36:24 +08:00
|
|
|
- name: Allow Syncthing Remote Management
|
|
|
|
replace:
|
|
|
|
path: /root/.config/syncthing/config.xml
|
|
|
|
regexp: "<address>127.0.0.1:8384</address>"
|
|
|
|
replace: "<address>0.0.0.0:8384</address>"
|
|
|
|
notify: Restart Syncthing Service
|
|
|
|
- name: Copy Template Scripts
|
|
|
|
copy:
|
|
|
|
src: "{{ playbook_dir | dirname | dirname }}/files/debian/setup/scripts/"
|
|
|
|
dest: /root/scripts/
|
|
|
|
mode: "0644"
|
|
|
|
force: false
|
|
|
|
- name: Copy Crontab Template
|
|
|
|
copy:
|
|
|
|
src: "{{ playbook_dir | dirname | dirname }}/files/debian/setup/crontabs/"
|
|
|
|
dest: /var/spool/cron/crontabs/
|
|
|
|
mode: "0600"
|
|
|
|
force: false
|
|
|
|
- name: Copy Samba Credentials Template
|
|
|
|
copy:
|
|
|
|
src: "{{ playbook_dir | dirname | dirname }}/files/debian/setup/samba/"
|
|
|
|
dest: /root/.samba/
|
|
|
|
mode: "0644"
|
|
|
|
force: false
|
|
|
|
|
|
|
|
handlers:
|
|
|
|
# Restart Syncthing on Config Change
|
|
|
|
- name: Restart Syncthing Service
|
|
|
|
command: systemctl restart syncthing@root.service
|
|
|
|
# Restart SSHD on Config Change
|
|
|
|
- name: Restart SSHD on Config Change
|
|
|
|
command: systemctl restart sshd
|
|
|
|
# Restart Docker Containers on Docker Update
|
|
|
|
- name: Restart Docker Containers
|
2024-11-07 18:54:42 +08:00
|
|
|
command: bash "/root/scripts/start_services.sh"
|