46 lines
1.1 KiB
YAML
46 lines
1.1 KiB
YAML
---
|
|
|
|
- name: install base packages
|
|
apt: name={{item}} state=installed install_recommends=no
|
|
with_items:
|
|
- wget
|
|
- iptables
|
|
- iptables-persistent
|
|
- iputils-ping
|
|
- conntrack
|
|
- ntp
|
|
- tcpdump
|
|
|
|
- name: latest bash (CVE-2014-6271)
|
|
apt: name=bash state=latest install_recommends=no
|
|
|
|
- name: remove timezone
|
|
command: rm -f arg1 removes=/etc/localtime
|
|
|
|
- name: set timezone to UTC
|
|
command: ln -s /usr/share/zoneinfo/UTC arg1 creates=/etc/localtime
|
|
|
|
- name: setting hostname
|
|
copy: content="astara-linux" dest=/etc/hostname
|
|
|
|
- name: set default nameserver
|
|
copy: content="nameserver 8.8.8.8" dest=/etc/resolv.conf
|
|
|
|
- name: vanity motd
|
|
template: src=motd.j2 dest=/etc/motd
|
|
|
|
- name: disable fsck on boot via fastboot
|
|
file: path=/fastboot state=touch
|
|
|
|
- name: reset v4 persistent table rules
|
|
template: src=rules_v4.j2 dest=/etc/iptables/rules.v4
|
|
|
|
- name: reset v6 persistent table rules
|
|
template: src=rules_v6.j2 dest=/etc/iptables/rules.v6
|
|
|
|
- name: clear out network interfaces.d
|
|
shell: rm -f /etc/network/interfaces.d/*
|
|
|
|
- name: reset network interfaces
|
|
file: content="auto lo\niface lo inet loopback" dest=/etc/network/interfaces
|