32 lines
771 B
YAML
32 lines
771 B
YAML
|
# vi: ft=yaml.ansible
|
||
|
|
- name: update repos
|
||
|
|
become: true
|
||
|
|
apt:
|
||
|
|
upgrade: yes
|
||
|
|
update_cache: yes
|
||
|
|
cache_valid_time: 12800
|
||
|
|
- pam_limits:
|
||
|
|
domain: '*'
|
||
|
|
limit_type: soft
|
||
|
|
limit_item: nofile
|
||
|
|
value: 1280000
|
||
|
|
- name: install ntp
|
||
|
|
apt: pkg=ntp state=present
|
||
|
|
- name: install vim
|
||
|
|
apt: pkg=vim state=present
|
||
|
|
- name: install python3
|
||
|
|
apt: pkg=python3 state=present
|
||
|
|
- name: install build-essential
|
||
|
|
apt: pkg=build-essential state=present
|
||
|
|
- name: ensure ntp is running
|
||
|
|
service: name=ntp state=started enabled=yes
|
||
|
|
- name: Disallow SSH password authentication
|
||
|
|
lineinfile:
|
||
|
|
dest: /etc/ssh/sshd_config
|
||
|
|
regexp: "^PasswordAuthentication"
|
||
|
|
line: "PasswordAuthentication no"
|
||
|
|
state: present
|
||
|
|
validate: sshd -t -f %s
|
||
|
|
notify:
|
||
|
|
- restart sshd
|