Add tags and remove bool checks
This commit is contained in:
parent
169bd35d83
commit
6721553a2d
|
@ -11,25 +11,33 @@
|
|||
- sudo
|
||||
- iptables
|
||||
cache_valid_time: 3600
|
||||
when: packages|bool == true
|
||||
tags:
|
||||
- setup
|
||||
- packages
|
||||
- name: Upgrade all packages to the latest version
|
||||
apt:
|
||||
name: "*"
|
||||
state: latest
|
||||
when: packages|bool == true
|
||||
tags:
|
||||
- update
|
||||
- packages
|
||||
- name: Clean up unused dependencies and packages
|
||||
apt:
|
||||
autoremove: yes
|
||||
autoclean: yes
|
||||
when: packages|bool == true
|
||||
tags:
|
||||
- update
|
||||
- packages
|
||||
- name: Create unpriviledged user
|
||||
user:
|
||||
name: '{{ username }}'
|
||||
password: "{{ password | password_hash('sha512') }}"
|
||||
password: "{{ password | password_hash('sha512') }}" # TODO: Set up a vault for user and pass
|
||||
shell: /bin/zsh
|
||||
groups: sudo
|
||||
append: yes
|
||||
when: user|bool == true
|
||||
tags:
|
||||
- setup
|
||||
- users
|
||||
notify:
|
||||
- Disable the root account
|
||||
- name: Copy ssh key for unpriviledged user
|
||||
|
@ -37,11 +45,15 @@
|
|||
key: "{{lookup('file', '{{ role_path }}/files/ssh.pub')}}"
|
||||
follow: yes
|
||||
user: '{{ username }}'
|
||||
when: user|bool == true
|
||||
tags:
|
||||
- setup
|
||||
- users
|
||||
- name: Set base iptables filter
|
||||
copy:
|
||||
src: '{{ role_path }}/files/iptables-rules/'
|
||||
dest: '/etc/iptables/'
|
||||
notify:
|
||||
- Enable and restart iptables
|
||||
when: iptables|bool == true
|
||||
tags:
|
||||
- update
|
||||
- firewall
|
||||
|
|
Reference in New Issue