Ansible role. Configure Linux: acpi, aliases, apparmor, apt, authorized keys, autofs, automatic upgrades, bluetooth, cron, debsums, dnsmasq, fstab, gpg, gpsd, groups, grub, hostname, hosts, chrony, iptables, kvm, latex, libvirt, lid, logrotate, modem manager, modules, netplan, networkd, networkmanager, nfsd, packages, passwords, pm-utils, postfix, rc.local, repos, resolvconf, service, smart, speech-dispatcher, ssh, sshd, sudoers, swap, sysctl, systemd, timesyncd, timezone, tlp, udev, ufw, users, virtualbox, wpa_gui, wpa_supplicant, xen, xorg.conf.d, zfs, (wip ...)
Documentation at readthedocs.io
This role and the documentation is work in progress. If the documentation of a task is missing it's necessary to review the source code to learn how to use it. If a functionality is missing consider role config_light. See various examples. If config_light is not able to do what you want create new tasks.
Feel free to share your feedback and report issues.
This role has been developed and tested in
- Ubuntu Supported Releases
- Armbian 5.90
This may be different from the platforms in Ansible Galaxy which does not offer all
released versions in time and would report an error. For example:
IMPORTER101: Invalid platform: "Ubuntu focal", skipping.
- ansible.posix
- community.general
See defaults and examples in vars.
- Install the role and collections
shell> ansible-galaxy role install vbotka.linux_postinstall
shell> ansible-galaxy collection install ansible.posix
shell> ansible-galaxy collection install community.general
- Change variables, e.g. in vars/main.yml
shell> editor vbotka.linux_postinstall/vars/main.yml
- See OS specific variables in vars/defaults
- See examples in vars/main.yml.sample
- Customize and/or add Flavor specific variables in vars/flavors
- Optionally enable lp_flavors_enable: true. This will slowdown the playbook
- Optionally put customized OS specific variables into the vars directory
- See tasks/vars.yml for the naming conventions and precedence
- Os specific variables will overwrite variables in var/main.yml
- Create the inventory
shell> cat hosts
[group1]
host1.example.com
[group1:vars]
ansible_user: admin
ansible_connection=ssh
ansible_python_interpreter=/usr/bin/python3.8
ansible_perl_interpreter=/usr/bin/perl
- Create the playbook
shell> cat linux-postinstall.yml
- hosts: group1
become: yes
become_user: root
become_method: sudo
roles:
- vbotka.linux_postinstall
- Run the playbook
shell> ansible-playbook linux-postinstall.yml
Check syntax of the playbook
shell> ansible-playbook linux-postinstall.yml --syntax-check
Review variables. Optionally detect and store flavors
shell> ansible-playbook linux-postinstall.yml -t lp_vars
Run the playbook in check mode
shell> ansible-playbook linux-postinstall.yml --check
If all is right run the playbook twice. In second run all tasks shall be OK and 0 changed, unreachable and failed.
shell> ansible-playbook linux-postinstall.yml
Packages listed in the variables lp_*_packages will be automatically installed by the tasks/packages.yml if enabled by variable lp_* . For example
lp_libvirt: true
lp_libvirt_packages:
- libvirt0
- libvirt-bin
- libvirt-daemon
- libvirt-daemon-driver-storage-rbd
- libvirt-daemon-system
- virtinst
The packages listed in lp_libvirt_packages will be included in the packages installed by
shell> ansible-playbook linux-postinstall.yml -t lp_packages
Variable lp_service_enable contains a list of services automatically managed by the task service.yml. A service will be manged by the task service.yml if lp_<service>: true. Setting lp_<service>: false will disable management of the service by the task service.yml. Variable lp_<service>_enable controls the status of the service. For example service udev will be enabled, because it is listed among lp_service_enable and by default
lp_udev: true
lp_udev_enable: true
Run the following command to see what services will be managed.
shell> ansible-playbook linux-postinstall.yml -e lp_service_debug=true -t lp_service_debug
See service.yml for details.
- Configure users, sudoers and persistent network interfaces
ansible-playbook linux-postinstall.yml -t lp_vars
ansible-playbook linux-postinstall.yml -t lp_hostname
ansible-playbook linux-postinstall.yml -t lp_users
ansible-playbook linux-postinstall.yml -t lp_sudoers
ansible-playbook linux-postinstall.yml -t lp_udev
ansible-playbook linux-postinstall.yml -t lp_netplan
ansible-playbook linux-postinstall.yml -t lp_wpasupplicant
ansible-playbook linux-postinstall.yml -t lp_reboot -e 'lp_reboot=true lp_reboot_force=true'
- Configure the firewall. For example iptables
shell> ansible-playbook linux-postinstall.yml -t lp_iptables
- Test installation of the packages
shell> ansible-playbook -t lp_packages -e 'lp_package_install_dryrun=true' linux-postinstall.yml
- Install packages
shell> ansible-playbook -t lp_packages linux-postinstall.yml
- Check, install and configure other tasks
shell> ansible-playbook linux-postinstall.yml --check
shell> ansible-playbook linux-postinstall.yml
-
Chrony - RHEL 7 System Administrator's Guide: CHAPTER 18. CONFIGURING NTP USING THE CHRONY SUITE
-
Chrony - RHEL 7 System Administrator's Guide: CHAPTER 3. CONFIGURING THE DATE AND TIME
-
How To Implement a Basic Firewall Template with Iptables on Ubuntu 14.04 - DO tutorial
-
Networkd Managing WPA wireless with systemd-networkd - ArchLinux BBS
-
Packages - How to prevent updating of a specific package? - Ubuntu Ask
-
rc.local - AskUbuntu: How can I make /etc/rc.local run on startup?
-
VirtualBox - Install Oracle VM VirtualBox in Ubuntu - eLinuxBook