Ansible role. Configure Linux: acpi, aliases, apparmor, apt, authorized keys, autofs, automatic upgrades, bluetooth, cron, debsums, dnsmasq, fstab, gpg, gpsd, groups, grub, hostname, hosts, chrony, iptables, kvm, latex, libvirt, lid, logrotate, modem manager, modules, netplan, networkd, networkmanager, nfsd, packages, passwords, pm-utils, postfix, rc.local, repos, resolvconf, service, smart, speech-dispatcher, ssh, sshd, sudoers, swap, sysctl, systemd, timesyncd, timezone, tlp, udev, ufw, users, virtualbox, wpa_gui, wpa_supplicant, xen, xorg.conf.d, zfs, (wip ...)
Documentation at readthedocs.io
This role and the documentation is work in progress. If the documentation of a task is missing it's necessary to review the source code to learn how to use it. If a functionality is missing consider role config_light. See various examples. If config_light is not able to do what you want create new tasks.
Feel free to share your feedback and report issues.
This role has been developed and tested in
- Ubuntu Supported Releases
- Armbian 5.90
Support for other platforms is work in progress. Some tasks are supported also by Centos. You're encouraged to fit the variables in vars/defaults and test the tasks on your own.
- ansible.posix
- ansible.utils
- community.general
See defaults and examples in vars.
- Install the roles and collections
Install roles
shell> ansible-galaxy role install vbotka.linux_postinstall
shell> ansible-galaxy role install vbotka.ansible_lib
shell> ansible-galaxy role install vbotka.linux_lib
The collections ansible.posix and community.general are included in the mainstream ansible packages. If they are missing install them
shell> ansible-galaxy collection install ansible.posix
shell> ansible-galaxy collection install ansible.utils
shell> ansible-galaxy collection install community.general
- Change variables, e.g. in vars/main.yml
shell> editor vbotka.linux_postinstall/vars/main.yml
- See OS specific variables in vars/defaults
- See examples in vars/main.yml.sample
- Customize and/or add Flavor specific variables in vars/flavors
- Optionally enable lp_flavors_enable: true. This will slowdown the playbook
- Optionally put customized OS specific variables into the vars directory
- See tasks/vars.yml for the naming conventions and precedence
- OS specific variables will overwrite variables in var/main.yml
- Create the inventory
shell> cat hosts
[group1]
host1.example.com
[group1:vars]
ansible_user=admin
ansible_connection=ssh
ansible_python_interpreter=/usr/bin/python3.8
ansible_perl_interpreter=/usr/bin/perl
- Create the playbook
shell> cat lp.yml
- hosts: group1
become: yes
become_user: root
become_method: sudo
roles:
- vbotka.linux_postinstall
- Run the playbook
shell> ansible-playbook lp.yml
Check syntax of the playbook
shell> ansible-playbook lp.yml --syntax-check
Review variables. Optionally detect and store flavors
shell> ansible-playbook lp.yml -t lp_vars
Run the playbook in check mode
shell> ansible-playbook lp.yml --check
If all is right run the playbook twice. In second run all tasks shall be OK and 0 changed, unreachable and failed.
shell> ansible-playbook lp.yml
Packages listed in the variables lp_*_packages
will be automatically installed by the tasks/packages.yml if enabled by variables lp_*_install
. For example,
lp_libvirt_install: true
lp_libvirt_packages:
- libvirt0
- libvirt-bin
- libvirt-daemon
- libvirt-daemon-driver-storage-rbd
- libvirt-daemon-system
- virtinst
The packages listed in lp_libvirt_packages
will be included in the packages installed by
shell> ansible-playbook lp.yml -t lp_packages_auto -e lp_packages_auto=true
See:
- chapter Packages
- source code packages.yml
Variable lp_service_auto
contains a list of services automatically
managed by the task service.yml. A service will
be manged by the task service.yml if
lp_<service>: true
. Setting lp_<service>: false
will disable
management of the service by the task
service.yml. Variables lp_<service>_enable
and
lp_<service>_state
control the enablement and state of the
service. For example, service udev, if set lp_udev: true,
will
be enabled and started because it is listed among lp_service_auto
and by default (precedence 2.):
lp_udev: true
lp_udev_enable: true
lp_udev_state: started
Run the below command to see what services will be managed.
shell> ansible-playbook lp.yml -e lp_service_debug=true -t lp_service_debug
See:
- chapter Service
- source code service.yml
- Configure users, sudoers and persistent network interfaces
ansible-playbook lp.yml -t lp_vars
ansible-playbook lp.yml -t lp_hostname
ansible-playbook lp.yml -t lp_groups
ansible-playbook lp.yml -t lp_users
ansible-playbook lp.yml -t lp_sudoers
ansible-playbook lp.yml -t lp_udev
ansible-playbook lp.yml -t lp_netplan
ansible-playbook lp.yml -t lp_wpasupplicant
ansible-playbook lp.yml -t lp_reboot -e 'lp_reboot=true lp_reboot_force=true'
- Configure the firewall. For example iptables
shell> ansible-playbook lp.yml -t lp_iptables
- Test installation of the packages
shell> ansible-playbook -t lp_packages -e 'lp_package_install_dryrun=true' lp.yml
- Install packages
shell> ansible-playbook -t lp_packages lp.yml
- Check, install and configure other tasks
shell> ansible-playbook lp.yml --check
shell> ansible-playbook lp.yml
Use the configuration file .ansible-lint.local when running ansible-lint. Some rules might be disabled and some warnings might be ignored. See the notes in the configuration file.
shell> ansible-lint -c .ansible-lint.local
-
Chrony - RHEL 7 System Administrator's Guide: CHAPTER 18. CONFIGURING NTP USING THE CHRONY SUITE
-
Chrony - RHEL 7 System Administrator's Guide: CHAPTER 3. CONFIGURING THE DATE AND TIME
-
How To Implement a Basic Firewall Template with Iptables on Ubuntu 14.04 - DO tutorial
-
LaTeX How to install LaTeX on Ubuntu 22.04 Jammy Jellyfish - LinuxConfig
-
Networkd Managing WPA wireless with systemd-networkd - ArchLinux BBS
-
Packages - How to prevent updating of a specific package? - Ubuntu Ask
-
rc.local - AskUbuntu: How can I make /etc/rc.local run on startup?
-
VirtualBox - Install Oracle VM VirtualBox in Ubuntu - eLinuxBook