--- - name: Main playbook for common services hosts: all become: true # # @author Stéphane Gratias (2023). # # pre_tasks: - name: >- Show target servers -> Hostname : OS - IP debug: msg: "{{ ansible_hostname }} on user {{ ansible_user }}: {{ ansible_distribution }} {{ ansible_distribution_version }} - {{ ansible_default_ipv4.address }}" tags: - always - name: Ensure specified repository packages are into sources list ansible.builtin.apt_repository: repo: "{{ item }}" state: present loop: "{{ apt_repositories_sources }}" tags: - repo roles: - { role: grog.management-user, tags: user } - { role: willshersystems.sshd, tags: ssh } - { role: GROG.package, tags: package } - { role: robertdebock.fail2ban, tags: ban, when: "{{ install_fail2ban|default('false') }}"} - { role: nickhammond.logrotate, tags: log } - { role: geerlingguy.pip, tags: pip } - { role: geerlingguy.docker, tags: docker, when: "{{ install_docker|default('false') }}" } tasks: - name: Ensure scripts directory exist file: path: /usr/local/scripts/ state: directory owner: root group: root mode: 0755 tags: - alerts - name: create the main alertings bash script file template: src: "../templates/alerts.sh.j2" dest: "/usr/local/scripts/alerts.sh" owner: root group: root mode: 0744 tags: - alerts - name: Creates a cron file for alerts under /etc/cron.d ansible.builtin.cron: name: "{{ item.name }}" weekday: "{{ item.weekday }}" minute: "{{ item.minute }}" hour: "{{ item.hour }}" user: "{{ item.user }}" job: "{{ item.job }}" cron_file: "{{ item.cron_file }}" loop: "{{ alerts_cron }}" tags: - alerts # - name: Test semaphore vault pass # debug: # msg: "{{ test_vault }}" # tags: # - vault