blob: c6d88c354f83d60348fa210cc39871e37cd180da (
plain) (
tree)
|
|
- name: Disable unattended-upgrades
ansible.builtin.systemd:
name: unattended-upgrades
state: stopped
enabled: false
- name: install packages
apt:
name:
- apt-transport-https
- build-essential
- ca-certificates
- mariadb-client
- cifs-utils
- vnstat
- postfix
- lsb-release
- python3
- python3-dev
- python3-pip
- unzip
- gnupg
- rsync
- htop
- curl
- tree
- zip
- vim
- zsh
- git
update_cache: true
- name: Add Docker GPG apt Key
apt_key:
url: https://download.docker.com/linux/debian/gpg
keyring: /etc/apt/trusted.gpg.d/docker.gpg
state: present
- name: Add Docker Repository
apt_repository:
repo: deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker.gpg] https://download.docker.com/linux/debian {{ ansible_distribution_release | lower }} stable
state: present
- name: Update apt and install docker-ce
apt:
name:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-compose-plugin
state: latest
update_cache: true
- name: Install Docker Module for Python
pip:
name:
- docker
- docker-compose
- name: enable docker service
systemd:
name: docker
enabled: true
daemon_reload: true
- name: Clean unneeded packages
apt:
autoremove: true
purge: true
- name: Create samba credential (used for fstab entry)
copy:
content: |
username={{ lookup('aws_ssm', '/jinwei-me/hetzner/username') }}
password={{ lookup('aws_ssm', '/jinwei-me/hetzner/password') }}
dest: "{{ user_home }}/.credential"
mode: 0600
become: true
become_user: admin
- name: Create directory
file:
path: "{{ samba_mount_point }}"
state: directory
mode: '0755'
- name: Create fstab entry for samba
mount:
state: mounted
fstype: cifs
opts: "credentials={{ user_home }}/.credential,file_mode=0755,dir_mode=0755,user"
src: "//{{ lookup('aws_ssm', '/jinwei-me/hetzner/storagebox') }}"
path: "{{ samba_mount_point }}"
become: true
- name: Install Datadog
shell: |
export DD_API_KEY={{ lookup('aws_ssm', '/jinwei-me/datadog/api_key') }} && \
export DD_SITE="datadoghq.com" && \
bash -c "$(curl -L https://s3.amazonaws.com/dd-agent/scripts/install_script_agent7.sh)"
- name: enable datadog service
systemd:
name: datadog-agent
enabled: true
daemon_reload: true
|