path: root/jinwei.me/config/roles/debian_init/tasks/main.yaml



- name: Disable unattended-upgrades
  ansible.builtin.systemd:
    name: unattended-upgrades
    state: stopped
    enabled: false

- name: install packages
  apt:
    name:
      - apt-transport-https
      - build-essential
      - ca-certificates
      - mariadb-client
      - cifs-utils
      - vnstat
      - postfix
      - lsb-release
      - python3
      - python3-dev
      - python3-pip
      - unzip
      - gnupg
      - rsync
      - htop
      - curl
      - tree
      - zip
      - vim
      - zsh
      - git
    update_cache: true

- name: Add Docker GPG apt Key
  apt_key:
    url: https://download.docker.com/linux/debian/gpg
    keyring: /etc/apt/trusted.gpg.d/docker.gpg
    state: present

- name: Add Docker Repository
  apt_repository:
    repo: deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker.gpg] https://download.docker.com/linux/debian {{ ansible_distribution_release | lower }} stable
    state: present

- name: Update apt and install docker-ce
  apt:
    name:
    - docker-ce
    - docker-ce-cli
    - containerd.io
    - docker-compose-plugin
    state: latest
    update_cache: true

- name: Install Docker Module for Python
  pip:
    name:
    - docker
    - docker-compose

- name: enable docker service
  systemd:
    name: docker
    enabled: true
    daemon_reload: true

- name: Clean unneeded packages
  apt:
    autoremove: true
    purge: true

- name: Create samba credential (used for fstab entry)
  copy:
    content: |
      username={{ lookup('aws_ssm', '/jinwei-me/hetzner/username') }}
      password={{ lookup('aws_ssm', '/jinwei-me/hetzner/password') }}
    dest: "{{ user_home }}/.credential"
    mode: 0600
  become: true
  become_user: admin

- name: Create directory
  file:
    path: "{{ samba_mount_point }}"
    state: directory
    mode: '0755'

- name: Create fstab entry for samba
  mount:
    state: mounted
    fstype: cifs
    opts: "credentials={{ user_home }}/.credential,file_mode=0755,dir_mode=0755,user"
    src: "//{{ lookup('aws_ssm', '/jinwei-me/hetzner/storagebox') }}"
    path: "{{ samba_mount_point }}"
  become: true

- name: Install Datadog
  shell: |
    export DD_API_KEY={{ lookup('aws_ssm', '/jinwei-me/datadog/api_key') }} && \
    export DD_SITE="datadoghq.com" && \
    bash -c "$(curl -L https://s3.amazonaws.com/dd-agent/scripts/install_script_agent7.sh)"

- name: enable datadog service
  systemd:
    name: datadog-agent
    enabled: true
    daemon_reload: true
- name: Disable unattended-upgrades
  ansible.builtin.systemd:
    name: unattended-upgrades
    state: stopped
    enabled: false

- name: install packages
  apt:
    name:
      - apt-transport-https
      - build-essential
      - ca-certificates
      - mariadb-client
      - cifs-utils
      - vnstat
      - postfix
      - lsb-release
      - python3
      - python3-dev
      - python3-pip
      - unzip
      - gnupg
      - rsync
      - htop
      - curl
      - tree
      - zip
      - vim
      - zsh
      - git
    update_cache: true

- name: Add Docker GPG apt Key
  apt_key:
    url: https://download.docker.com/linux/debian/gpg
    keyring: /etc/apt/trusted.gpg.d/docker.gpg
    state: present

- name: Add Docker Repository
  apt_repository:
    repo: deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker.gpg] https://download.docker.com/linux/debian {{ ansible_distribution_release | lower }} stable
    state: present

- name: Update apt and install docker-ce
  apt:
    name:
    - docker-ce
    - docker-ce-cli
    - containerd.io
    - docker-compose-plugin
    state: latest
    update_cache: true

- name: Install Docker Module for Python
  pip:
    name:
    - docker
    - docker-compose

- name: enable docker service
  systemd:
    name: docker
    enabled: true
    daemon_reload: true

- name: Clean unneeded packages
  apt:
    autoremove: true
    purge: true

- name: Create samba credential (used for fstab entry)
  copy:
    content: |
      username={{ lookup('aws_ssm', '/jinwei-me/hetzner/username') }}
      password={{ lookup('aws_ssm', '/jinwei-me/hetzner/password') }}
    dest: "{{ user_home }}/.credential"
    mode: 0600
  become: true
  become_user: admin

- name: Create directory
  file:
    path: "{{ samba_mount_point }}"
    state: directory
    mode: '0755'

- name: Create fstab entry for samba
  mount:
    state: mounted
    fstype: cifs
    opts: "credentials={{ user_home }}/.credential,file_mode=0755,dir_mode=0755,user"
    src: "//{{ lookup('aws_ssm', '/jinwei-me/hetzner/storagebox') }}"
    path: "{{ samba_mount_point }}"
  become: true

- name: Install Datadog
  shell: |
    export DD_API_KEY={{ lookup('aws_ssm', '/jinwei-me/datadog/api_key') }} && \
    export DD_SITE="datadoghq.com" && \
    bash -c "$(curl -L https://s3.amazonaws.com/dd-agent/scripts/install_script_agent7.sh)"

- name: enable datadog service
  systemd:
    name: datadog-agent
    enabled: true
    daemon_reload: true