blob: 6b695c94b522fe765b4df3397207e01db5577caa (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
- hosts: radicle-multi
remote_user: debian
become: yes
roles:
- role: sane_debian_system
- role: sshd
- role: comfortable-debian-system
- role: unix_users
- role: rust-rustup
- role: liw
tasks:
- name: "disable access to seed.radicle.garden in DNS"
lineinfile:
path: /etc/hosts
regex: seed.radicle.garden
line: 127.0.0.1 seed.radicle.garden
- name: "disable access to seed.radicle.xyz in DNS"
lineinfile:
path: /etc/hosts
regex: seed.radicle.xyz
line: 127.0.0.1 seed.radicle.xyz
- name: "install important additional packages"
apt:
name:
- moreutils
- nmap
- ripgrep
vars:
ansible_python_interpreter: /usr/bin/python3
sane_debian_system_version: 2
sane_debian_system_hostname: "{{ inventory_hostname }}"
sane_debian_system_codename: bookworm
sane_debian_system_timezone: Europe/Helsinki
sane_debian_system_sources_lists:
- repo: |
deb http://security.debian.org/debian-security bookworm-security main contrib non-free
unix_users_version: 2
unix_users:
- username: liw
comment: Lars Wirzenius
sudo: yes
sshd_version: 1
rustup_cargo_install: |
starship
|