diff --git a/tasks/main.yml b/tasks/main.yml index d2f26e6..ca05049 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -6,12 +6,11 @@ register: debian - name: "install python for debian" raw: apt-get install python --assume-yes - when: debian.stdout - + when: debian.stdout - name: add local repo to mirrorlist become: yes - lineinfile: + lineinfile: path: /etc/pacman.d/mirrorlist line: "Server= {{system_arch_local_mirror}}/$repo/os/$arch" state: present @@ -20,29 +19,27 @@ - name: upgrade system for arch pacman: - state: latest # not required. choices: absent;latest;present. Desired state of the package. - upgrade: true # not required. Whether or not to upgrade whole system. - force: true # not required. When removing package - force remove package, without any checks. When update_cache - force redownload repo databases. - update_cache: true + state: latest # not required. choices: absent;latest;present. Desired state of the package. + upgrade: true # not required. Whether or not to upgrade whole system. + force: true # not required. When removing package - force remove package, without any checks. When update_cache - force redownload repo databases. + update_cache: true become: yes register: upgrade when: not debian.stdout - name: upgrade system for debian apt: - update_cache: yes # not required. Run the equivalent of C(apt-get update) before the operation. Can be run as part of the package installation or as a separate step. - only_upgrade: yes # not required. Only upgrade a package if it is already installed. - upgrade: full # not required. choices: dist;full;no;safe;yes. If yes or safe, performs an aptitude safe-upgrade.,If full, performs an aptitude full-upgrade.,If dist, performs an apt-get dist-upgrade.,Note: This does not upgrade a specific package, use state=latest for that.,Note: Since 2.4, apt-get is used as a fall-back if aptitude is not present. - state: latest # not required. choices: absent;build-dep;latest;present. Indicates the desired package state. C(latest) ensures that the latest version is installed. C(build-dep) ensures the package build dependencies are installed. + update_cache: yes # not required. Run the equivalent of C(apt-get update) before the operation. Can be run as part of the package installation or as a separate step. + only_upgrade: yes # not required. Only upgrade a package if it is already installed. + upgrade: full # not required. choices: dist;full;no;safe;yes. If yes or safe, performs an aptitude safe-upgrade.,If full, performs an aptitude full-upgrade.,If dist, performs an apt-get dist-upgrade.,Note: This does not upgrade a specific package, use state=latest for that.,Note: Since 2.4, apt-get is used as a fall-back if aptitude is not present. + state: latest # not required. choices: absent;build-dep;latest;present. Indicates the desired package state. C(latest) ensures that the latest version is installed. C(build-dep) ensures the package build dependencies are installed. become: yes - when: debian.stdout + when: debian.stdout register: upgrade - - - name: Reboot updates to apply reboot: - reboot_timeout: 3600 + reboot_timeout: 3600 when: upgrade.changed and "linux" in upgrade.packages and not debian.stdout become: yes @@ -76,15 +73,16 @@ become_user: "{{user.name}}" when: sssd_configure == true +- name: set sudoers right lineinfile: - dest: '/etc/sudoers.d/{{user.name}}' - regexp: '{{ item.regexp }}' - line: '{{ item.line }}' - state: 'present' + dest: "/etc/sudoers.d/{{user.name}}" + regexp: "{{ item.regexp }}" + line: "{{ item.line }}" + state: "present" create: True - owner: 'root' - group: 'root' - mode: '0440' + owner: "root" + group: "root" + mode: "0440" validate: 'visudo -cf "%s"' with_items: - regexp: '^{{user.name}}\s' @@ -98,7 +96,6 @@ state: "present" validate: 'visudo -cf "%s"' - - name: Set authorized key taken from file authorized_key: user: "{{user.name}}"