Role: common¶
Applied to every host. Establishes the baseline system state.
Hosts: proxfold, arrstack, nginx, plex
Tasks¶
| Task | Tag |
|---|---|
| Set system timezone | common, timezone |
| Set system locale | common, locale |
| Update apt cache, install base packages | common, packages |
Upgrade all packages (if apt_upgrade: true) |
common, packages |
Create /root/.ssh (mode 0700) |
common, ssh |
| Deploy SSH authorized keys | common, ssh |
| Deploy timesyncd config from template | common, ntp |
| Enable and start systemd-timesyncd | common, ntp |
Key variables¶
| Variable | Source | Value |
|---|---|---|
timezone |
group_vars | Australia/Adelaide |
locale |
group_vars | en_AU.UTF-8 |
common_packages |
group_vars | curl, wget, htop, vim, git, tmux, net-tools, dnsutils, jq, unzip, rsync, ncdu, iotop, lsof |
ssh_authorized_keys |
vault / host | List of public keys to deploy |
Templates¶
timesyncd.conf.j2— Configures systemd-timesyncd withntp_serversandfallback_ntpfrom vars
Handlers¶
- Restarts
systemd-timesyncdwhen the config changes
Related¶
- security — SSH hardening applied after common