Extract playbook actions to roles

2026-01-05 18:50:00 +00:00 · 2024-05-31 01:17:29 +03:00
parent 311d6ce925
commit 5ee8b48ff7
38 changed files with 414 additions and 463 deletions
--- a/ansible/roles/initial-setup/defaults/main.yml
+++ b/ansible/roles/initial-setup/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+ssh_public_key: "ssh-rsa AAAAB3...ak4EsUU="
--- a/ansible/roles/initial-setup/tasks/main.yml
+++ b/ansible/roles/initial-setup/tasks/main.yml
@@ -0,0 +1,35 @@
+---
+- name: Apply all available system patches
+  command: syspatch
+  register: syspatch
+  failed_when: syspatch.rc != 0 and syspatch.rc != 2
+  changed_when: syspatch.rc == 0
+
+- name: Update package list and upgrade all packages
+  command: pkg_add -u
+
+- name: Install essential packages
+  community.general.openbsd_pkg:
+    name:
+      - nano
+      - curl
+    state: present
+
+- name: Disable SSH password authentication
+  ansible.builtin.lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: "^#?PasswordAuthentication"
+    line: "PasswordAuthentication no"
+    state: present
+  register: sshd_config
+
+- name: Restart SSH service to apply changes
+  ansible.builtin.service:
+    name: sshd
+    state: restarted
+  when: sshd_config.changed
+
+- name: Add SSH public key to authorized_keys
+  ansible.posix.authorized_key:
+    user: root
+    key: "{{ ssh_public_key }}"