feat: initial commit

Signed-off-by: Louis Vallat <louis@louis-vallat.xyz>

.ansible-lint

@@ -0,0 +1,3 @@
+---
+skip_list:
+  - package-latest

.gitignore

@@ -0,0 +1,3 @@
+.vscode/
+.fact_cache/
+inventory.yaml

ansible.cfg

@@ -0,0 +1,14 @@
+[defaults]
+INVENTORY = ./invetory.yaml
+ansible_python_interpreter=/usr/bin/python3
+timeout=30
+gathering = smart
+fact_caching = jsonfile
+fact_caching_connection = .fact_cache
+fact_caching_timeout = 43200
+hash_behaviour = merge
+forks = 32
+nocows=1
+
+[ssh_connection]
+pipelining = True

inventory.example.yaml

@@ -0,0 +1,8 @@
+all:
+  hosts:
+  children:
+    <GROUP>:
+      hosts:
+        <IP>:
+          ansible_user: <USER>
+          ansible_ssh_private_key_file: <PRIVATE KEY>

playbook.yaml

@@ -0,0 +1,11 @@
+---
+- name: "Update/upgrade debian and install neovim"
+  hosts: prodservers
+  tags: debian
+  roles:
+      - system
+      - softwares
+      - bpytop
+      - docker
+      - ctop
+      - clean

roles/bpytop/tasks/main.yaml

@@ -0,0 +1,7 @@
+---
+- name: Install bpytop package from official repository
+  ansible.builtin.apt:
+    pkg:
+      - bpytop
+    state: latest
+    update_cache: true

roles/clean/tasks/main.yaml

@@ -0,0 +1,6 @@
+---
+- name: Update and upgrade packages just in case we missed some.
+  ansible.builtin.apt:
+    update_cache: true
+    upgrade: true
+    autoremove: true

roles/ctop/tasks/main.yaml

@@ -0,0 +1,27 @@
+---
+- name: Install required system packages
+  ansible.builtin.apt:
+    pkg:
+      - apt-transport-https
+      - ca-certificates
+      - gnupg
+      - curl
+    state: latest
+    update_cache: true
+
+- name: Add ctop GPG apt key
+  ansible.builtin.apt_key:
+    url: https://azlux.fr/repo.gpg.key
+    state: present
+
+- name: Add ctop repository
+  ansible.builtin.apt_repository:
+    repo: deb http://packages.azlux.fr/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main
+    state: present
+
+- name: Install ctop package
+  ansible.builtin.apt:
+    pkg:
+      - docker-ctop
+    state: latest
+    update_cache: true

roles/docker/tasks/main.yaml

@@ -0,0 +1,30 @@
+---
+- name: Install required system packages
+  ansible.builtin.apt:
+    pkg:
+      - apt-transport-https
+      - ca-certificates
+      - gnupg
+      - curl
+    state: latest
+    update_cache: true
+
+- name: Add Docker GPG apt key
+  ansible.builtin.apt_key:
+    url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
+    state: present
+
+- name: Add Docker repository
+  ansible.builtin.apt_repository:
+    repo: deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable
+    state: present
+
+- name: Install docker packages
+  ansible.builtin.apt:
+    pkg:
+      - docker-ce
+      - docker-ce-cli
+      - containerd.io
+      - docker-compose-plugin
+    state: latest
+    update_cache: true

roles/softwares/tasks/main.yaml

@@ -0,0 +1,12 @@
+---
+- name: Install neovim
+  ansible.builtin.apt:
+    name: neovim
+    state: latest
+    update_cache: true
+
+- name: Install htop
+  ansible.builtin.apt:
+    name: htop
+    state: latest
+    update_cache: true

roles/system/tasks/main.yaml

@@ -0,0 +1,23 @@
+---
+- name: Update and upgrade packages
+  ansible.builtin.apt:
+    update_cache: true
+    upgrade: true
+    autoremove: true
+
+- name: Check if reboot required
+  ansible.builtin.stat:
+    path: /var/run/reboot-required
+  register: reboot_required_file
+
+- name: Reboot if required
+  ansible.builtin.reboot:
+    msg: Rebooting due to a kernel update
+  when: reboot_required_file.stat.exists
+
+- name: Disable cron e-mail notifications
+  ansible.builtin.cron:
+    name: MAILTO
+    user: root
+    env: true
+    job: ""