Ansible role that configures a host to a baseline configuration. This role performs the following tasks:
- Installs common system utilities and guest agents for hypervisors (currently only QEMU)
- Configures the system hostname, locale, timezone, and OpenSSH
- Manages local users and groups
- Installs customized default configurations for tmux and vim
None.
Currently, this role has only been tested on Debian systems.
system_packages
: List of packages to install. By default, some common utilities, such as bash, nano, htop, rsync, and vim will be installed.system_packages_extra
: Extra packages to install on a per-host or per-group basis.system_packages_state
: Install the mentioned packages
system_hostname
: System hostnamesystem_timezone
: System timezone, using tz database format, example:America/Chicago
system_locale
: System locale, example:en_US.UTF-8
system_qemu_agent_install
: Install the QEMU guest agent if KVM is the detected hypervisorsystem_qemu_agent_package
: QEMU Guest Agent package name (qemu-guest-agent)system_qemu_agent_service_name
: QEMU Guest Agent service name (qemu-guest-agent)system_qemu_agent_service_state
: Start the guest agent servicesystem_qemu_agent_service_enabled
: Enable the guest agent service on boot
system_users
: Users managed by Ansible, in the format of:
# - name: User name
# uid: User ID number
# comment: Comment/GECOS field
# password_hash: Password generated by `mkpasswd --method=sha-512`
# groups: List of groups to add the user to
# shell: User's shell, defaults to system_default_shell
# state: User state, defaults to system_user_default_state
system_groups
: Groups managed by Ansible, in the format of:
# - name: Group name
# gid: Group ID number
# state: Group state, defaults to system_group_default_state
system_user_default_state
: Default state of users. Should be present.system_user_delete_home
: Delete home directory on users set to absent.system_group_default_state
: Default state of groups. Should be present.system_user_default_shell
: Default shell for users managed by Ansible. Defaults to bash.system_sudo_group
: Group used bysudo
. This is set tosudo
on Debian-based distros, andwheel
on all other distros.
None.
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: all
roles:
- base-system
vars:
system_users:
# Creates a user, jdoe, with the uid of 1000, with sudo privileges.
- { uid: 1000, name: "jdoe", comment: "John Doe", password_hash: "pw_hash", groups: ["{{system_sudo_group}}"], state: present }
system_locale: "en_US.UTF-8"
system_timezone: "America/Chicago"
MIT
Colin Murphy