Ansible - ubuntu_pb.yml

- hosts: ubuntu
  tasks:
  - name: Collecting only facts returned by facter
    setup:
        gather_subset:
            - '!all'
            - '!any'
            - facter
  - name: Updating apt cache
    apt: update_cache=yes
    become: yes
    become_method: sudo
  - name: Upgrading packages via DIST
    apt: upgrade=dist
    become: yes
    become_method: sudo
  - name: Installing required packages
    apt:
        pkg:
            - haveged
            - postfix
            - figlet
            - mtr
            - cron-apt
            - snmpd
            - screen
            - iperf
            - iftop
            - iotop
            - htop
            - sysstat
            - vim
            - ntp
            - moreutils
            - bacula-fd
            - bsd-mailx
            - glances
            - unzip
            - unattended-upgrades
            - nagios-nrpe-server
        state: present
    become: yes
    become_method: sudo
  - name: Removing dependencies that are no longer required via AUTOREMOVE
    apt: autoremove=yes
    become: yes
    become_method: sudo
  - name: Cleaning up Banner MOTD in sshd_config to use motd.sh
    lineinfile:
        path: ""
        state: absent
        regexp:	""
    with_items:
        - { path: '/etc/ssh/sshd_config', regexp: '.*Banner\ .*'}
        - { path: '/etc/vim/vimrc', regexp: '.*set\ background.*'}
        - { path: '/etc/vim/vimrc', regexp: '.*syntax\ .*'}
    become: yes
    become_method: sudo
  - name: Customizing up Banner MOTD in sshd_config to use motd.sh
    lineinfile:
        path: ""
        state: present
        line: ""
    with_items:
        - { path: '/etc/ssh/sshd_config', line: 'Banner /etc/motd.sh'}
        - { path: '/etc/vim/vimrc', line: 'set background=dark'}
        - { path: '/etc/vim/vimrc', line: 'syntax on'}
    become: yes
    become_method: sudo
  - name: Copying custom netdata health alarms
    copy: src= dest=/etc/netdata/health.d/ owner=root group=netdata mode=644
    with_fileglob:
        - /etc/ansible/scripts/health.d/*
    become: yes
    become_method: sudo
  - name: Copying motd.sh
    copy: src=/etc/ansible/scripts/motd.sh dest=/etc/motd.sh owner=root group=root mode=0644
    become: yes
    become_method: sudo
  - name: Copying Postfix Aliases
    copy: src=/etc/ansible/scripts/aliases dest=/etc/aliases owner=root group=root mode=0644
    become: yes
    become_method: sudo
  - name: Copying Postfix mailname
    copy: src=/etc/ansible/scripts/mailname dest=/etc/mailname owner=root group=root mode=0644
    become: yes
    become_method: sudo
  - name: Customizing Banner via figlet
    shell: /usr/bin/figlet -c -w 60  | cat - /etc/motd.sh > /tmp/motd.sh && mv /tmp/motd.sh /etc/motd.sh && sed -i [email protected]@@g /etc/motd.sh
    become: yes
    become_method: sudo
  - name: Copying custom Root .bashrc
    copy: src=/etc/ansible/scripts/bashrc dest=/root/.bashrc owner=root group=root mode=0644
    become: yes
    become_method: sudo
  - name: Copying Updates 20auto-upgrades
    copy: src=/etc/ansible/scripts/20auto-upgrades dest=/etc/apt/apt.conf.d/20auto-upgrades owner=root group=root mode=0644
    become: yes
    become_method: sudo
  - name: Copying Cron-Apt
    copy: src=/etc/ansible/scripts/cron-apt dest=/etc/cron-apt/config owner=root group=root mode=0644
    become: yes
    become_method: sudo
  - name: Copying Unattended-Upgrades
    copy: src=/etc/ansible/scripts/50unattended-upgrades dest=/etc/apt/apt.conf.d/50unattended-upgrades owner=root group=root mode=0644
    become: yes
    become_method: sudo
  - name: Copying NRPE Config
    copy: src=/etc/ansible/scripts/nrpe.cfg dest=/etc/nagios/nrpe.cfg owner=root group=root mode=0644
    become: yes
    become_method: sudo
    when : ansible_hostname != "ns2"
  - service: name=nagios-nrpe-server state=restarted
    become: yes
    become_method: sudo
  - name: Copying SNMPD.conf
    copy: src=/etc/ansible/scripts/snmpd.conf dest=/etc/snmp/snmpd.conf owner=root group=root mode=0600
    become: yes
    become_method: sudo
  - service: name=snmpd state=restarted
    become: yes
    become_method: sudo
  - service: name=ssh state=restarted
    become: yes
    become_method: sudo
  - name: Refreshing Postfix Aliases
    command: newaliases
    become: yes
    become_method: sudo
  - service: name=postfix state=restarted
    become: yes
    become_method: sudo
  - name: Create x user
    user:
            name: x
            password: 'x'
            groups: sudo
            append: yes
            state: present
            shell: /bin/bash
            system: no
            createhome: yes
            home: /home/x
            remove: yes
            update_password: on_create
    become: yes
    become_method: sudo
  - name: Removing y user
    user:
            name: y
            password: 'x'
            groups:
            append: yes
            state: absent
            shell: /bin/bash
            system: no
            createhome: yes
            home: /home/y
            remove: yes
            update_password: on_create
    become: yes
    become_method: sudo
  - name: Set authorized key x
    authorized_key:
        user: x
        state: present
        key: "ssh-rsa x"
    become: yes
    become_method: sudo
  - name: Setting swappiness to 10
    sysctl:
            name: vm.swappiness
            value: 10
            state: present
            reload: yes
    become: yes
    become_method: sudo
  - lineinfile:
        path: /etc/sudoers
        state: present
        backrefs: yes
        regexp: '^%sudo'
        line: '%sudo   ALL=(ALL:ALL) NOPASSWD:ALL'
        validate: '/usr/sbin/visudo -cf %s'
    become: yes
    become_method: sudo
  - lineinfile:
        path: /etc/sudoers
        state: absent
        backrefs: yes
        regexp: '^x'
        validate: '/usr/sbin/visudo -cf %s'
    become: yes
    become_method: sudo
  roles:
  - role: ansible-netdata
  - role: jebovic.ohmyzsh