main.yml 1.11 KB
Newer Older
julian.gethmann's avatar
julian.gethmann committed
1
2
3
---
- name: enable sshd
  become: yes
julian.gethmann's avatar
julian.gethmann committed
4
5
6
  service:
    name: sshd
    enabled: yes
julian.gethmann's avatar
julian.gethmann committed
7
8
9

- name: restart sshd
  become: yes
julian.gethmann's avatar
julian.gethmann committed
10
11
12
  service:
    name: sshd
    state: restarted
julian.gethmann's avatar
julian.gethmann committed
13
14
15

- name: reload sshd
  become: yes
julian.gethmann's avatar
julian.gethmann committed
16
17
18
  service:
    name: sshd
    state: reloaded
julian.gethmann's avatar
julian.gethmann committed
19
20
21

- name: start sshd
  become: yes
julian.gethmann's avatar
julian.gethmann committed
22
23
24
  service:
    name: sshd
    state: started
julian.gethmann's avatar
julian.gethmann committed
25
26
27

- name: enable ntp
  become: yes
julian.gethmann's avatar
julian.gethmann committed
28
29
30
  service:
    name: ntpdate
    enabled: yes
julian.gethmann's avatar
julian.gethmann committed
31
32
33

- name: start ntp
  become: yes
julian.gethmann's avatar
julian.gethmann committed
34
35
36
  service:
    name: ntpdate
    state: started
julian.gethmann's avatar
julian.gethmann committed
37

julian.gethmann's avatar
julian.gethmann committed
38
39
40
- name: update-ca-trust
  become: yes
  command: update-ca-trust extract
julian.gethmann's avatar
julian.gethmann committed
41
42
43
44

- name: lock root user
  become: yes
  command: passwd -l root
julian.gethmann's avatar
julian.gethmann committed
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

- name: reload firewalld
  become: yes
  service:
    name: firewalld
    state: reloaded

- name: restart firewalld
  become: yes
  service:
    name: firewalld
    state: restarted

- name: enable ufw
  become: yes
  service:
    name: ufw
    state: enabled

- name: restart ufw
  become: yes
  service:
    name: ufw
    state: restarted
69
70
71
72
73
74
75
76
77
78
79
80

- name: enable smartd
  become: yes
  service:
    name: smartd
    state: enabled

- name: restart smartd
  become: yes
  service:
    name: smartd
    state: restarted