b488668d8e
Noticed this randomly from cron mail and unattended-upgrades. These are vmware guest utilities. We don't run inside of vmware. We do not need this installed. Change-Id: Ieb2c7601c59f56d78fa350af7e0484c1cb6b8e9b
97 lines
2.4 KiB
YAML
97 lines
2.4 KiB
YAML
- name: Disable install of additional recommends and suggests packages
|
|
copy:
|
|
mode: 0444
|
|
src: 95disable-recommends
|
|
dest: /etc/apt/apt.conf.d/
|
|
owner: root
|
|
group: root
|
|
|
|
# NOTE(ianw) There are ordering issues with this. Hopefully when
|
|
# we're bionic only we can just remove ntp
|
|
- name: Install NTP
|
|
when: ansible_distribution_version is version('18.04', '<')
|
|
block:
|
|
- name: Install ntp
|
|
package:
|
|
name: ntp
|
|
state: present
|
|
|
|
- name: Ensure NTP service is running
|
|
service:
|
|
name: ntp
|
|
enabled: yes
|
|
state: started
|
|
|
|
- name: Remove ntp and run timesyncd
|
|
when: ansible_distribution_version is version('18.04', '>=')
|
|
block:
|
|
- name: Remove ntp
|
|
package:
|
|
name: ntp
|
|
state: absent
|
|
|
|
- name: Ensure systemd-timesyncd is running
|
|
service:
|
|
name: systemd-timesyncd
|
|
enabled: yes
|
|
state: started
|
|
|
|
- name: Remove packages that make no sense for our servers
|
|
package:
|
|
name:
|
|
- apport
|
|
- whoopsie
|
|
- popularity-contest
|
|
- lxd
|
|
- lxd-client
|
|
- cloud-init
|
|
- open-vm-tools
|
|
state: absent
|
|
|
|
- name: Get rid of extra depends
|
|
command: apt-get autoremove -y
|
|
|
|
- name: Configure file limits
|
|
copy:
|
|
mode: 0644
|
|
src: debian_limits.conf
|
|
dest: /etc/security/limits.d/60-nofile-limit.conf
|
|
|
|
# The next two files share a source file. Different packages manage
|
|
# each of these and we do not want them to get out of sync with each
|
|
# other as that can impact the configuration that apt sees based on
|
|
# priority rules. We address this by making the two files have the same
|
|
# content.
|
|
- name: Install apt-daily 10periodic file for unattended-upgrades
|
|
copy:
|
|
mode: 0444
|
|
src: XYperiodic-updates
|
|
dest: /etc/apt/apt.conf.d/10periodic
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Install 20auto-upgrades file for unattended-upgrades
|
|
copy:
|
|
mode: 0444
|
|
src: XYperiodic-updates
|
|
dest: /etc/apt/apt.conf.d/20auto-upgrades
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Install 50unattended-upgrades file for unattended-upgrades
|
|
copy:
|
|
mode: 0444
|
|
src: 50unattended-upgrades
|
|
dest: /etc/apt/apt.conf.d/50unattended-upgrades
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Ensure required build packages for non-wheel architectures
|
|
apt:
|
|
update_cache: yes
|
|
name:
|
|
- libffi-dev
|
|
- libssl-dev
|
|
- build-essential
|
|
when: ansible_architecture == 'aarch64'
|