initial commit

11 files changed, 178 insertions, 0 deletions

diff --git a/roles/apt/handlers/main.yml b/roles/apt/handlers/main.yml
new file mode 100644
index 0000000..b2e42b0
--- /dev/null
+++ b/roles/apt/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: update apt
+  apt:
+    update_cache: yes
diff --git a/roles/apt/tasks/main.yml b/roles/apt/tasks/main.yml
new file mode 100644
index 0000000..49121b9
--- /dev/null
+++ b/roles/apt/tasks/main.yml
@@ -0,0 +1,34 @@
+- meta: flush_handlers
+
+- name: install unattended-upgrades
+  apt:
+    name:
+      - 'unattended-upgrades'
+
+- name: reload systemd
+  systemd:
+    daemon_reload: 'yes'
+
+- name: start and enable timers
+  systemd:
+    name: '{{ item }}'
+    state: 'started'
+    enabled: 'yes'
+  loop:
+    - 'apt-daily.timer'
+    - 'apt-daily-upgrade.timer'
+
+- name: remove old files
+  file:
+    name: '{{ item }}'
+    state: 'absent'
+  loop:
+    - '/etc/apt/apt.conf.d/20auto-upgrades.ucf-dist'
+    - '/etc/apt/apt.conf.d/50unattended-upgrades.ucf-dist'
+    - '/etc/apt/sources.list~'
+    - '/etc/apt/sources.list.distUpgrade'
+    - '/etc/apt/sources.list.d/security.list.distUpgrade'
+    - '/etc/apt/trusted.gpg~'
+    - '/var/lib/cron-apt'
+
+
diff --git a/roles/common-linux/files/ntp.conf b/roles/common-linux/files/ntp.conf
new file mode 100644
index 0000000..6aee0df
--- /dev/null
+++ b/roles/common-linux/files/ntp.conf
@@ -0,0 +1,29 @@
+driftfile /var/lib/ntp/ntp.drift
+statsdir /var/log/ntpstats/
+
+statistics loopstats peerstats clockstats
+filegen loopstats file loopstats type day enable
+filegen peerstats file peerstats type day enable
+filegen clockstats file clockstats type day enable
+
+# Unser Zeitserver
+server 141.20.1.120 prefer # timehost.rz.hu-berlin.de
+
+# Stratum-2-Server
+server 0.de.pool.ntp.org
+server 1.de.pool.ntp.org
+server 2.de.pool.ntp.org
+server 3.de.pool.ntp.org
+
+# Fallback: die eigene Uhr (mit stratum 10 kuenstlich schlecht gemacht)
+server 127.127.1.0         # local clock
+fudge  127.127.1.0 stratum 10
+
+# By default, exchange time with everybody, but don't allow configuration.
+restrict -4 default kod notrap nomodify nopeer noquery
+restrict -6 default kod notrap nomodify nopeer noquery
+
+# Local users may interrogate the ntp server more closely.
+restrict 127.0.0.1
+restrict ::1
+
diff --git a/roles/common-linux/tasks/git.yml b/roles/common-linux/tasks/git.yml
new file mode 100644
index 0000000..4ed5012
--- /dev/null
+++ b/roles/common-linux/tasks/git.yml
@@ -0,0 +1,12 @@
+- name: git config user.email
+  git_config:
+     name: user.email
+     scope: global
+     value: "admin"
+
+- name: git config user.name
+  git_config:
+     name: user.name
+     scope: global
+     value: "admin"
+
diff --git a/roles/common-linux/tasks/main.yml b/roles/common-linux/tasks/main.yml
new file mode 100644
index 0000000..f0319fb
--- /dev/null
+++ b/roles/common-linux/tasks/main.yml
@@ -0,0 +1,29 @@
+
+- name: set hostname
+  hostname:
+    name: '{{ inventory_hostname }}'
+
+- name: set timezone
+  timezone:
+    name: "Europe/Berlin"
+    hwclock: "UTC"
+
+- name: locale en_US.UTF-8
+  locale_gen:
+    name: en_US.UTF-8
+    state: present
+
+- name: locale de_DE.UTF-8
+  locale_gen:
+    name: de_DE.UTF-8
+    state: present
+
+- import_tasks: git.yml
+
+- import_tasks: ntp.yml
+
+    #- import_tasks: cronjobs.yml
+
+
+
+
diff --git a/roles/common-linux/tasks/ntp.yml b/roles/common-linux/tasks/ntp.yml
new file mode 100644
index 0000000..603b456
--- /dev/null
+++ b/roles/common-linux/tasks/ntp.yml
@@ -0,0 +1,10 @@
+- name: install ntp
+  apt:
+    name:
+      - 'ntp'
+
+- name: ntp.conf
+  copy:
+    src: ntp.conf
+    dest: /etc/ntp.conf
+  notify: restart ntpd
diff --git a/roles/golang/tasks/main.yml b/roles/golang/tasks/main.yml
new file mode 100644
index 0000000..13c8f4a
--- /dev/null
+++ b/roles/golang/tasks/main.yml
@@ -0,0 +1 @@
+name: download golang archive
diff --git a/roles/packages/defaults/main.yml b/roles/packages/defaults/main.yml
new file mode 100644
index 0000000..ed43812
--- /dev/null
+++ b/roles/packages/defaults/main.yml
@@ -0,0 +1,20 @@
+default_packages_present_all:
+  - vim
+  - zsh
+  - git
+  - htop
+  - curl
+  - lynx
+  - nginx-extras
+  - nodejs
+  - npm
+  - redis-tools
+  - rsync
+  - screen
+  - whois
+
+    #  - imagemagick
+    #  - imagemagick-6.q16
+    #  - imagemagick-common
+
+default_packages_absent_all: []
diff --git a/roles/packages/tasks/main.yml b/roles/packages/tasks/main.yml
new file mode 100644
index 0000000..806787a
--- /dev/null
+++ b/roles/packages/tasks/main.yml
@@ -0,0 +1,10 @@
+- name: uninstall packages
+  apt:
+    name: '{{ default_packages_absent_all }}'
+    state: absent
+    purge: yes
+
+- name: install packages
+  apt:
+    name: '{{ default_packages_present_all }}'
+    install_recommends: 'no'
diff --git a/roles/php/defaults/main.yml b/roles/php/defaults/main.yml
new file mode 100644
index 0000000..e10d76a
--- /dev/null
+++ b/roles/php/defaults/main.yml
@@ -0,0 +1,20 @@
+php_present:
+  - php8.2-cli
+  - php8.2-common
+  - php8.2-curl
+  - php8.2-fpm
+  - php8.2-gmp
+  - php8.2-igbinary
+  - php8.2-intl
+  - php8.2-mbstring
+  - php8.2-mysql
+  - php8.2-opcache
+  - php8.2-phpdbg
+  - php8.2-readline
+  - php8.2-redis
+  - php8.2-tidy
+  - php8.2-xml
+  - php8.2-xsl
+  - composer
+
+php_absent: []
diff --git a/roles/php/tasks/main.yml b/roles/php/tasks/main.yml
new file mode 100644
index 0000000..b11e694
--- /dev/null
+++ b/roles/php/tasks/main.yml
@@ -0,0 +1,10 @@
+- name: uninstall packages
+  apt:
+    name: '{{ php_absent }}'
+    state: absent
+    purge: yes
+
+- name: install packages
+  apt:
+    name: '{{ php_present }}'
+    install_recommends: 'no'