diff --git a/playbook.yml b/playbook.yml index c05998e..85d24f6 100644 --- a/playbook.yml +++ b/playbook.yml @@ -13,11 +13,12 @@ - include: tasks/create_workspace.yml - include: tasks/basics_install.yml - include: tasks/docker.yml - - include: tasks/docker_compose.yml + - include: tasks/ssh.yml - include: tasks/fail2ban.yml - include: tasks/ufw.yml - # - include: tasks/nginx.yml - # - include: tasks/certbot.yml + - include: tasks/clamav.yml + - include: tasks/nginx.yml + - include: tasks/certbot.yml - include: tasks/reboot.yml handlers: diff --git a/tasks/basics_install.yml b/tasks/basics_install.yml index fd828d4..1dac4a4 100644 --- a/tasks/basics_install.yml +++ b/tasks/basics_install.yml @@ -1,8 +1,12 @@ --- -- name: Git install +- name: Basics install apt: - pkg: git + name: + - rsyslog + - wget + - curl + - git state: present update_cache: yes diff --git a/tasks/docker.yml b/tasks/docker.yml index 5d1748a..f6aa46b 100644 --- a/tasks/docker.yml +++ b/tasks/docker.yml @@ -1,45 +1,45 @@ --- -- name: Create group Docker - group: - name: docker - state: present +- name: Créer le répertoire pour la clé GPG de Docker + file: + path: /etc/apt/keyrings + state: directory + mode: '0755' -- name: adding user user to group docker & sudo - user: - name: "{{ user }}" - groups: docker, sudo - append: yes +- name: Télécharger et ajouter la clé GPG de Docker + ansible.builtin.get_url: + url: https://download.docker.com/linux/debian/gpg + dest: /etc/apt/keyrings/docker.gpg + mode: '0644' -- name: Install required system packages for Docker +- name: Ajouter le dépôt Docker à la liste des sources + installation des dépendances + ansible.builtin.apt_repository: + repo: "deb [arch={{ ansible_architecture }} signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian {{ ansible_lsb.codename }} stable" + filename: docker- name: Mettre à jour les paquets et installer les dépendances apt: - pkg: - - apt-transport-https + update_cache: yes + name: - ca-certificates - curl - - software-properties-common - - python3-pip - - virtualenv - - python3-setuptools - state: latest - update_cache: true - -- name: Add Docker GPG apt Key - apt_key: - url: https://download.docker.com/linux/ubuntu/gpg + - gnupg state: present -- name: Add Docker Repository - apt_repository: - repo: deb https://download.docker.com/linux/ubuntu focal stable - state: present - -- name: Install Docker-ce +- name: Installer Docker et ses plugins apt: - name: docker-ce - state: latest - update_cache: true + name: + - docker-ce + - docker-ce-cli + - containerd.io + - docker-buildx-plugin + - docker-compose-plugin + state: present -- name: Docker without sudo - shell: | - usermod -aG docker "{{ user }}" \ No newline at end of file +- name: Ajouter l'utilisateur actuel au groupe Docker + user: + name: "{{ user }}" + groups: docker + append: yes + +- name: Recharger le shell pour appliquer les changements de groupe + shell: "newgrp docker" + ignore_errors: true diff --git a/tasks/docker_compose.yml b/tasks/docker_compose.yml deleted file mode 100644 index ee7324b..0000000 --- a/tasks/docker_compose.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- - -- name: Install Docker-compose - remote_user: "{{ user }}" - get_url: - url : https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64 - dest: /usr/local/bin/docker-compose - mode: 'u+x,g+x' - -- name: Change Docker-compose file permission - file: - path: /usr/local/bin/docker-compose - owner: "{{ user }}" - group: "{{ user }}" \ No newline at end of file diff --git a/vars.yml b/vars.yml index 0466235..ea18516 100644 --- a/vars.yml +++ b/vars.yml @@ -1,5 +1,6 @@ --- +user: garage ssh_port: 47490 admin_email: contact@legaragenumerique.fr ansible_python_interpreter: /usr/bin/python3 \ No newline at end of file