--- # This playbook contains plays that will run on all nodes - name: Update apt apt: update_cache=yes - name: Upgrade APT to the lastest packages apt: upgrade=safe - name: Install htop apt: name=htop state=present - name: Install curl apt: name=curl state=present - name: Install openssh-server apt: name=openssh-server state=present - name: Install git apt: name=git state=present - name: Install rsync apt: name=rsync state=present - name: Install zip apt: name=zip state=present - name: Install unzip apt: name=unzip state=present - name: Install fail2ban apt: name=fail2ban state=present - name: Install ntp apt: name=ntp state=present - name: Install mysql-client apt: name=mysql-client state=present - name: Install wget apt: name=wget state=present - name: Set git username shell: git config --global user.name "Jacob Cody Wimer" - name: Set git email shell: git config --global user.email "jacob.wimer@gmail.com" - name: Is docker installed shell: which docker register: docker_installed - name: Get docker shell: curl -sSL https://get.docker.com/ | sh when: docker_install is none - name: Get docker compose shell: curl -L https://github.com/docker/compose/releases/download/1.5.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose when: docker_install is none - name: Link docker compose shell: chmod +x /usr/local/bin/docker-compose when: docker_install is none - name: Set timezone to NewYork shell: timedatectl set-timezone America/New_York - name: Is heroku installed shell: which heroku register: heroku_installed - name: Install heroku toolbelt shell: wget -O- https://toolbelt.heroku.com/install-ubuntu.sh | sh when: heroku_installed is none - name: Does the update script exist stat: path=/etc/cron.daily/update.sh register: update_script ignore_errors: yes - name: Create update script shell: touch /etc/cron.daily/update.sh when: update_script|failed - name: Set update script as executable shell: chmod +x /etc/cron.daily/update.sh when: update_script|failed - name: Add update line to update script shell: echo apt-get update && apt-get upgrade -y && apt-get clean && apt-get autoclean && apt-get autoremove -y && apt-get update >> /etc/cron.daily/update.sh when: update_script|failed - name: test for swap partition shell: swapon -s | grep -E "^/" register: swapfile ignore_errors: yes - name: create swapfile when: swapfile|failed shell: fallocate -l 4G /swapfile - name: set swapfile permissions when: swapfile|failed file: path=/swapfile owner=root group=root mode=0600 - name: prepare swapfile when: swapfile|failed shell: mkswap /swapfile - name: enable swap when: swapfile|failed shell: swapon /swapfile - name: add swapfile when: swapfile|failed lineinfile: dest=/etc/fstab regexp="^/swapfile" state=present line="/swapfile none swap sw 0 0" - name: set swappiness (temporarily) when: swapfile|failed shell: echo 10 | tee /proc/sys/vm/swappiness - name: set swappiness (permanent) when: swapfile|failed lineinfile: dest=/etc/sysctl.conf regexp="^vm.swappiness" state=present line="vm.swappiness = 10" - name: set cache pressure (temporarily) when: swapfile|failed shell: echo 50 | tee /proc/sys/vm/vfs_cache_pressure - name: set cache pressure (permanent) when: swapfile|failed lineinfile: dest=/etc/sysctl.conf regexp="^vm.vfs_cache_pressure" state=present line="vm.swappiness = 50"