72 lines
1.3 KiB
YAML
72 lines
1.3 KiB
YAML
---
|
|
- name: set correct time zone
|
|
timezone:
|
|
name: Europe/Zurich
|
|
|
|
- name: correct AM/PM rocky 9 bug
|
|
lineinfile:
|
|
path: /etc/locale.conf
|
|
insertafter: EOF
|
|
line: LC_TIME=C
|
|
|
|
- name: secure stack ip part 1
|
|
sysctl:
|
|
name: net.ipv4.tcp_timestamps
|
|
value: "0"
|
|
sysctl_set: yes
|
|
state: present
|
|
reload: yes
|
|
|
|
- name: secure stack ip part 2
|
|
firewalld:
|
|
service: dhcpv6-client
|
|
permanent: true
|
|
state: disabled
|
|
|
|
- name: forward X11
|
|
lineinfile:
|
|
dest: /etc/ssh/sshd_config
|
|
insertafter: '^#X11UseLocalhost yes'
|
|
line: 'X11UseLocalhost no'
|
|
|
|
- name: unactivate CRTL-DEL
|
|
file:
|
|
src: /dev/null
|
|
dest: /usr/lib/systemd/system/ctrl-alt-del.target
|
|
changed_when: false
|
|
|
|
- name: bash gmo-cfg.sh
|
|
copy:
|
|
src: os/gmo-cfg.sh
|
|
dest: /etc/profile.d/gmo-cfg.sh
|
|
|
|
- name: add ~/.local/bin in path
|
|
lineinfile:
|
|
path: /root/.bashrc
|
|
line: export PATH=~/.local/bin:$PATH
|
|
|
|
- name: vimrc
|
|
copy:
|
|
src: os/vimrc
|
|
dest: /root/.vimrc
|
|
|
|
- name: issue (gmetech)
|
|
copy:
|
|
src: os/gmetech
|
|
dest: /etc/issue
|
|
|
|
- name: issue.net (gmetech)
|
|
copy:
|
|
src: os/gmetech.net
|
|
dest: /etc/issue.net
|
|
|
|
- name: config sshd for banner
|
|
lineinfile:
|
|
dest: /etc/ssh/sshd_config
|
|
insertafter: EOF
|
|
line: 'Banner /etc/issue.net'
|
|
|
|
- name: put SELinux in permissive mode
|
|
selinux:
|
|
policy: targeted
|
|
state: permissive |