8000 Clean up setup-system.yml · suryatmodulus/postgres@d72efc3 · GitHub
[go: up one dir, main page]
Skip to content

Commit d72efc3

Browse files
dragarciadragarcia
committed
Clean up setup-system.yml
- Properly group apt packages together. - Add tasks for system updates to complete before proceeding. - This is when using Ansible tags to build on top of an existing build.
1 parent 4129cd5 commit d72efc3

File tree

1 file changed

+28
-4
lines changed

1 file changed

+28
-4
lines changed

ansible/tasks/setup-system.yml

Lines changed: 28 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -4,22 +4,46 @@
44
apt: update_cache=yes upgrade=yes
55
# SEE http://archive.vn/DKJjs#parameter-upgrade
66

7+
- name: Wait for /var/lib/apt/lists/lock
8+
become: yes
9+
shell: while sudo fuser /var/lib/apt/lists/lock; do sleep 10; done;
10+
tags:
11+
- update
12+
- update-only
13+
14+
- name: Wait for /var/lib/dpkg/lock-frontend
15+
become: yes
16+
shell: while sudo fuser /var/lib/dpkg/lock-frontend; do sleep 10; done;
17+
tags:
18+
- update
19+
- update-only
20+
721
- name: add universe repository for bionic
822
apt_repository:
923
repo: deb http://archive.ubuntu.com/ubuntu bionic universe
1024
state: present
1125

12-
- name: Install essentials
26+
- name: Install python
27+
become: yes
1328
apt:
1429
pkg:
15-
- ufw
16-
- fail2ban
17-
- unattended-upgrades
30+
- python
31+
- python-pip
1832
- python3
1933
- python3-pip
2034
update_cache: yes
2135
cache_valid_time: 3600
2236

37+
- name: Install security tools
38+
become: yes
39+
apt:
40+
pkg:
41+
- ufw
42+
- fail2ban
43+
- unattended-upgrades
44+
update_cache: yes
45+
cache_valid_time: 3600
46+
2347
- name: Adjust APT update intervals
2448
copy:
2549
src: files/apt_periodic

0 commit comments

Comments
 (0)
0