main.yml

# @tag common - setup base system
# @tag apt - setup APT package management
# @tag checks - check that variables are correctly defined
# @tag datetime - setup date/time configuration
# @tag dns - setup DNS resolution
# @tag fail2ban - setup fail2ban intrusion prevention system
# @tag firewall - setup firewall
# @tag hostname - setup hostname
# @tag hosts - setup /etc/hosts entries
# @tag packages - additional package installation/removal
# @tag sysctl - setup sysctl kernel configuration
# @tag users - setup users and groups
# @tag ssh - setup SSH server
# @tag ssh-authorized-keys - setup ssh authorized keys
# @tag mail - setup outgoing system mail
# @tag msmtp - setup outgoing system mail
# @tag services - start/stop/enable/disable services
# @tag utils-apt-unattended-upgrade - (manual) run unattended-upgrade now
# @tag utils-apt-upgrade - (manual) run apt upgrade now
# @tag utils-debian10to11 - (manual) upgrade debian 10 hosts to debian 11
# @tag utils-debian11to12 - (manual) upgrade debian 11 hosts to debian 12
# @tag utils-fail2ban-get-banned - (manual) download the list of banned IPs
# @tag utils-firewalld-info - (manual) get firewall status informations
# @tag utils-shutdown - (manual) shut down the host
# @tag utils-reboot - (manual) reboot the host
# @tag cron - configure cron task scheduler
# @tag apt-listbugs - configure apt-listbugs bug prevention tool

galaxy_info:
  role_name: common
  author: "nodiscc <nodiscc@gmail.com>"
  description: "base setup for Debian-based servers"
  license: GPL-3.0
  min_ansible_version: "2.12"
  platforms:
    - name: Debian
      versions:
        - "11"
        - "12"
  galaxy_tags:
    - hostname
    - kernel
    - networking
    - swap
    - memory
    - sysctl
    - apt
    - debian
    - upgrades
    - pam
    - limits
    - ntp
    - time
    - date
    - ssh
    - firewall
    - fail2ban
    - hardening
    - security
    - utilities
    - users
    - sudo
    - cis
    - debian
    - disa
    - stig
    - systemd
dependencies:
  - nodiscc.xsrv.handlers