diff --git a/.codex b/.codex new file mode 100644 index 0000000..e69de29 diff --git a/roles/common/tasks/cron.yml b/roles/common/tasks/cron.yml index 2c9d1d5..62e6a26 100644 --- a/roles/common/tasks/cron.yml +++ b/roles/common/tasks/cron.yml @@ -1,5 +1,82 @@ --- +- name: (cron.yml) Define candidate paths for root crontab PATH + ansible.builtin.set_fact: + cron_root_path_candidates: + - /root/bin/admin-stuff + - /root/bin + - /usr/local/apache2/bin + - /usr/local/php/bin + - /usr/local/sbin + - /usr/local/bin + - /usr/sbin + - /usr/bin + - /sbin + - /bin + tags: + - user_crontab + +- name: (cron.yml) Check candidate paths for root crontab PATH + ansible.builtin.stat: + path: "{{ item }}" + loop: "{{ cron_root_path_candidates }}" + register: cron_root_path_stats + tags: + - user_crontab + +- name: (cron.yml) Build validated root crontab PATH + ansible.builtin.set_fact: + cron_root_path: >- + {{ + cron_root_path_stats.results + | selectattr('stat.exists') + | map(attribute='stat.path') + | join(':') + }} + tags: + - user_crontab + +- name: (cron.yml) Check if root crontab already exists + ansible.builtin.stat: + path: /var/spool/cron/crontabs/root + register: root_crontab_file + tags: + - user_crontab + +- name: (cron.yml) Initialize root crontab with default header and env vars + ansible.builtin.copy: + dest: /var/spool/cron/crontabs/root + owner: root + group: crontab + mode: '0600' + content: | + # Edit this file to introduce tasks to be run by cron. + # + # Each task to run has to be defined through a single line + # indicating with different fields when the task will be run + # and what command to run for the task + # + # To define the time you can provide concrete values for + # minute (m), hour (h), day of month (dom), month (mon), + # and day of week (dow) or use '*' in these fields (for 'any'). + # + # Notice that tasks will be started based on the cron's system + # daemon's notion of time and timezones. + # + # Output of the crontab jobs (including errors) is sent through + # email to the user the crontab file belongs to (unless redirected). + # + # For example, you can run a backup of all your user accounts + # at 5 a.m every week with: + # 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ + # + PATH={{ cron_root_path }} + SHELL=/bin/bash + when: + - not root_crontab_file.stat.exists + tags: + - user_crontab + - name: (cron.yml) Set env entries in user crontabs cron: name: '{{ item.name }}' diff --git a/roles/common/tasks/extrepo.yml b/roles/common/tasks/extrepo.yml new file mode 100644 index 0000000..eaa172c --- /dev/null +++ b/roles/common/tasks/extrepo.yml @@ -0,0 +1,26 @@ +--- + +- name: (extrepo.yml) Install extrepo package + ansible.builtin.apt: + name: extrepo + state: present + tags: + - extrepo + +- name: (extrepo.yml) Enable contrib policy in /etc/extrepo/config.yaml + ansible.builtin.lineinfile: + path: /etc/extrepo/config.yaml + regexp: '^(#\s*)?-\s*contrib$' + insertafter: '^- main$' + line: '- contrib' + tags: + - extrepo + +- name: (extrepo.yml) Enable non-free policy in /etc/extrepo/config.yaml + ansible.builtin.lineinfile: + path: /etc/extrepo/config.yaml + regexp: '^(#\s*)?-\s*non-free$' + insertafter: '^- contrib$' + line: '- non-free' + tags: + - extrepo diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index e7eb52e..7ee9900 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -32,6 +32,16 @@ - ansible_facts['distribution'] == "Debian" tags: apt +# tags supported inside extrepo.yml +# +# extrepo +- import_tasks: extrepo.yml + when: + - ansible_facts['distribution'] == "Debian" + - (ansible_facts['distribution_major_version'] | int) >= 12 + tags: + - extrepo + # tags supported inside apt-gateway.yml: # #