when: not (ansible_distribution == "Debian" and ansible_lsb.major_release|int >= 9)
command: "false"
- name: detect if we have backports in the sources.list
- command: fgrep backports /etc/apt/sources.list
+ command: 'fgrep backports /etc/apt/sources.list'
register: backports
failed_when: backports.rc == 2
changed_when: False
when: backports.rc != 0
apt_repository: repo='deb http://httpredir.debian.org/debian {{ansible_distribution_release}}-backports main contrib non-free' state=present update_cache=yes
- name: get rid of packages we do not want
- apt: name=exim4-base,rpcbind state=absent autoremove=yes
-- name: install needrestart (from backports)
- apt: name=needrestart state=latest default_release={{ansible_distribution_release}}-backports
+ apt: name=exim4-base,rpcbind,procmail,fetchmail state=absent autoremove=yes
- name: install some basic tools
- apt: name=aptitude,rsync,git,mercurial,curl,apt-transport-https,psmisc,dnsutils,tree,htop state=latest
-# dh2048
-- name: create dh2048 file
- command: openssl dhparam -out /etc/ssl/dh2048.pem 2048
- args:
- creates: "/etc/ssl/dh2048.pem"
+ apt: name=nano,aptitude,rsync,git,mercurial,curl,apt-transport-https,psmisc,dnsutils,tree,htop,acl,libpam-systemd,needrestart,debian-security-support state=latest
# configuration
- name: configure root shell
copy:
dest: /etc/systemd/timesyncd.conf
src: files/timesyncd.conf
notify: timesyncd
+- name: configure needrestart
+ copy:
+ dest: /etc/needrestart/conf.d/restart.conf
+ src: files/needrestart.conf