Move all shared into this new repo

server/debian/files/99translations

@@ -0,0 +1 @@
+Acquire::Languages "none";

server/debian/files/debian10/sources.list

@@ -0,0 +1,11 @@
+# Debian 10 Buster Software
+deb http://deb.debian.org/debian buster main contrib non-free
+deb-src http://deb.debian.org/debian buster main contrib non-free
+
+# Debian 10 Buster Updates
+deb http://deb.debian.org/debian buster-updates main contrib non-free
+deb-src http://deb.debian.org/debian buster-updates main contrib non-free
+
+# Debian 10 Buster Security
+deb http://security.debian.org/debian-security/ buster/updates main contrib non-free
+deb-src http://security.debian.org/debian-security/ buster/updates main contrib non-free

server/debian/files/debian8/sources.list

@@ -0,0 +1,11 @@
+# Debian 8 Jessie Software
+deb http://deb.debian.org/debian jessie main contrib non-free
+#deb-src http://deb.debian.org/debian jessie main contrib non-free
+
+# Debian 8 Jessie Updates
+deb http://deb.debian.org/debian jessie-updates main contrib non-free
+#deb-src http://deb.debian.org/debian jessie-updates main contrib non-free
+
+# Debian 8 Jessie Security
+deb http://security.debian.org/ jessie/updates main
+#deb-src http://security.debian.org/ jessie/updates main

server/debian/files/debian9/sources.list

@@ -0,0 +1,11 @@
+# Debian 9 Stretch Software
+deb http://deb.debian.org/debian stretch main contrib non-free
+deb-src http://deb.debian.org/debian stretch main contrib non-free
+
+# Debian 9 Stretch Updates
+deb http://deb.debian.org/debian stretch-updates main contrib non-free
+deb-src http://deb.debian.org/debian stretch-updates main contrib non-free
+
+# Debian 9 Stretch Security
+deb http://security.debian.org/debian-security/ stretch/updates main contrib non-free
+deb-src http://security.debian.org/debian-security/ stretch/updates main contrib non-free

server/debian/files/ubuntu1604/sources.list

@@ -0,0 +1,49 @@
+# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
+# newer versions of the distribution.
+deb http://us.archive.ubuntu.com/ubuntu/ xenial main restricted
+# deb-src http://us.archive.ubuntu.com/ubuntu/ xenial main restricted
+
+## Major bug fix updates produced after the final release of the
+## distribution.
+deb http://us.archive.ubuntu.com/ubuntu/ xenial-updates main restricted
+# deb-src http://us.archive.ubuntu.com/ubuntu/ xenial-updates main restricted
+
+## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
+## team. Also, please note that software in universe WILL NOT receive any
+## review or updates from the Ubuntu security team.
+deb http://us.archive.ubuntu.com/ubuntu/ xenial universe
+# deb-src http://us.archive.ubuntu.com/ubuntu/ xenial universe
+deb http://us.archive.ubuntu.com/ubuntu/ xenial-updates universe
+# deb-src http://us.archive.ubuntu.com/ubuntu/ xenial-updates universe
+
+## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu 
+## team, and may not be under a free licence. Please satisfy yourself as to 
+## your rights to use the software. Also, please note that software in 
+## multiverse WILL NOT receive any review or updates from the Ubuntu
+## security team.
+deb http://us.archive.ubuntu.com/ubuntu/ xenial multiverse
+# deb-src http://us.archive.ubuntu.com/ubuntu/ xenial multiverse
+deb http://us.archive.ubuntu.com/ubuntu/ xenial-updates multiverse
+# deb-src http://us.archive.ubuntu.com/ubuntu/ xenial-updates multiverse
+
+## N.B. software from this repository may not have been tested as
+## extensively as that contained in the main release, although it includes
+## newer versions of some applications which may provide useful features.
+## Also, please note that software in backports WILL NOT receive any review
+## or updates from the Ubuntu security team.
+deb http://us.archive.ubuntu.com/ubuntu/ xenial-backports main restricted universe multiverse
+# deb-src http://us.archive.ubuntu.com/ubuntu/ xenial-backports main restricted universe multiverse
+
+## Uncomment the following two lines to add software from Canonical's
+## 'partner' repository.
+## This software is not part of Ubuntu, but is offered by Canonical and the
+## respective vendors as a service to Ubuntu users.
+# deb http://archive.canonical.com/ubuntu xenial partner
+# deb-src http://archive.canonical.com/ubuntu xenial partner
+
+deb http://security.ubuntu.com/ubuntu xenial-security main restricted
+# deb-src http://security.ubuntu.com/ubuntu xenial-security main restricted
+deb http://security.ubuntu.com/ubuntu xenial-security universe
+# deb-src http://security.ubuntu.com/ubuntu xenial-security universe
+deb http://security.ubuntu.com/ubuntu xenial-security multiverse
+# deb-src http://security.ubuntu.com/ubuntu xenial-security multiverse

server/debian/tasks/configure.yml

@@ -0,0 +1,32 @@
+---
+# Increase number of TCP connections per port (debian default 128)
+- name: Increasing number of TCP connections per port /etc/sysctl.conf net.core.somaxconn = 4096
+  sysctl:
+    name: net.core.somaxconn
+    value: '4096'
+    reload: yes
+    state: present
+
+# Increase open files (ulimit), default debian 1024
+# View ulimit -a
+- name: Increase soft open file limit (ulimit)
+  pam_limits:
+    domain: '*'
+    limit_type: soft
+    limit_item: nofile
+    value: '65535'
+- name: Increase hard open file limit (ulimit)
+  pam_limits:
+    domain: '*'
+    limit_type: hard
+    limit_item: nofile
+    value: '65535'
+
+# Enable Memory Overcommit /etc/sysctl.conf vm.overcommit_memory = 1
+# View with sysctl -a |grep max_user_watches (default on debian is 8192)
+- name: Increase fs.inotify.max_user_watches in /etc/sysctl.conf
+  sysctl:
+    name: fs.inotify.max_user_watches
+    value: '524288'
+    reload: yes
+    state: present

server/debian/tasks/install.yml

@@ -0,0 +1,107 @@
+---
+# Copy Debian 9 sources.list
+- name: Copying Debian 9 apt/sources.list
+  copy: src=debian9/sources.list dest=/etc/apt/sources.list
+  when: ansible_os_family == "Debian" and ansible_distribution_major_version == "9"
+
+# Copy Debian 10 sources.list
+- name: Copying Debian 10 apt/sources.list
+  copy: src=debian10/sources.list dest=/etc/apt/sources.list
+  when: ansible_os_family == "Debian" and ansible_distribution_major_version == "10"
+
+  # Copy Ubuntu 16.04 sources.list
+- name: Copying Ubuntu 16.04 apt/sources.list
+  copy: src=ubuntu1604/sources.list dest=/etc/apt/sources.list
+  when: ansible_distribution == "Ubuntu" and ansible_distribution_version == "16.04"
+
+# Ignore apt translations
+- name: Ignoring apt tranlations
+  copy: src=99translations dest=/etc/apt/apt.conf.d/99translations
+
+# ??? hum, I don't want dotdeb on my debian 8 controller
+# may have ZERO debian 8 except for physical, so maybe don't do this generically
+# Many packages we install for Debian8 require dotdeb, so just install it generically
+#- name: Adding Debian8 dotdeb sources
+#  apt_repository: repo='deb http://packages.dotdeb.org jessie all' state=present
+#  when: ansible_os_family == "Debian" and ansible_distribution_major_version == "8"
+
+#- name: Addding Debian8 dotdeb GPG key
+#  apt_key: url='https://www.dotdeb.org/dotdeb.gpg' state=present
+#  when: ansible_os_family == "Debian" and ansible_distribution_major_version == "8"
+
+# Install common apps for all debian machines
+- name: Installing Debian common applications
+  apt:
+    update_cache: yes
+    state: present
+    name:
+      - apt-transport-https # For https apt repos
+      - openssh-server      # SSH server
+      - sudo                # Sudo access for users
+      - net-tools           # Deprecated ifconfig
+      - nmap                # Port scanner
+      - ethtool             # LAN information for debugging
+      - iperf               # Network performance for debugging
+      - sysstat             # Performance stats
+      - iotop               # Data I/O top (for hard drive read/write analysis)
+      - iftop               # Network top to watch network usage
+      - vim                 # Vim text editor
+      - nano                # Nano text editor
+      - rsync               # Rsync protocol
+      - curl                # Web downloader
+      - wget                # Web downloader
+      - htop                # Graphical top alternative
+      - mlocate             # Full-text search for all files
+      - ntp                 # Date sync
+      - zip                 # Zip utility
+      - unzip               # Unzip utility
+      - gzip                # Gzip utility
+      - git                 # Git source control
+      - nfs-common          # Connect to a NFS server
+      - cifs-utils          # Connect to a Samba server
+      - dos2unix            # Convert dos line endings to unix and visa versa
+      - acl                 # I customize directories often with ACL
+      - dnsutils            # Dig command and other dns commands
+
+# Install PHP by default, unless explicitly ignored with - { role: server/debian, include_php: false }
+- name: Installing PHP 7 cli
+  apt:
+    update_cache: yes
+    state: present
+    name: php-cli
+  when: include_php|default(true)|bool
+
+
+
+      #    - nfs-kernel-server
+      #    - samba
+      #    - cifs-utils
+      #    - libnet-ssleay-perl
+      #    - libio-socket-ssl-perl
+      #    - libxrender1
+      #    - supervisor
+
+      # Were generic here, then commented out, careful
+      # - dos2unix
+      # - nfs-common
+      # - entr
+
+# libnet and libio are for sendEmail
+# libxrender1 is for wkhtmltopdf
+# python git dos2unix
+
+
+# other:
+# unattended-upgrades https://wiki.debian.org/UnattendedUpgrades
+# -- sending emails about updates...
+# log monitoring, security etc... maybe a new role
+
+
+#- name: Installing Debian8 applications
+#  apt: name={{ item }} update_cache=yes state=present
+#  with_items:
+
+#- name: Installing Debian 9 applications
+#  apt: name={{ item }} update_cache=yes state=present
+#  with_items:
+#  when: ansible_os_family == "Debian" and ansible_distribution_major_version == "9"

server/debian/tasks/main.yml

@@ -0,0 +1,4 @@
+---
+# Install and Configure Debian
+- include_tasks: install.yml
+- include_tasks: configure.yml