Move all shared into this new repo

server/debian/tasks/configure.yml

@@ -0,0 +1,32 @@
+---
+# Increase number of TCP connections per port (debian default 128)
+- name: Increasing number of TCP connections per port /etc/sysctl.conf net.core.somaxconn = 4096
+  sysctl:
+    name: net.core.somaxconn
+    value: '4096'
+    reload: yes
+    state: present
+
+# Increase open files (ulimit), default debian 1024
+# View ulimit -a
+- name: Increase soft open file limit (ulimit)
+  pam_limits:
+    domain: '*'
+    limit_type: soft
+    limit_item: nofile
+    value: '65535'
+- name: Increase hard open file limit (ulimit)
+  pam_limits:
+    domain: '*'
+    limit_type: hard
+    limit_item: nofile
+    value: '65535'
+
+# Enable Memory Overcommit /etc/sysctl.conf vm.overcommit_memory = 1
+# View with sysctl -a |grep max_user_watches (default on debian is 8192)
+- name: Increase fs.inotify.max_user_watches in /etc/sysctl.conf
+  sysctl:
+    name: fs.inotify.max_user_watches
+    value: '524288'
+    reload: yes
+    state: present

server/debian/tasks/install.yml

@@ -0,0 +1,107 @@
+---
+# Copy Debian 9 sources.list
+- name: Copying Debian 9 apt/sources.list
+  copy: src=debian9/sources.list dest=/etc/apt/sources.list
+  when: ansible_os_family == "Debian" and ansible_distribution_major_version == "9"
+
+# Copy Debian 10 sources.list
+- name: Copying Debian 10 apt/sources.list
+  copy: src=debian10/sources.list dest=/etc/apt/sources.list
+  when: ansible_os_family == "Debian" and ansible_distribution_major_version == "10"
+
+  # Copy Ubuntu 16.04 sources.list
+- name: Copying Ubuntu 16.04 apt/sources.list
+  copy: src=ubuntu1604/sources.list dest=/etc/apt/sources.list
+  when: ansible_distribution == "Ubuntu" and ansible_distribution_version == "16.04"
+
+# Ignore apt translations
+- name: Ignoring apt tranlations
+  copy: src=99translations dest=/etc/apt/apt.conf.d/99translations
+
+# ??? hum, I don't want dotdeb on my debian 8 controller
+# may have ZERO debian 8 except for physical, so maybe don't do this generically
+# Many packages we install for Debian8 require dotdeb, so just install it generically
+#- name: Adding Debian8 dotdeb sources
+#  apt_repository: repo='deb http://packages.dotdeb.org jessie all' state=present
+#  when: ansible_os_family == "Debian" and ansible_distribution_major_version == "8"
+
+#- name: Addding Debian8 dotdeb GPG key
+#  apt_key: url='https://www.dotdeb.org/dotdeb.gpg' state=present
+#  when: ansible_os_family == "Debian" and ansible_distribution_major_version == "8"
+
+# Install common apps for all debian machines
+- name: Installing Debian common applications
+  apt:
+    update_cache: yes
+    state: present
+    name:
+      - apt-transport-https # For https apt repos
+      - openssh-server      # SSH server
+      - sudo                # Sudo access for users
+      - net-tools           # Deprecated ifconfig
+      - nmap                # Port scanner
+      - ethtool             # LAN information for debugging
+      - iperf               # Network performance for debugging
+      - sysstat             # Performance stats
+      - iotop               # Data I/O top (for hard drive read/write analysis)
+      - iftop               # Network top to watch network usage
+      - vim                 # Vim text editor
+      - nano                # Nano text editor
+      - rsync               # Rsync protocol
+      - curl                # Web downloader
+      - wget                # Web downloader
+      - htop                # Graphical top alternative
+      - mlocate             # Full-text search for all files
+      - ntp                 # Date sync
+      - zip                 # Zip utility
+      - unzip               # Unzip utility
+      - gzip                # Gzip utility
+      - git                 # Git source control
+      - nfs-common          # Connect to a NFS server
+      - cifs-utils          # Connect to a Samba server
+      - dos2unix            # Convert dos line endings to unix and visa versa
+      - acl                 # I customize directories often with ACL
+      - dnsutils            # Dig command and other dns commands
+
+# Install PHP by default, unless explicitly ignored with - { role: server/debian, include_php: false }
+- name: Installing PHP 7 cli
+  apt:
+    update_cache: yes
+    state: present
+    name: php-cli
+  when: include_php|default(true)|bool
+
+
+
+      #    - nfs-kernel-server
+      #    - samba
+      #    - cifs-utils
+      #    - libnet-ssleay-perl
+      #    - libio-socket-ssl-perl
+      #    - libxrender1
+      #    - supervisor
+
+      # Were generic here, then commented out, careful
+      # - dos2unix
+      # - nfs-common
+      # - entr
+
+# libnet and libio are for sendEmail
+# libxrender1 is for wkhtmltopdf
+# python git dos2unix
+
+
+# other:
+# unattended-upgrades https://wiki.debian.org/UnattendedUpgrades
+# -- sending emails about updates...
+# log monitoring, security etc... maybe a new role
+
+
+#- name: Installing Debian8 applications
+#  apt: name={{ item }} update_cache=yes state=present
+#  with_items:
+
+#- name: Installing Debian 9 applications
+#  apt: name={{ item }} update_cache=yes state=present
+#  with_items:
+#  when: ansible_os_family == "Debian" and ansible_distribution_major_version == "9"

server/debian/tasks/main.yml

@@ -0,0 +1,4 @@
+---
+# Install and Configure Debian
+- include_tasks: install.yml
+- include_tasks: configure.yml