ansible_cache/linux-ubuntu/prestage.yml

---
- name: Prestage server and install services [SYSLOG, FTP, TFTP, NTP]
  hosts: all
  roles: 
    - common
  become: yes

  tasks:

    - name: Update and upgrade current packages
      apt:
        update_cache: yes
        upgrade: yes

    - name: Update apt cache and install required packages
      apt:
        name: "{{ item }}"
      loop:
        - curl
        - tree
        - syslog-ng
        - vsftpd
        - tftpd-hpa
        - ntp
        - ufw

    - name: Create a new regular user with sudo privileges
      user:
        name: "{{ create_user }}"
        state: present
        groups: sudo
        append: true
        create_home: true
        shell: /bin/bash

    - name: Set authorized key for remote user
      authorized_key:
        user: "{{ create_user }}"
        state: present
        key: "{{ copy_local_key }}"

    - name: Configure UFW to allow inbound NTP, SSH, SYSLOG, FTP connections
      ufw:
        rule: allow
        direction: in
        port: "{{ item.port }}"
        proto: "{{ item.proto }}"
      loop:
        - port: '22'
          proto: tcp
        - port: '123'
          proto: udp
        - port: '514'
          proto: udp
        - port: '23'
          proto: tcp

    - name: UFW - Deny all other incoming traffic by default
      ufw:
        state: enabled
        policy: deny
        direction: incoming

    - name: Block all IPv6 incoming connections
      ufw:
        rule: block
        direction: in
        proto: ipv6

    - name: Send Webex Teams message via BOT to confirm playbook completion
      community.general.cisco_webex:
        recipient_type: toPersonEmail
        recipient_id: "{{ webex_id }}"
        msg_type: markdown
        personal_token: "{{ webex_token }}"
        msg: "**Prestaging has been completed for host {{ inventory_hostname }}.**"
Added basic Linux server prestage playbook + reboot playbook 2022-05-06 21:03:49 +00:00			`---`
			`- name: Prestage server and install services [SYSLOG, FTP, TFTP, NTP]`
			`hosts: all`
			`roles:`
			`- common`
			`become: yes`

			`tasks:`

			`- name: Update and upgrade current packages`
			`apt:`
			`update_cache: yes`
			`upgrade: yes`

			`- name: Update apt cache and install required packages`
			`apt:`
			`name: "{{ item }}"`
			`loop:`
			`- curl`
			`- tree`
			`- syslog-ng`
			`- vsftpd`
			`- tftpd-hpa`
			`- ntp`
			`- ufw`

			`- name: Create a new regular user with sudo privileges`
			`user:`
			`name: "{{ create_user }}"`
			`state: present`
			`groups: sudo`
			`append: true`
			`create_home: true`
			`shell: /bin/bash`

			`- name: Set authorized key for remote user`
			`authorized_key:`
			`user: "{{ create_user }}"`
			`state: present`
			`key: "{{ copy_local_key }}"`

			`- name: Configure UFW to allow inbound NTP, SSH, SYSLOG, FTP connections`
			`ufw:`
			`rule: allow`
			`direction: in`
			`port: "{{ item.port }}"`
			`proto: "{{ item.proto }}"`
			`loop:`
			`- port: '22'`
			`proto: tcp`
			`- port: '123'`
			`proto: udp`
			`- port: '514'`
			`proto: udp`
			`- port: '23'`
			`proto: tcp`

			`- name: UFW - Deny all other incoming traffic by default`
			`ufw:`
			`state: enabled`
			`policy: deny`
			`direction: incoming`

			`- name: Block all IPv6 incoming connections`
			`ufw:`
			`rule: block`
			`direction: in`
			`proto: ipv6`

			`- name: Send Webex Teams message via BOT to confirm playbook completion`
			`community.general.cisco_webex:`
			`recipient_type: toPersonEmail`
			`recipient_id: "{{ webex_id }}"`
			`msg_type: markdown`
			`personal_token: "{{ webex_token }}"`
			`msg: "Prestaging has been completed for host {{ inventory_hostname }}."`