diff --git a/facts/general/gather.yml b/facts/general/gather.yml index 3ba1e1d..99c872b 100644 --- a/facts/general/gather.yml +++ b/facts/general/gather.yml @@ -1,6 +1,6 @@ --- -# Facts that must be gathered by tasks. +# Facts that must be gathered after running tasks. -- name: Gather | Locate BASH +- name: Facts | General | Gather | Locate BASH shell: which bash register: bash_exec \ No newline at end of file diff --git a/facts/general/package.yml b/facts/general/package.yml index 99441e9..e2dc262 100644 --- a/facts/general/package.yml +++ b/facts/general/package.yml @@ -2,21 +2,21 @@ # Define program names per OS for package builtin. # This file is for ALL systems and should not include UI components. -- name: Set Pop OS Package Names +- name: Facts | Workstation | Package | Pop OS set_fact: sshfs: sshfs locate: locate when: ansible_distribution == "Pop!_OS" -- name: Set Debian and Ubuntu Package Names +- name: Facts | Workstation | Package | Debian and Ubuntu set_fact: sshfs: sshfs locate: locate when: ansible_distribution in ("Debian","Ubuntu") -- name: Set FreeBSD Package Names +- name: Facts | Workstation | Package | FreeBSD set_fact: sshfs: fusefs-sshfs locate: htop # This is just a placeholder to prevent errors diff --git a/facts/general/service.yml b/facts/general/service.yml index 81c1b5c..34cbb27 100644 --- a/facts/general/service.yml +++ b/facts/general/service.yml @@ -1,7 +1,7 @@ --- # Define program names per OS for service builtin. -- name: Set Pop OS Service Names +- name: Facts | Workstation | Service | Pop OS set_fact: cups: cups cups_pattern: cupsd @@ -10,7 +10,7 @@ when: ansible_distribution == "Pop!_OS" -- name: Set Debian and Ubuntu Service Names +- name: Facts | Workstation | Service | Debian and Ubuntu set_fact: cups: cups cups_pattern: cupsd @@ -19,7 +19,7 @@ when: ansible_distribution in ("Debian","Ubuntu") -- name: Set FreeBSD Service Names +- name: Facts | Workstation | Service | FreeBSD set_fact: cups: cups cups_pattern: cupsd diff --git a/facts/general/system.yml b/facts/general/system.yml index 058f22a..5e0b945 100644 --- a/facts/general/system.yml +++ b/facts/general/system.yml @@ -1,7 +1,7 @@ --- # Define file, folder, and other facts per OS. -- name: Set Pop OS Facts +- name: Facts | Workstation | System | Pop OS set_fact: lynis_install_dir: /usr/local/lynis lynis_report: /home/ling/lynis.log @@ -10,7 +10,7 @@ when: ansible_distribution == "Pop!_OS" -- name: Set Debian and Ubuntu Facts +- name: Facts | Workstation | System | Debian and Ubuntu set_fact: lynis_install_dir: /usr/local/lynis lynis_report: /root/lynis.log @@ -19,7 +19,7 @@ when: ansible_distribution in ("Debian","Ubuntu") -- name: Set FreeBSD Facts +- name: Facts | Workstation | System | FreeBSD set_fact: lynis_install_dir: /usr/local/lynis lynis_report: /root/lynis.log diff --git a/facts/general/user.yml b/facts/general/user.yml index e8b2121..722ff4d 100644 --- a/facts/general/user.yml +++ b/facts/general/user.yml @@ -1,13 +1,13 @@ --- # Define users and groups per OS type. -- name: Set Linux User Variables +- name: Facts | Workstation | User | Linux set_fact: root_group: root when: ansible_system == "Linux" -- name: Set FreeBSD User Variables +- name: Facts | Workstation | User | FreeBSD set_fact: root_group: wheel when: ansible_system == "FreeBSD" \ No newline at end of file diff --git a/facts/workstation/package.yml b/facts/workstation/package.yml index 23936ff..e3700b7 100644 --- a/facts/workstation/package.yml +++ b/facts/workstation/package.yml @@ -2,7 +2,7 @@ # Define program names per OS for package builtin. # This is only for Workstation devices with UIs. -- name: Set Pop OS Package Names +- name: Facts | Workstation | Package | Pop OS set_fact: firefox: firefox firefox-esr: firefox-esr @@ -11,7 +11,7 @@ when: ansible_distribution == "Pop!_OS" -- name: Set Debian and Ubuntu Package Names +- name: Facts | Workstation | Package | Debian and Ubuntu set_fact: firefox: firefox firefox-esr: firefox-esr @@ -20,7 +20,7 @@ when: ansible_distribution in ("Debian","Ubuntu") -- name: Set FreeBSD Package Names +- name: Facts | Workstation | Package | FreeBSD set_fact: firefox: firefox firefox-esr: firefox-esr diff --git a/facts/workstation/system.yml b/facts/workstation/system.yml index 40c1797..f57d4f5 100644 --- a/facts/workstation/system.yml +++ b/facts/workstation/system.yml @@ -1,19 +1,19 @@ --- # Define file, folder, and other facts per OS. -- name: Set Pop OS Facts +- name: Facts | Workstation | System | Pop OS set_fact: flatpak_distro: true when: ansible_distribution == "Pop!_OS" -- name: Set Debian and Ubuntu Facts +- name: Facts | Workstation | System | Debian and Ubuntu set_fact: flatpak_distro: true when: ansible_distribution in ("Debian","Ubuntu") -- name: Set FreeBSD Facts +- name: Facts | Workstation | System | FreeBSD set_fact: flatpak_distro: false when: ansible_system == "FreeBSD" \ No newline at end of file diff --git a/tasks/freebsd/software/gui.yml b/tasks/freebsd/software/gui.yml index cd96e7a..a8d4fbe 100644 --- a/tasks/freebsd/software/gui.yml +++ b/tasks/freebsd/software/gui.yml @@ -1,7 +1,7 @@ --- # Provide FreeBSD with a DE. -- name: FreeBSD | Software | Install UI Components +- name: Workstation | FreeBSD | GUI | Install UI Components package: name: - xorg @@ -10,14 +10,14 @@ - "{{ thunderbird }}" state: present -- name: FreeBSD | Software | Uninstall Bloat +- name: Workstation | FreeBSD | GUI | Uninstall Bloat package: name: - "{{ firefox }}" - "{{ evolution }}" state: absent -- name: FreeBSD | Software | Create rc.conf Entries +- name: Workstation | FreeBSD | GUI | Create rc.conf Entries blockinfile: path: /etc/rc.conf block: | @@ -29,7 +29,7 @@ fusefs_enable="YES" backup: yes -- name: FreeBSD | Software | Create fstab Entries +- name: Workstation | FreeBSD | GUI | Create fstab Entries blockinfile: path: /etc/fstab block: | diff --git a/tasks/general/acct_mgmt/groups.yml b/tasks/general/acct_mgmt/groups.yml index 09fbacd..82c2eeb 100644 --- a/tasks/general/acct_mgmt/groups.yml +++ b/tasks/general/acct_mgmt/groups.yml @@ -1,6 +1,6 @@ --- # Groups that do not come to all distros by default. -- name: Ensure sudo group exists (Looking at you BSD!) +- name: General | Account Management | Groups | Sudo (Looking at you BSD!) group: name: sudo diff --git a/tasks/general/acct_mgmt/keys.yml b/tasks/general/acct_mgmt/keys.yml index 16de7c2..5d2bd46 100644 --- a/tasks/general/acct_mgmt/keys.yml +++ b/tasks/general/acct_mgmt/keys.yml @@ -6,11 +6,11 @@ # openssh_keypair: # path: /root/.ssh/id_rsa -- name: SSH Key | Root | Create +- name: General | Account Management | SSH Key | Root | Create shell: ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa <<< n args: executable: "{{ bash_exec.stdout }}" ignore_errors: yes -- name: SSH Key | Root | Copy to 1337 +- name: General | Account Management | SSH Key | Root | Copy to 1337 shell: ssh-copy-id -i /root/.ssh/id_rsa ling@leet \ No newline at end of file diff --git a/tasks/general/acct_mgmt/mounts.yml b/tasks/general/acct_mgmt/mounts.yml index 6bbdc1d..df4f42c 100644 --- a/tasks/general/acct_mgmt/mounts.yml +++ b/tasks/general/acct_mgmt/mounts.yml @@ -1,20 +1,20 @@ --- # Mount shares that all systems should have. -- name: Mounts | Create 1337 Folder +- name: General | Account Management | Mounts | Create 1337 Folder file: path: /mnt/leet state: directory mode: '0755' -- name: Mounts | Create fstab Entries +- name: General | Account Management | Mounts | Create fstab Entries blockinfile: path: /etc/fstab block: | ling@leet: /mnt/leet fuse.sshfs defaults,_netdev,allow_other,delay_connect 0 0 backup: yes -- name: Mounts | Mount All +- name: General | Account Management | Mounts | Mount All shell: mount -a args: warn: false diff --git a/tasks/general/acct_mgmt/sudo.yml b/tasks/general/acct_mgmt/sudo.yml index 8777123..c399ad1 100644 --- a/tasks/general/acct_mgmt/sudo.yml +++ b/tasks/general/acct_mgmt/sudo.yml @@ -1,7 +1,7 @@ --- # Ensure the proper users have sudo access. -- name: Add Ansible Sudoers File +- name: General | Account Management | Sudo | Copy Ansible copy: src: sudoers_ansible dest: "{{ sudoers_install_dir }}" @@ -9,7 +9,7 @@ group: "{{ root_group }}" mode: 0440 -- name: Add Sudo Group Sudoers File +- name: General | Account Management | Sudo | Copy Sudo Group copy: src: sudoers_sudo dest: "{{ sudoers_install_dir }}" diff --git a/tasks/general/acct_mgmt/users.yml b/tasks/general/acct_mgmt/users.yml index 3caa1ae..6a6b8a0 100644 --- a/tasks/general/acct_mgmt/users.yml +++ b/tasks/general/acct_mgmt/users.yml @@ -2,7 +2,7 @@ # Create users for both desktop and server machines. # Scheduler -- name: Create User Ansible +- name: General | Account Management | User | Ansible user: name: ansible comment: Ansible @@ -10,7 +10,7 @@ # Superuser -- name: Create User Hyperling +- name: General | Account Management | User | Hyperling user: name: ling comment: Hyperling diff --git a/tasks/general/cron/ansible.yml b/tasks/general/cron/ansible.yml index 44b3d5d..2d51f98 100644 --- a/tasks/general/cron/ansible.yml +++ b/tasks/general/cron/ansible.yml @@ -1,6 +1,6 @@ --- -- name: install cron job (ansible-pull) +- name: General | Cron | Ansible | Create Main Job cron: user: ansible name: "Ansible Sync" diff --git a/tasks/general/software/harden.yml b/tasks/general/software/harden.yml index 46d147f..face1c6 100644 --- a/tasks/general/software/harden.yml +++ b/tasks/general/software/harden.yml @@ -1,13 +1,13 @@ --- -- name: Remove CUPS Daemon +- name: General | Software | Harden | Remove CUPS Daemon service: name: "{{ cups }}" pattern: "{{ cups_pattern }}" state: stopped enabled: no -- name: Remove CUPS-Browse Daemon +- name: General | Software | Harden | Remove CUPS-Browse Daemon service: name: "{{ cups_browse }}" pattern: "{{ cups_browse_pattern }}" diff --git a/tasks/general/software/packages.yml b/tasks/general/software/packages.yml index c8ba8c3..0966975 100644 --- a/tasks/general/software/packages.yml +++ b/tasks/general/software/packages.yml @@ -1,16 +1,16 @@ --- # Cross-platform package management. -- name: Repo Cache Refresh (Apt and Pacman) +- name: General | Software | Packages | Cache Refresh (Apt and Pacman) package: update_cache: yes when: ansible_pkg_mgr in ["apt", "pacman"] -- name: Repo Cache Refresh (FreeBSD) +- name: General | Software | Packages | Cache Refresh (FreeBSD) shell: pkg update when: ansible_system == "FreeBSD" -- name: Repo Install Software +- name: General | Software | Packages | Install Software package: name: - bash @@ -20,7 +20,7 @@ - "{{ locate }}" state: present -- name: Repo Update Software (Disabled) +- name: General | Software | Packages | Update Software (Disabled) package: name: - ansible @@ -29,14 +29,14 @@ state: latest when: "1 == 0" -- name: Repo Remove Software +- name: General | Software | Packages | Remove Software package: name: - cowsay # Sorry ;) state: absent # TODO: Confirm if Ubuntu still uses snap for critical components like GNOME. -- name: Repo Remove Software (Besides Ubuntu) +- name: General | Software | Packages | Remove Software (Besides Ubuntu) package: name: - snapd diff --git a/tasks/general/hardness_checks/lynis.yml b/tasks/general/tests/lynis.yml similarity index 64% rename from tasks/general/hardness_checks/lynis.yml rename to tasks/general/tests/lynis.yml index d6610d5..19724dd 100644 --- a/tasks/general/hardness_checks/lynis.yml +++ b/tasks/general/tests/lynis.yml @@ -1,16 +1,16 @@ --- -- name: Install Lynis +- name: General | Tests | Lynis | Install git: repo: https://github.com/CISOfy/lynis dest: "{{ lynis_install_dir }}" clone: yes force: yes -- name: Run Lynis Audit System +- name: General | Tests | Lynis | Run System Audit shell: "{{ lynis_install_dir }}/lynis --no-colors audit system > {{ lynis_report }} 2>&1" -- name: Make Lynis Report Readable +- name: General | Tests | Lynis | Make Report Readable file: path: "{{ lynis_report }}" mode: '0444' \ No newline at end of file diff --git a/tasks/linux/software/flatpaks.yml b/tasks/linux/software/flatpaks.yml index a4263b9..3f6c372 100644 --- a/tasks/linux/software/flatpaks.yml +++ b/tasks/linux/software/flatpaks.yml @@ -1,12 +1,12 @@ --- # Pre-reqs -- name: Install Flatpak +- name: Workstation | Linux | Flatpak | Install Flatpak package: name: flatpak update_cache: yes -- name: Add Flathub for System +- name: Workstation | Linux | Flatpak | Add Flathub for System flatpak_remote: name: flathub state: present @@ -14,24 +14,24 @@ flatpakrepo_url: https://dl.flathub.org/repo/flathub.flatpakrepo # Hop into installs -- name: Install Discord +- name: Workstation | Linux | Flatpak | Install Discord flatpak: name: com.discordapp.Discord -- name: Install Shotcut +- name: Workstation | Linux | Flatpak | Install Shotcut flatpak: name: org.shotcut.Shotcut -- name: Install Firefox +- name: Workstation | Linux | Flatpak | Install Firefox flatpak: name: org.mozilla.firefox -- name: Install Thunderbird +- name: Workstation | Linux | Flatpak | Install Thunderbird flatpak: name: org.mozilla.Thunderbird # Remove any applicable repo software -- name: Remove packages that may come with an OS but were just installed as Flatpak +- name: Workstation | Linux | Flatpak | Remove Packages package: name: - "{{ firefox }}"