- name: Set timezone file: src: "/usr/share/zoneinfo/{{ timezone|default('UTC') }}" dest: /etc/localtime owner: root group: root state: link - name: Install packages package: name: - psmisc - pkgfile - linux-firmware - bind # dig - man-db - uutils-coreutils - usbutils # for lsusb - bolt - whois state: present - name: Start pkgfile update service systemd: state: started name: pkgfile-update.timer daemon_reload: yes enabled: yes - name: Install scripts copy: src: "files/{{ item.src }}" dest: "{{ item.dest }}" mode: 0755 owner: root group: wheel loop: - src: mount_disk_image dest: /usr/local/bin/mount_disk_image - src: watch_linux dest: /usr/local/bin/ww - name: Configure sysctls sysctl: name: "{{ item.name }}" value: "{{ item.value }}" state: present sysctl_file: /etc/sysctl.d/{{ item.file }} loop: # Of questionable value since I don't use swap on my machines - name: vm.swappiness value: 10 file: swap.conf # Enable TCP packetization-layer PMTUD when an ICMP black hole is detected. - name: net.ipv4.tcp_mtu_probing value: 1 file: tcp.conf # Switch to bbr tcp congestion control which should be better on lossy connections like bad wifi. - name: net.ipv4.tcp_congestion_control value: bbr file: tcp.conf # Don't do a slow start after a connection has been idle for a single RTO. - name: net.ipv4.tcp_slow_start_after_idle value: 0 file: tcp.conf # 3x time to accumulate filesystem changes before flushing to disk. - name: vm.dirty_writeback_centisecs value: 1500 file: power.conf # Adjust ttl - name: net.ipv4.ip_default_ttl value: 65 file: ttl.conf - name: net.ipv6.conf.all.hop_limit value: 65 file: ttl.conf - name: net.ipv6.conf.default.hop_limit value: 65 file: ttl.conf