machine_setup/ansible/roles/base/tasks/freebsd.yaml

173 lines
3.5 KiB
YAML

- name: Set timezone
file:
src: "/usr/share/zoneinfo/{{ timezone|default('UTC') }}"
dest: /etc/localtime
owner: root
group: wheel
state: link
- name: Install packages
package:
name:
- pstree
- gsed
- gmake
- rust-coreutils
- shuf
state: present
- name: Install service configuration
copy:
src: "files/{{ item }}_rc.conf"
dest: "/etc/rc.conf.d/{{ item }}"
mode: 0644
owner: root
group: wheel
loop:
- cleartmp
- name: Install login.conf
copy:
src: login.conf
dest: /etc/login.conf
owner: root
group: wheel
mode: 0644
register: login_config
- name: Update cap_mkdb
command: cap_mkdb /etc/login.conf
when: login_config.changed
- name: Install loader.conf
copy:
src: "{{loader_conf}}"
dest: /boot/loader.conf
owner: root
group: wheel
mode: 0644
when: loader_conf is defined
- name: Delete loader.conf
file:
path: /boot/loader.conf
state: absent
when: loader_conf is not defined
- name: Install rc.conf
copy:
src: "{{rc_conf}}"
dest: /etc/rc.conf
mode: 0644
owner: root
group: wheel
when: rc_conf is defined
- name: Delete rc.conf
file:
path: /etc/rc.conf
state: absent
when: rc_conf is not defined
- name: Install scripts
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0755
owner: root
group: wheel
loop:
- src: bemount.bash
dest: /usr/local/bin/bemount
- src: watch_freebsd
dest: /usr/local/bin/ww
- name: Install rc script
copy:
src: "files/{{ item.src }}"
dest: "/usr/local/etc/rc.d/{{ item.dest|default(item.src) }}"
owner: root
group: wheel
mode: 0755
loop:
- src: bemount_rc.sh
dest: bemount
- name: Enable bemount
community.general.sysrc:
name: bemount_enable
value: "YES"
path: /etc/rc.conf.d/bemount
- name: Install loader.conf
copy:
src: "files/{{ item }}_loader.conf"
dest: "/boot/loader.conf.d/{{ item }}.conf"
mode: 0644
owner: root
group: wheel
loop:
- disk_labels
- name: Configure sysctls
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
reload: false
sysctl_file: "/etc/sysctl.conf.local"
loop:
# Adjust ttl
- name: net.inet.ip.ttl
value: 65
- name: net.inet6.ip6.hlim
value: 65
- name: Log periodic output instead of getting it as mail
blockinfile:
path: "/etc/periodic.conf.local"
marker: "# {mark} ANSIBLE MANAGED BLOCK log"
# create: true
mode: 0644
owner: root
group: wheel
block: |
daily_output=/var/log/daily.log
weekly_output=/var/log/weekly.log
monthly_output=/var/log/monthly.log
- name: Enable periodic zfs scrub
when: install_zfs
blockinfile:
path: "/etc/periodic.conf.local"
marker: "# {mark} ANSIBLE MANAGED BLOCK zfs"
# create: true
mode: 0644
owner: root
group: wheel
block: |
daily_scrub_zfs_enable="YES"
daily_scrub_zfs_default_threshold="7"
# Switch to bbr tcp congestion control which should be better on lossy connections like bad wifi.
- name: Install loader.conf
copy:
src: "files/{{ item }}_loader.conf"
dest: "/boot/loader.conf.d/{{ item }}.conf"
mode: 0644
owner: root
group: wheel
loop:
- bbr
- name: Configure sysctls
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
reload: false
sysctl_file: "/etc/sysctl.conf.local"
loop:
- name: net.inet.tcp.functions_default
value: "bbr"