basic-setup.yml

---
- hosts: all
  remote_user: root
  become: yes

  vars_prompt:

    - name: host_name
      prompt: Enter machine hostname
      private: no

    - name: swap_size
      prompt: Enter swap file size (e.g. 4G) or leave as 0 to disable swap
      default: "0"
      private: no

    - name: root_password
      prompt: Enter new root password
      private: yes
      encrypt: sha512_crypt
      confirm: yes
      salt_size: 7

    - name: ssh_key
      prompt: Enter filename of public ssh key
      default: "~/.ssh/id_rsa.pub"
      private: no

  tasks:
    - name: Create apt lock folder
      file:
        path: /var/lib/apt/lists
        state: directory
      
    - name: Install packages
      apt: 
        name:
          - curl
          - neovim
          - htop
          - wget
          - git
          - man
          - bash-completion
          - locales
        update_cache: yes 
        state: latest 

    - name: Ensure a locale exists
      locale_gen:
        name: en_US.UTF-8
        state: present

    - name: Apply root password
      user:
        name: root
        password: "{{ root_password }}"

    - name: Remove other ssh keys
      file:
        path: /root/.ssh/authorized_keys
        state: touch
        force: yes

    - name: Set authorized key for root
      authorized_key:
        user: root
        state: present
        key: "{{ lookup('file', ssh_key) }}"

    - name: Disable password authentication
      lineinfile:
        path: /etc/ssh/sshd_config
        state: present
        regexp: '^#?PasswordAuthentication'
        line: 'PasswordAuthentication no'

    - name: Setup system hostname
      hostname: 
        name: "{{ host_name }}"

    - name: Setup /etc/hosts
      lineinfile:
        path: /etc/hosts
        state: present
        regexp: '^127.0.0.1'
        line: '127.0.0.1 localhost {{ host_name }}'

    - name: Install swap file
      block:
        - name: Create the file to be used for swap
          command: fallocate -l {{ swap_size }} /mnt/swap
          
        - name: Format the file for swap
          command: mkswap /mnt/swap
            
        - name: Change swap file permissions
          file: path=/mnt/swap owner=root group=root mode=0600

        - name: Add the file to the system as a swap file
          command: swapon /mnt/swap

        - name: Write swap entry in fstab
          mount: name=none src=/mnt/swap fstype=swap opts=sw passno=0 dump=0 state=present
      when: swap_size != "0" 
        
    - name: Reboot system
      reboot:
        reboot_timeout: 1200