diff --git a/lmn-client.yml b/lmn-client.yml index 0224455..4d4ff4c 100644 --- a/lmn-client.yml +++ b/lmn-client.yml @@ -80,15 +80,17 @@ loop_var: rolename when: custom_roles is defined - - name: Final tasks - ansible.builtin.include_role: - name: "{{ role }}" - loop_control: - loop_var: role - loop: - - lmn_security - - lmn_finish - - lmn_tmpfixes + - name: Import role security + ansible.builtin.import_role: + name: lmn_security + + - name: Import role finish + ansible.builtin.import_role: + name: lmn_finish + + - name: Import role tmpfixes + ansible.builtin.import_role: + name: lmn_tmpfixes - name: Apply roles that must run serial diff --git a/roles/lmn_misc/tasks/main.yml b/roles/lmn_misc/tasks/main.yml index 7c15ede..23dce2b 100644 --- a/roles/lmn_misc/tasks/main.yml +++ b/roles/lmn_misc/tasks/main.yml @@ -167,6 +167,8 @@ src: reporter.j2 dest: /usr/local/sbin/reporter mode: '0755' + tags: + - baseinstall - name: Provide services and timers for reporter ansible.builtin.copy: @@ -177,12 +179,16 @@ - reporter.service - reporter.timer when: misc_reporter + tags: + - baseinstall - name: Enable reporter.timer ansible.builtin.systemd: name: reporter.timer enabled: true when: misc_reporter + tags: + - baseinstall # Prepare CloneScreen on Presenter PCs diff --git a/roles/lmn_security/tasks/main.yml b/roles/lmn_security/tasks/main.yml index 62e2754..6c9edcf 100644 --- a/roles/lmn_security/tasks/main.yml +++ b/roles/lmn_security/tasks/main.yml @@ -5,6 +5,8 @@ key: "{{ item }}" loop: "{{ keys2deploy }}" when: keys2deploy is defined + tags: + - baseinstall - name: Allow sudo without password for ansible ansible.builtin.lineinfile: @@ -14,12 +16,16 @@ owner: root group: root mode: '0700' + tags: + - baseinstall - name: Disable ansible user login ansible.builtin.user: name: ansible password_lock: true when: security_defaultuser_login_disable + tags: + - baseinstall - name: Limit SSH access to user ansible ansible.builtin.blockinfile: