3 files changed, 45 insertions, 0 deletions

diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
new file mode 100644
index 0000000..f8171a0
--- /dev/null
+++ b/roles/common/handlers/main.yml
@@ -0,0 +1,9 @@
+- name: restart ssh
+  service:
+    name: ssh
+    state: restarted
+
+- name: restart systemd-timesyncd
+  service:
+    name: systemd-timesyncd
+    state: restarted
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
new file mode 100644
index 0000000..a83bac5
--- /dev/null
+++ b/roles/common/tasks/main.yml
@@ -0,0 +1,29 @@
+- name: Update hostname to match Ansible inventory
+  hostname:
+    name: "{{ inventory_hostname }}"
+
+- name: Update /etc/hosts to match Ansible inventory
+  template:
+    src: etc-hosts.j2
+    dest: /etc/hosts
+    mode: '0644'
+    owner: root
+    group: root
+
+- name: Disable SSH password authentication
+  lineinfile:
+    dest: /etc/ssh/sshd_config
+    regexp: "^PasswordAuthentication"
+    line: "PasswordAuthentication no"
+    state: present
+  notify:
+    - restart ssh
+
+- name: Set timezone to UTC
+  file:
+    src: /usr/share/zoneinfo/Etc/UTC
+    dest: /etc/localtime
+    mode: '0644'
+    owner: root
+    group: root
+  notify: restart systemd-timesyncd
diff --git a/roles/common/templates/etc-hosts.j2 b/roles/common/templates/etc-hosts.j2
new file mode 100644
index 0000000..141f3d1
--- /dev/null
+++ b/roles/common/templates/etc-hosts.j2
@@ -0,0 +1,7 @@
+127.0.0.1       localhost
+127.0.1.1       {{ inventory_hostname }}.box.pydis.wtf {{ inventory_hostname }}
+
+::1     localhost ip6-localhost ip6-loopback
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
+{{ ansible_host }}    {{ inventory_hostname }}.box.pydis.wtf {{ inventory_hostname }}