refs #8025 Little modifications - Using module systemd insted service. Other approach to hosts file. More strict disable apparmor.

.gitignore

@@ -2,5 +2,6 @@
 .vault-pass
 .vault.yml
 .passbolt.yml
+inventories/local
 venv
 context/_build

inventories/group_vars/all.yml

@@ -11,7 +11,6 @@ main_dns_server: ns1.verdnatura.es
 ldap_uri: ldap://ldap.verdnatura.es
 ldap_base: dc=verdnatura,dc=es
 dc_net: "10.0.0.0/16"
-resolv_domain: verdnatura.es
 resolvers:
   - '10.0.0.4'
   - '10.0.0.5'

roles/debian-host/handlers/main.yml

@@ -1,4 +1,4 @@
 - name: restart-sysctl
-  service:
+  systemd:
     name: systemd-sysctl
-    state: restarted
+    state: restarted

roles/debian-host/tasks/apparmor.yml

@@ -1,5 +1,12 @@
-- name: Disable AppArmor
-  service:
+- name: Stop AppArmor
+  systemd:
     name: apparmor
     state: stopped
+- name: Disable AppArmor service
+  systemd:
+    name: apparmor
     enabled: no
+- name: Mask AppArmor service
+  systemd:
+    name: apparmor
+    masked: yes

roles/debian-host/tasks/hostname.yml

@@ -2,11 +2,8 @@
   hostname:
     name: "{{ inventory_hostname_short }}"
     use: debian
-- name: Configure hosts file
-  blockinfile:
+- name: Populating hosts file with hostname
+  lineinfile:
     path: /etc/hosts
-    marker_begin: '--- BEGIN VN ---'
-    marker_end: '--- END VN ---'
-    marker: "# {mark}"
-    block: |
-      {{ ansible_default_ipv4.address }} {{ ansible_host }} {{ inventory_hostname_short }}
+    regexp: '^127.0.1.1'
+    line: '127.0.1.1       {{ ansible_host }} {{ inventory_hostname_short }}'

roles/debian-host/tasks/sysctl.yml

@@ -1,4 +1,4 @@
-- name: Set systctl configuration
+- name: Set systctl custom vn configuration
   copy:
     src: sysctl/
     dest: /etc/sysctl.d/

roles/debian-host/templates/resolv.conf

@@ -1,5 +1,5 @@
-domain {{ resolv_domain }}
-search {{ resolv_domain }}
+domain {{ host_domain }}
+search {{ host_domain }}
 {% if resolvers is defined %}
 {% for resolver in resolvers %}
 nameserver {{resolver}}