From ca78164ab34438f75cd4e44f3a4945c367f6320a Mon Sep 17 00:00:00 2001
From: iRaven <iraven@noreply.localhost>
Date: Sat, 22 Feb 2025 12:58:03 -0600
Subject: [PATCH] Add apt cacher and update tasks

+ add nhadmin user to systemd-journal
---
 linux/compliance.yaml | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/linux/compliance.yaml b/linux/compliance.yaml
index dc0876e..948c198 100644
--- a/linux/compliance.yaml
+++ b/linux/compliance.yaml
@@ -6,6 +6,16 @@
   become: yes
 
   tasks:
+    # APT Cacher-NG Configuration
+    - name: Add APT-Cacher-NG Configuration
+      copy:
+        content: "# APT-Cacher-NG configured by Ansible.\nAcquire::http::Proxy "http://{{ aptcacher_ip }}:3142";"
+        dest: /etc/apt/apt.conf.d/proxy
+
+    # Update apt package lists after adding our proxy
+    - name: Update apt repo package lists from cacher
+      apt: update_cache=yes force_apt_get=yes cache_valid_time=3600
+    
     # User account (ansible) configuration
     - name: Add deployment user.
       user:
@@ -60,8 +70,8 @@
         state: present
         password: "{{ nhadmin_password | password_hash('sha512') }}"
         shell: /bin/bash
-        # add to sudo
-        groups: sudo
+        # add to sudo, systemd-journal
+        groups: sudo systemd-journal
         append: yes
     # Sysadmin user SSH pub key
     # This is a really stupid way to do it, but alas.
@@ -102,4 +112,7 @@
     - name: Delete our network ansible key (and other keys) from the root user.
       file:
         path: /root/.ssh/authorized_keys
-        state: absent
\ No newline at end of file
+        state: absent
+    # Upgrade all apt packages for good measur 
+    - name: Upgrade all apt packages
+      apt: upgrade=dist force_apt_get=yes
\ No newline at end of file