Getting started

Example inventory

To install and configure AppArmor, add the hosts to the debops_service_apparmor Ansible inventory host group:


Example playbook

Here's an example playbook that can be used to install and configure AppArmor:


- name: Install and configure AppArmor
  hosts: [ 'debops_service_apparmor' ]
  become: True

  environment: '{{ inventory__environment | d({})
                   | combine(inventory__group_environment | d({}))
                   | combine(inventory__host_environment  | d({})) }}'


    - role: debops.grub
      grub_dependent_kernel_options: '{{ apparmor__kernel_options }}'
      when: (not (apparmor__manage_grub|d() | bool))
      tags: [ 'role::grub' ]

    - role: debops-contrib.apparmor
      tags: [ 'role::apparmor' ]

The playbooks is shipped with this role under docs/playbooks/apparmor.yml from which you can symlink it to your playbook directory. In case you use multiple DebOps Contrib roles, consider using the DebOps Contrib playbooks.

Ansible tags

You can use Ansible --tags or --skip-tags parameters to limit what tasks are performed during Ansible run. This can be used after a host was first configured to speed up playbook execution, when you are sure that most of the configuration is already in the desired state.

Available role tags:

Main role tag, should be used in the playbook to execute all of the role tasks as well as role dependencies.