From d40aaaa145e46f8ccd61cd01eeb40bde42681303 Mon Sep 17 00:00:00 2001
From: Claude AI <claude@thedevops.dev>
Date: Tue, 6 Jan 2026 14:43:12 +0000
Subject: [PATCH] feat(ansible): Add common role tasks

---
 .../roles/common/tasks/main.yml               | 47 +++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 ansible/webserver-automation/roles/common/tasks/main.yml

diff --git a/ansible/webserver-automation/roles/common/tasks/main.yml b/ansible/webserver-automation/roles/common/tasks/main.yml
new file mode 100644
index 0000000..35c067f
--- /dev/null
+++ b/ansible/webserver-automation/roles/common/tasks/main.yml
@@ -0,0 +1,47 @@
+---
+# Common role - Base system configuration
+
+- name: Update apt cache
+  apt:
+    update_cache: true
+    cache_valid_time: 3600
+  when: ansible_os_family == "Debian"
+  tags: ['packages']
+
+- name: Install common packages
+  apt:
+    name: "{{ common_packages }}"
+    state: present
+  tags: ['packages']
+
+- name: Set timezone
+  timezone:
+    name: "{{ timezone }}"
+  tags: ['system']
+
+- name: Create admin users
+  user:
+    name: "{{ item.name }}"
+    groups: "{{ item.groups }}"
+    shell: "{{ item.shell }}"
+    create_home: true
+    state: present
+  loop: "{{ admin_users }}"
+  tags: ['users']
+
+- name: Configure SSH
+  lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: "{{ item.regexp }}"
+    line: "{{ item.line }}"
+    state: present
+  loop:
+    - { regexp: '^#?PasswordAuthentication', line: 'PasswordAuthentication no' }
+    - { regexp: '^#?PermitRootLogin', line: 'PermitRootLogin no' }
+    - { regexp: '^#?Port', line: 'Port {{ ssh_port }}' }
+  notify: restart sshd
+  tags: ['ssh', 'security']
+
+- name: Display completion
+  debug:
+    msg: "✅ Common configuration completed"