ansible/akb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update..

Browse Source
This commit is contained in:
Christoph
2020-10-28 02:39:46 +01:00
parent 5aaee7646b
commit ce14de76cf
24 changed files with 923 additions and 1653 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
roles/common/tasks/apt.yml
View File

@ -14,6 +14,7 @@
tags:
- apt-configuration
- name: (apt.yml) apt update
apt:
update_cache: true
@ -28,6 +29,7 @@
- apt-compiler-pkgs
- apt-webserver-pkgs
- name: (apt.yml) dpkg --configure
command: >
dpkg --configure -a
@ -43,6 +45,7 @@
- apt-compiler-pkgs
- apt-webserver-pkgs
- name: (apt.yml) apt upgrade
apt:
upgrade: "{{ apt_upgrade_type }}"
@ -56,6 +59,7 @@
- apt-compiler-pkgs
- apt-webserver-pkgs
- name: (apt.yml) Initial install debian packages (stretch)
apt:
name: "{{ apt_initial_install_stretch }}"
@ -66,6 +70,7 @@
tags:
- apt-initial-install
- name: (apt.yml) Initial install debian packages (buster)
apt:
name: "{{ apt_initial_install_buster }}"
@ -76,6 +81,7 @@
tags:
- apt-initial-install
- name: (apt.yml) Initial install ubuntu packages (bionic)
apt:
name: "{{ apt_initial_install_bionic }}"
@ -96,6 +102,7 @@
tags:
- apt-initial-install
# ---
# Microcode
# ---
@ -114,6 +121,7 @@
- apt-initial-install
- apt-microcode
- name: (apt.yml) Ensure we have CPU microcode from backports for AMD CPU (debian stretch)
apt:
name: "{{ microcode_amd_package }}"
@ -129,6 +137,7 @@
- apt-initial-install
- apt-microcode
- name: (apt.yml) Install CPU microcode for Intel CPU (debian buster)
apt:
name: "{{ microcode_intel_package }}"
@ -142,6 +151,7 @@
- apt-initial-install
- apt-microcode
- name: (apt.yml) Install CPU microcode for AMD CPU (debian buster)
apt:
name: "{{ microcode_amd_package }}"
@ -156,6 +166,7 @@
- apt-initial-install
- apt-microcode
- name: (apt.yml) Install CPU microcode for Intel CPU (ubuntu bionic)
apt:
name: "{{ microcode_intel_package }}"
@ -169,6 +180,7 @@
- apt-initial-install
- apt-microcode
- name: (apt.yml) Install CPU microcode for AMD CPU (ubuntu bionic)
apt:
name: "{{ microcode_amd_package }}"
@ -183,6 +195,7 @@
- apt-initial-install
- apt-microcode
- name: (apt.yml) Install CPU microcode for Intel CPU (ubuntu xenial)
apt:
name: "{{ microcode_intel_package }}"
@ -196,6 +209,7 @@
- apt-initial-install
- apt-microcode
- name: (apt.yml) Install CPU microcode for Intel AMD (ubuntu xenial)
apt:
name: "{{ microcode_amd_package }}"
@ -223,6 +237,7 @@
- apt-initial-install
- apt-firmware
- name: (apt.yml) Install non-free Firmware packages
apt:
name: "{{ firmware_non_free_packages }}"
@ -256,8 +271,6 @@
- apt-autoremove
- apt-initial-install
- apt-microcode
- apt-compiler-pkgs
- apt-webserver-pkgs
- name: (apt.yml) clean
command: apt-get -y clean
@ -269,6 +282,3 @@
- apt-clean
- apt-initial-install
- apt-microcode
- apt-compiler-pkgs
- apt-mysql-server-pkgs
- apt-webserver-pkgs

6
roles/common/tasks/basic.yml
View File

@ -14,6 +14,7 @@
tags:
- locales
- name: (basic.yml) Create a symbolic link /bin/sh -> bash
file:
src: bash
@ -26,6 +27,7 @@
tags:
- symlink-sh
- name: (basic.yml) Check file '/etc/systemd/system.conf' exists
stat:
path: /etc/systemd/system
@ -33,6 +35,7 @@
when:
- set_default_limit_nofile|bool == true
- name: (basic.yml) Change DefaultLimitNOFILE to 1048576
lineinfile:
dest: /etc/systemd/system.conf
@ -60,6 +63,7 @@
tags:
- limits-conf
- name: (basic.yml) Create new sshd_config from template limits.conf.j2
template:
src: etc/security/limits.conf.j2
@ -92,7 +96,7 @@
- name: (basic.yml) addjust '/etc/hosts' add nis-server ..
lineinfile:
path: /etc/hosts
regexp: '^192\.168\.82\.'
regexp: '^192\.168\.'
line: '{{ nis_server_address }} {{ nis_server_name }} {{ nis_server_name.split(".")[0] }}'
when:
- "groups['nis_server']|string is search(inventory_hostname)"

2
roles/common/tasks/cups-install.yml
View File

@ -33,7 +33,7 @@
# -- file /etc/cups/cups-browsed.conf
- name: (cups.yml) Check if file '/etc/cups/cups-browsed.conf.ORIGi' exists
- name: (cups.yml) Check if file '/etc/cups/cups-browsed.conf.ORIG' exists
stat:
path: /etc/cups/cups-browsed.conf.ORIG
register: cups_browsed_conf_orig_exists

6
roles/common/tasks/luks.yml Normal file
View File

@ -0,0 +1,6 @@
- name: (luks.ym) add new key to the LUKS container (container has to exist)
luks_device:
device: "{{ luks_device }}"
keyfile: "{{ role_path + '/files/vault/luks_default_passwd' }}"
new_keyfile: "{{ role_path + '/files/vault/luks_chris_passwd' }}"

60
roles/common/tasks/main.yml
View File

@ -47,6 +47,7 @@
tags:
- ntp
# tags supported inside cups-install.yml:
#
# cups-server
@ -55,7 +56,8 @@
tags:
- cups
# tags supported inside cups-install.yml:
# tags supported inside pure-ftpd-install.yml:
#
- import_tasks: pure-ftpd-install.yml
when:
@ -63,6 +65,7 @@
tags:
- pure-ftpd
# tags supported inside nfs.yml:
#
# nfs-server
@ -78,13 +81,21 @@
# samba-client
- import_tasks: samba-install.yml
tags:
- samba-install
- samba
# tags supported inside user.yml:
# tags supported inside samba-remove-user.yml:
#
- import_tasks: samba-remove-user.yml
tags:
- samba-remove-user
# tags supported inside system-user.yml:
#
# system-user
- import_tasks: user.yml
- import_tasks: system-user.yml
when: "groups['file_server']|string is search(inventory_hostname)"
tags:
- system-user
@ -102,7 +113,7 @@
# tags supported inside nis-user.yml:
#
# system-user
# nis-user
- import_tasks: nis-user.yml
when: "groups['nis_server']|string is search(inventory_hostname)"
tags:
@ -127,6 +138,7 @@
tags:
- nis-samba-user
# tags supported inside mount_samba_shares.yml:
#
- import_tasks: mount_samba_shares.yml
@ -155,12 +167,13 @@
when: "groups['nis_server']|string is search(inventory_hostname)"
tags:
- user-systemfiles
- nis-user-systemfiles
# tags supported root_files_scripts.yml:
# tags supported root-files-scripts.yml:
# wakeup_lan
- import_tasks: root_files_scripts.yml
- import_tasks: root-files-scripts.yml
tags:
- root-files-scripts
@ -175,6 +188,7 @@
tags:
- sudoers
# tags supported inside sudoers-server.yml:
#
# sudoers-remove
@ -185,3 +199,37 @@
tags:
- sudoers
# Tasks: Configure VNC (x11vnc) for Ubuntu systems
#
# Supported OS:
# - Ubuntu 16.04LTSi
# - Ubuntu 18.04LTSi
- name: "For OS: Ubuntu 16.04LTS, Arch: amd64"
import_tasks: ubuntu-x11vnc-1604-amd64.yml
when:
- ansible_distribution_version == "16.04"
- ansible_architecture == "x86_64"
tags:
- x11vnc
- x11vnc-1604
- finish-client-install
- name: "For OS: Ubuntu 18.04LTS, Arch: amd64"
import_tasks: ubuntu-x11vnc-1804-amd64.yml
when:
- ansible_distribution_version == "18.04"
- ansible_architecture == "x86_64"
tags:
- x11vnc
- x11vnc-1804
- finish-client-install
#- name: "Configure LUKS"
# import_tasks: luks.yml
# when: "groups['client_pc']|string is search(inventory_hostname)"
# tags:
# - luks

94
roles/common/tasks/nis-user-systemfiles.yml
View File

@ -12,11 +12,6 @@
label: '{{ item.name }}'
register: local_template_dir_nis_user
# root
- name: (nis-user-systemfiles.yml) Check if local template directory exists for root
local_action: stat path={{ inventory_dir }}/files/homedirs/root
register: local_template_dir_root
# --
# Copy .profile
@ -73,32 +68,6 @@
tags:
- profile
# -- root user
- name: (nis-user-systemfiles.yml) Check if file '/root/.profile.ORIG' exists
stat:
path: /root/.profile.ORIG
register: profile_root_orig_exists
tags:
- profile
- name: (nis-user-systemfiles.yml) Backup existing users .profile file
command: cp -a /root/.profile /root/.profile.ORIG
when: profile_root_orig_exists.stat.exists == False
tags:
- profile
- name: (nis-user-systemfiles.yml) copy .profile for user root
copy:
src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_profile') }}"
dest: "/root/.profile"
owner: root
group: root
mode: 0644
when:
- local_template_dir_root.stat.exists
- lookup('fileglob', inventory_dir + '/files/homedirs/root/_profile')
tags:
- profile
# --
# Copy .bashrc
@ -154,32 +123,6 @@
tags:
- bashrc
# -- root user
- name: (nis-user-systemfiles.yml) Check if file '/root/.bashrc.ORIG' exists
stat:
path: /root/.bashrc.ORIG
register: bashrc_root_orig_exists
tags:
- bash
- name: (nis-user-systemfiles.yml) Backup /root/.bashrc file
command: cp /root/.bashrc /root/.bashrc.ORIG
when: bashrc_root_orig_exists.stat.exists == False
tags:
- bash
- name: (nis-user-systemfiles.yml) copy .bashrc for user root
copy:
src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_bashrc') }}"
dest: "/root/.bashrc"
owner: root
group: root
mode: 0644
when:
- local_template_dir_root.stat.exists
- lookup('fileglob', inventory_dir + '/files/homedirs/root/_bashrc')
tags:
- bash
# --
# Copy .vimrc
@ -238,40 +181,3 @@
tags:
- vimrc
- name: (nis-user-systemfiles.yml) copy .vimrc for user root
copy:
src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_vimrc') }}"
dest: "/root/.vimrc"
owner: root
group: root
mode: 0644
when:
- local_template_dir_root.stat.exists
- lookup('fileglob', inventory_dir + '/files/homedirs/root/_vimrc')
tags:
- vimrc
- name: (nis-user-systemfiles.yml) Check if local template directory .vim exists for user root
local_action: stat path={{ inventory_dir }}/files/homedirs/root/.vim
register: local_template_dir_vim_root
with_items: 'root'
loop_control:
label: 'root'
- name: (nis-user-systemfiles.yml) copy .vim directory for user root if it exists
copy:
src: "{{ inventory_dir + '/files/homedirs/root/.vim' }}"
dest: "/root"
owner: "root"
group: "root"
mode: 0644
with_items: "{{ local_template_dir_vim_root.results }}"
loop_control:
label: 'root'
when:
- item.stat.exists
tags:
- vim

17
roles/common/tasks/nis-user.yml
View File

@ -48,25 +48,20 @@
#- meta: end_host
- name: (nis_user.yml) Check if nis (system) user exists
shell: "getent passwd {{ item.name }}"
register: nis_user_exists
changed_when: "nis_user_exists.rc == 2"
failed_when: "nis_user_exists.rc > 2"
loop: "{{ nis_user }}"
loop_control:
label: '{{ item.name }}'
ignore_errors: true
- name: (nis_user.yml) Get database of nis (system) users
getent:
database: passwd
tags:
- nis-user
- system-user
- name: (nis_user.yml) Add nis (system) users
- name: (nis_user.yml) Add nis (system) users if not yet exists..
shell: "/root/bin/admin-stuff/add_new_user.sh {{ item.name }} '{{ item.password }}'"
loop: "{{ nis_user }}"
loop_control:
label: '{{ item.name }}'
when: nis_user_exists is changed
when:
- item.name not in getent_passwd
notify: Renew nis databases
tags:
- nis-user

6
roles/common/tasks/ntp.yml
View File

@ -11,7 +11,7 @@
state: present
when:
- ansible_os_family == "Debian"
- "groups['file_server']|string is search(inventory_hostname)"
- groups['file_server']|string is search(inventory_hostname)
tags:
- ntp-server
@ -20,14 +20,14 @@
path: /etc/ntp.conf.ORIG
register: etc_ntp_conf_ORIG
when:
- "groups['file_server']|string is search(inventory_hostname)"
- groups['file_server']|string is search(inventory_hostname)
tags:
- ntp-server
- name: (ntp.yml) Backup installation version of file '/etc/ntp.conf'
command: cp -a /etc/ntp.conf /etc/ntp.conf.ORIG
when:
- "groups['file_server']|string is search(inventory_hostname)"
- groups['file_server']|string is search(inventory_hostname)
- etc_ntp_conf_ORIG.stat.exists == False
tags:
- ntp-server

0
roles/common/tasks/root_files_scripts.yml → roles/common/tasks/root-files-scripts.yml
View File

132
roles/common/tasks/samba-install.yml
View File

@ -13,6 +13,20 @@
tags:
- samba-server
- name: (samba-install.yml) Ensure samba share directories exists
file:
path: "{{ item.path }}"
owner: "root"
group: "{{ item.group_write_list }}"
mode: '2770'
state: directory
with_items: "{{ samba_shares }}"
loop_control:
label: '{{ item.name }}'
tags:
- samba-shares
# ---
# /etc/samba/smb.conf
# ---
@ -35,22 +49,6 @@
- samba-server
- name: (samba-install.yml) Ensure file /etc/samba/users.map exists
copy:
src: "{{ role_path + '/files//etc/samba/users.map' }}"
dest: /etc/samba/users.map
owner: root
group: root
mode: 0644
when:
- "groups['samba_server']|string is search(inventory_hostname)"
notify:
- Restart smbd
- Restart nmbd
tags:
- samba-server
- name: (samba-install.yml) /etc/samba/smb.conf
template:
dest: /etc/samba/smb.conf
@ -67,6 +65,106 @@
- samba-server
- name: (samba-install.yml) Ensure file /etc/samba/users.map exists
copy:
src: "{{ role_path + '/files/etc/samba/users.map' }}"
dest: /etc/samba/users.map
owner: root
group: root
mode: 0644
when:
- "groups['samba_server']|string is search(inventory_hostname)"
notify:
- Restart smbd
- Restart nmbd
tags:
- samba-server
# ---
# Cronjob for cleaning up samba trash dirs
# ---
- name: (samba-install.yml) Check if file '/root/bin/samba/clean_samba_trash.sh' exists
stat:
path: /root/bin/samba/clean_samba_trash.sh
register: clean_samba_trash_exists
- name: (samba-install.yml) Adjust configuration for script 'clean_samba_trash.sh'
template:
dest: /root/bin/samba/conf/clean_samba_trash.conf
src: root/bin/samba/conf/clean_samba_trash.conf.j2
when:
- clean_samba_trash_exists.stat.exists|bool
tags:
- samba-server
- name: Check if cleaning up trash dirs is configured
lineinfile:
path: /root/bin/samba/conf/clean_samba_trash.conf
regexp: "^trash_dirs=*"
state: absent
check_mode: yes
changed_when: false
register: clean_samba_trash_dirs
- name: Creates a cron job for cleaning up samba trash dirs
cron:
name: '{{ samba_cronjob_trash_dirs.name }}'
minute: '{{ samba_cronjob_trash_dirs.minute }}'
hour: "{{ samba_cronjob_trash_dirs.hour | default('*') }}"
day: "{{ samba_cronjob_trash_dirs.hour.day | default('*') }}"
month: "{{ samba_cronjob_trash_dirs.hour.month| default('*') }}"
weekday: "{{ samba_cronjob_trash_dirs.hour.weekday| default('*') }}"
user: "{{ samba_cronjob_trash_dirs.user | default('root') }}"
job: "{{ samba_cronjob_trash_dirs.job }}"
when:
- clean_samba_trash_dirs.found
# ---
# Cronjob for setting permissions on samba shares
# ---
- name: (samba-install.yml) Check if file '/root/bin/samba/set_permissions_samba_shares.sh' exists
stat:
path: /root/bin/samba/set_permissions_samba_shares.sh
register: set_permissions_on_samba_shares_exists
- name: (samba-install.yml) Adjust configuration for script 'set_permissions_samba_shares.sh'
template:
dest: /root/bin/samba/conf/set_permissions_samba_shares.conf
src: root/bin/samba/conf/set_permissions_samba_shares.conf.j2
when:
- set_permissions_on_samba_shares_exists.stat.exists|bool
tags:
- samba-server
- name: Check if cleaning up trash dirs is configured
lineinfile:
path: /root/bin/samba/conf/clean_samba_trash.conf
regexp: "^trash_dirs=*"
state: absent
check_mode: yes
changed_when: false
register: set_permissions_samba_shares
- name: Creates a cron job for cleaning up samba trash dirs
cron:
name: '{{ samba_cronjob_permissions.name }}'
minute: '{{ samba_cronjob_permissions.minute }}'
hour: "{{ samba_cronjob_permissions.hour | default('*') }}"
day: "{{ samba_cronjob_permissions.day | default('*') }}"
month: "{{ samba_cronjob_permissions.month| default('*') }}"
weekday: "{{ samba_cronjob_permissions.weekday| default('*') }}"
user: "{{ samba_cronjob_permissions.user | default('root') }}"
job: "{{ samba_cronjob_permissions.job }}"
when:
- set_permissions_samba_shares.found
# ---
# Samba clients
# ---
@ -81,5 +179,3 @@
tags:
- samba-client

57
roles/common/tasks/samba-remove-user.yml Normal file
View File

@ -0,0 +1,57 @@
---
# ---
# - Remove unwanted users
# ---
- name: (samba-remove-user.yml) Check if samba user exists for removable system user
shell: pdbedit -w -L | awk -F":" '{ print $1 }' | grep '{{ item.name }}'
register: samba_remove_system_users_present
changed_when: "samba_remove_system_users_present.rc == 0"
failed_when: "samba_remove_system_users_present.rc > 1"
with_items:
- "{{ remove_system_users }}"
loop_control:
label: '{{ item.name }}'
tags:
- samba-user
- name: (samba-remove-user.yml) Remove (old) system users from samba
shell: >
smbpasswd -s -x {{ item.item.name }}
with_items:
- "{{ samba_remove_system_users_present.results }}"
loop_control:
label: '{{ item.item.name }}'
when:
- item.changed
tags:
- samba-user
- name: (samba-remove-user.yml) Check if samba user exists for removable nis user
shell: pdbedit -w -L | awk -F":" '{ print $1 }' | grep '{{ item.name }}'
register: samba_remove_nis_users_present
changed_when: "samba_remove_nis_users_present.rc == 0"
failed_when: "samba_remove_nis_users_present.rc > 1"
with_items:
- "{{ remove_nis_users }}"
loop_control:
label: '{{ item.name }}'
tags:
- samba-user
- name: (samba-remove-user.yml) Remove (old) nis users from samba
shell: >
smbpasswd -s -x {{ item.item.name }}
with_items:
- "{{ samba_remove_nis_users_present.results }}"
loop_control:
label: '{{ item.item.name }}'
when:
- item.changed
tags:
- samba-user

53
roles/common/tasks/samba-user.yml
View File

@ -1,58 +1,5 @@
---
# ---
# - Remove unwanted users
# ---
- name: (samba_user.yml) Check if samba user exists for removable system user
shell: pdbedit -w -L | awk -F":" '{ print $1 }' | grep '{{ item.name }}'
register: samba_remove_system_users_present
changed_when: "samba_remove_system_users_present.rc == 0"
failed_when: "samba_remove_system_users_present.rc > 1"
with_items:
- "{{ remove_system_users }}"
loop_control:
label: '{{ item.name }}'
tags:
- samba-user
- name: (samba_user.yml) Remove (old) system users from samba
shell: "smbpasswd -s -x {{ item.name }}"
with_items:
- "{{ remove_system_users }}"
loop_control:
label: '{{ item.name }}'
when: samba_remove_system_users_present is changed
tags:
- samba-user
- name: (samba_user.yml) Check if samba user exists for removable nis user
shell: pdbedit -w -L | awk -F":" '{ print $1 }' | grep '{{ item.name }}'
register: samba_remove_inis_users_present
changed_when: "samba_remove_inis_users_present.rc == 0"
failed_when: "samba_remove_inis_users_present.rc > 1"
with_items:
- "{{ remove_nis_users }}"
loop_control:
label: '{{ item.name }}'
tags:
- samba-user
- name: (samba_user.yml) Remove (old) nis users from samba
shell: "smbpasswd -s -x {{ item.name }}"
with_items:
- "{{ remove_nis_users }}"
loop_control:
label: '{{ item.name }}'
when: samba_remove_inis_users_present is changed
tags:
- samba-user
# ---
# - default user/groups
# ---

1
roles/common/tasks/sshd.yml
View File

@ -13,6 +13,7 @@
tags:
- sshd-config
- name: (sshd.yml) Create new sshd_config from template sshd_config.j2
template:
src: etc/ssh/sshd_config.j2

20
roles/common/tasks/user.yml → roles/common/tasks/system-user.yml
View File

@ -17,7 +17,7 @@
- name: (user.yml) Remove home directory from deleted users
file:
path: '{{ nis_base_home }}/{{ item.name }}'
path: '{{ base_home }}/{{ item.name }}'
state: absent
with_items:
- "{{ remove_system_users }}"
@ -45,26 +45,20 @@
#- meta: end_host
- name: (user.yml) Check if system users exists
shell: "getent passwd {{ item.name }}"
register: system_users_exists
changed_when: "system_users_exists.rc == 2"
failed_when: "system_users_exists.rc > 2"
loop: "{{ system_users }}"
loop_control:
label: '{{ item.name }}'
ignore_errors: true
- name: (system-user.yml) Get database of nis (system) users
getent:
database: passwd
tags:
- system-user
- name: (user.yml) Add system users
- name: (system-user.yml) Add (system) users if not yet exists..
shell: "/root/bin/admin-stuff/add_new_user.sh {{ item.name }} '{{ item.password }}'"
loop: "{{ system_users }}"
loop_control:
label: '{{ item.name }}'
when: system_users_exists is changed
when:
- item.name not in getent_passwd
notify: Renew nis databases
tags:
- system-user

63
roles/common/tasks/ubuntu-x11vnc-1604-amd64.yml Normal file
View File

@ -0,0 +1,63 @@
# Title: app-x11vnc-server
#
# Author: Luc Rutten
# Version: 1.0
# File: tasks/main.yml
#
# Description:
# Remote support
#
# Source:
# - http://c-nergy.be/blog/?p=8984
- name: "(ubuntu-x11vnc-1604-amd64.yml) check if x11vnc is already installed, if not found skipping...."
stat:
path: /usr/bin/x11vnc
register: x11vnc_active
- name: "(ubuntu-x11vnc-1604-amd64.yml) Install packages"
apt:
name: ['x11vnc']
update_cache: yes
state: present
when: x11vnc_active.stat.exists == False
- name: "(ubuntu-x11vnc-1804-amd64.yml) Install packages"
apt:
name: "{{ packages }}"
update_cache: yes
state: present
vars:
packages:
- x11vnc
- name: "(ubuntu-x11vnc-1604-amd64.yml) Store password"
shell: "x11vnc -storepasswd {{ vnc_password }} /etc/x11vnc.pass"
- name: "(ubuntu-x11vnc-1604-amd64.yml) Set permissions on /etc/x11vnc.pass"
file:
path: /etc/x11vnc.pass
mode: 0644
- name: "(ubuntu-x11vnc-1604-amd64.yml) Transfer x11vnc.service.j2 to /lib/systemd/system/x11vnc.service"
template:
src: lib/systemd/system/x11vnc.service.j2
dest: /lib/systemd/system/x11vnc.service
- name: "(ubuntu-x11vnc-1604-amd64.yml) Start x11vnc service"
shell: service x11vnc start
- name: "(ubuntu-x11vnc-1604-amd64.yml) Enable x11vnc service on boot"
systemd:
name: x11vnc.service
daemon_reload: yes
enabled: yes
state: started
- name: "(ubuntu-x11vnc-1604-amd64.yml) Blocks x11vnc in GreenOS Desktop Environment for enduser "
file:
path: "/usr/share/applications/x11vnc.desktop"
mode: 0740
owner: root
group: administrator

48
roles/common/tasks/ubuntu-x11vnc-1804-amd64.yml Normal file
View File

@ -0,0 +1,48 @@
---
# Title: app-x11vnc-server
#
# Author: Luc Rutten
# Version: 1.0
# File: tasks/main.yml
#
# Description:
# Remote support
#
# Source:
# - http://c-nergy.be/blog/?p=8984
- name: "(ubuntu-x11vnc-1804-amd64.yml) Install packages"
apt:
name: "{{ packages }}"
update_cache: yes
state: present
vars:
packages:
- x11vnc
- name: "(ubuntu-x11vnc-1804-amd64.yml) Store password"
raw: "x11vnc -storepasswd {{ vnc_password }} /etc/x11vnc.pass"
- name: "(ubuntu-x11vnc-1804-amd64.yml) Set permissions on /etc/x11vnc.pass"
file:
path: "/etc/x11vnc.pass"
mode: 0644
- name: "(ubuntu-x11vnc-1804-amd64.yml) Transfer x11vnc.service.j2 to /lib/systemd/system/x11vnc.service"
template:
src: lib/systemd/system/x11vnc.service.j2
dest: /lib/systemd/system/x11vnc.service
- name: "(ubuntu-x11vnc-1804-amd64.yml) Enable service"
systemd:
name: x11vnc.service
enabled: true
state: restarted
- name: "(ubuntu-x11vnc-1804-amd64.yml) Remove whisker menu entry for allusers (except owner and group)"
file:
path: "/usr/share/applications/x11vnc.desktop"
mode: 0750
owner: root
group: root