update..

2021-11-10 15:52:13 +01:00 · 2021-11-10 15:52:13 +01:00 · 1042396802
commit 1042396802
parent 877fb3a778
6 changed files with 90 additions and 54 deletions
--- a/roles/common/tasks/apt.yml
+++ b/roles/common/tasks/apt.yml
@ -65,6 +65,7 @@
    name: "{{ apt_initial_install_stretch }}"
    state: "{{ apt_install_state }}"
  when:
    - apt_initial_install_stretch is defined and apt_initial_install_stretch|length > 0
    - ansible_facts['distribution'] == "Debian"
    - ansible_facts['distribution_major_version'] == "9"
  tags:
@ -76,12 +77,25 @@
    name: "{{ apt_initial_install_buster }}"
    state: "{{ apt_install_state }}"
  when:
    - apt_initial_install_buster is defined and apt_initial_install_buster|length > 0
    - ansible_facts['distribution'] == "Debian"
    - ansible_facts['distribution_major_version'] == "10"
  tags:
    - apt-initial-install
 - name: (apt.yml) Initial install debian packages (bullseye)
  apt:
    name: "{{ apt_initial_install_bullseye }}"
    state: "{{ apt_install_state }}"
  when:
    - apt_initial_install_bullseye is defined and apt_initial_install_bullseye|length > 0
    - ansible_facts['distribution'] == "Debian"
    - ansible_facts['distribution_major_version'] == "11"
  tags:
    - apt-initial-install
 - name: (apt.yml) Initial install ubuntu packages (bionic)
  apt:
    name: "{{ apt_initial_install_bionic }}"
@ -122,30 +136,15 @@
    - apt-microcode
- name: (apt.yml) Ensure we have CPU microcode from backports for AMD CPU (debian stretch)
+- name: (apt.yml) Install CPU microcode (debian buster/bullseye)
  apt:
    name: "{{ microcode_amd_package }}"
    state: present
    default_release: "{{ ansible_distribution_release }}-backports"
  when:
    - apt_backports_enable
    - apt_debian_contrib_nonfree_enable
    - ansible_facts['distribution'] == "Debian"
    - ansible_facts['distribution_major_version'] == "9"
    - ansible_facts['processor']|string is search("AMD")
  tags:
    - apt-initial-install
    - apt-microcode
 - name: (apt.yml) Install CPU microcode for Intel CPU (debian buster)
  apt:
    name: "{{ microcode_intel_package }}"
    state: present
    default_release: "{{ ansible_distribution_release }}"
  when:
    - apt_debian_contrib_nonfree_enable
    - ansible_facts['distribution'] == "Debian"
-    - ansible_facts['distribution_major_version'] == "10"
+    - ansible_facts['distribution_major_version'] == "10" or ansible_facts['distribution_major_version'] == "11"
    - ansible_facts['processor']|string is search("Intel")
  tags:
    - apt-initial-install
@ -228,7 +227,7 @@
 # Firmware
 # ---
- name: (apt.yml) Install Firmware packages
+- name: (apt.yml) Install Firmware packages (Ubuntu)
  apt:
     name: "{{ firmware_packages_ubuntu }}"
     state: present
@ -239,7 +238,8 @@
    - apt-initial-install
    - apt-firmware
- name: (apt.yml) Install Firmware packages
+
 - name: (apt.yml) Install Firmware packages (Debian)
  apt:
     name: "{{ firmware_packages_debian }}"
     state: present
@ -251,7 +251,7 @@
    - apt-firmware
- name: (apt.yml) Install non-free Firmware packages
+- name: (apt.yml) Install non-free Firmware packages (Debian)
  apt:
     name: "{{ firmware_non_free_packages_debian }}"
     state: present
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@ -101,6 +101,13 @@
    - samba-remove-user
 # tags supported inside system-remove-user.yml:
 #
 - import_tasks: system-remove-user.yml
  tags:
    - system-remove-user
 # tags supported inside system-user.yml:
 #
 #    system-user
--- a/roles/common/tasks/nis-user.yml
+++ b/roles/common/tasks/nis-user.yml
@ -1,32 +1,32 @@
 ---
-# ---
+## # ---
-# - Remove unwanted users
+## # - Remove unwanted users
-# ---
+## # ---
-
+##
- name: (nis_user.yml) Remove (old) users from system
+## - name: (nis_user.yml) Remove (old) users from system
-  user:
+##   user:
-    name: '{{ item.name }}'
+##     name: '{{ item.name }}'
-    state: absent
+##     state: absent
-  with_items: 
+##   with_items:
-    - "{{ remove_nis_users }}"
+##     - "{{ remove_nis_users }}"
-  loop_control:
+##   loop_control:
-    label: '{{ item.name }}'
+##     label: '{{ item.name }}'
-  tags:
+##   tags:
-    - nis-user
+##     - nis-user
-    - system-user
+##     - system-user
-
+##
- name: (nis_user.yml) Remove home directory from deleted users
+## - name: (nis_user.yml) Remove home directory from deleted users
-  file:
+##   file:
-    path: '{{ nis_base_home }}/{{ item.name }}'
+##     path: '{{ nis_base_home }}/{{ item.name }}'
-    state: absent
+##     state: absent
-  with_items: 
+##   with_items:
-    - "{{ remove_nis_users }}"
+##     - "{{ remove_nis_users }}"
-  loop_control:
+##   loop_control:
-    label: '{{ item.name }}'
+##     label: '{{ item.name }}'
-  tags:
+##   tags:
-    - nis-user
+##     - nis-user
-    - system-user
+##     - system-user
 # ---
 # - default user/groups
--- a/roles/common/tasks/samba-install.yml
+++ b/roles/common/tasks/samba-install.yml
@ -105,7 +105,7 @@
    - samba-server
- name: Check if cleaning up trash dirs is configured
+- name: (samba-install.yml) Check if cleaning up trash dirs is configured
  lineinfile:
    path: /root/bin/samba/conf/clean_samba_trash.conf
    regexp: "^trash_dirs=*"
@ -117,7 +117,7 @@
    - "groups['samba_server']|string is search(inventory_hostname)"
- name: Creates a cron job for cleaning up samba trash dirs
+- name: (samba-install.yml) Creates a cron job for cleaning up samba trash dirs
  cron:
    name: '{{ samba_cronjob_trash_dirs.name }}'
    minute: '{{ samba_cronjob_trash_dirs.minute }}'
@ -154,7 +154,7 @@
    - samba-server
- name: Creates a cron job for cleaning up samba trash dirs
+- name: (samba-install.yml) Creates a cron job for cleaning up samba trash dirs
  cron:
    name: '{{ samba_cronjob_permissions.name }}'
    minute: '{{ samba_cronjob_permissions.minute }}'
--- a/roles/common/tasks/samba-remove-user.yml
+++ b/roles/common/tasks/samba-remove-user.yml
@ -36,7 +36,7 @@
  register: samba_remove_nis_users_present
  changed_when: "samba_remove_nis_users_present.rc == 0"
  failed_when: "samba_remove_nis_users_present.rc > 1"
-  with_items: 
+  with_items:
    - "{{ remove_nis_users }}"
  loop_control:
    label: '{{ item.name }}'
@ -47,11 +47,11 @@
 - name: (samba-remove-user.yml) Remove (old) nis users from samba
  shell: >
    smbpasswd -s -x {{ item.item.name }}
-  with_items: 
+  with_items:
    - "{{ samba_remove_nis_users_present.results }}"
  loop_control:
    label: '{{ item.item.name }}'
-  when: 
+  when:
    - item.changed
  tags:
    - samba-user
--- a/roles/common/tasks/system-remove-user.yml
+++ b/roles/common/tasks/system-remove-user.yml
@ -0,0 +1,29 @@
 ---
 # ---
 # - Remove unwanted users
 # ---
 - name: (system-remove-user.yml) Remove (old) users from system
  user:
    name: '{{ item.name }}'
    state: absent
  with_items: 
    - "{{ remove_nis_users }}"
  loop_control:
    label: '{{ item.name }}'
  tags:
    - nis-user
    - system-user
 - name: (system-remove-user.yml) Remove home directory from deleted users
  file:
    path: '{{ nis_base_home }}/{{ item.name }}'
    state: absent
  with_items: 
    - "{{ remove_nis_users }}"
  loop_control:
    label: '{{ item.name }}'
  tags:
    - nis-user
    - system-user