diff --git a/ansible.cfg b/ansible.cfg index 1b12d9b..512282c 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -10,7 +10,16 @@ [defaults] -ansible_managed = *** [ Ansible managed file: DO NOT EDIT DIRECTLY ] *** +# [DEPRECATION WARNING] 'ansible_managed' used in ansible.cfg +# +# The `ansible_managed` variable can be set just like any other variable, or a different +# variable can be used. +# +# Alternatives: Set the `ansible_managed` variable, or use any custom variable in templates. +# +# This feature will be removed from ansible-core version 2.23. +# +#ansible_managed = *** [ Ansible managed file: DO NOT EDIT DIRECTLY ] *** # Use of 'ansible_managed' # diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml index 077137d..28d77ba 100644 --- a/group_vars/all/main.yml +++ b/group_vars/all/main.yml @@ -1,5 +1,11 @@ --- + +ansible_managed: > + *** ANSIBLE MANAGED FILE - DO NOT EDIT *** + This file was generated by {{ ansible_user_id }} on {{ ansible_date_time.iso8601 }} + + # --- # vars used by roles/ansible_dependencies # --- diff --git a/host_vars/file-dissens.dissens.netz.yml b/host_vars/file-dissens.dissens.netz.yml index 65d933e..3f41013 100644 --- a/host_vars/file-dissens.dissens.netz.yml +++ b/host_vars/file-dissens.dissens.netz.yml @@ -423,6 +423,7 @@ samba_user: - name: lino.koehler groups: - projekte + - team password: '20.l1no-ko3hl3r_25/' - name: maite.gabriel diff --git a/roles/common/tasks/samba-config-server.yml b/roles/common/tasks/samba-config-server.yml index 6e2ca03..553f49f 100644 --- a/roles/common/tasks/samba-config-server.yml +++ b/roles/common/tasks/samba-config-server.yml @@ -92,14 +92,13 @@ # --- - name: (samba-config-server.yml) Check if file '/root/bin/samba/clean_samba_trash.sh' exists - stat: + ansible.builtin.stat: path: /root/bin/samba/clean_samba_trash.sh register: clean_samba_trash_exists when: - - "groups['samba_server']|string is search(inventory_hostname)" - tags: - - samba-server - - samba-cron + - inventory_hostname in groups['samba_server'] + tags: [samba-server, samba-cron] + - name: (samba-config-server.yml) Adjust configuration for script 'clean_samba_trash.sh' template: @@ -114,36 +113,33 @@ - name: (samba-config-server.yml) Check if cleaning up trash dirs is configured - lineinfile: + ansible.builtin.lineinfile: path: /root/bin/samba/conf/clean_samba_trash.conf - regexp: "^trash_dirs=*" + regexp: '^trash_dirs=*' state: absent - check_mode: yes + check_mode: true changed_when: false register: clean_samba_trash_dirs when: - - "groups['samba_server']|string is search(inventory_hostname)" - tags: - - samba-server - - samba-cron + - inventory_hostname in groups['samba_server'] + tags: [samba-server, samba-cron] - name: (samba-config-server.yml) Creates a cron job for cleaning up samba trash dirs - cron: - name: '{{ samba_cronjob_trash_dirs.name }}' - minute: '{{ samba_cronjob_trash_dirs.minute }}' + ansible.builtin.cron: + name: "{{ samba_cronjob_trash_dirs.name }}" + minute: "{{ samba_cronjob_trash_dirs.minute }}" hour: "{{ samba_cronjob_trash_dirs.hour | default('*') }}" - day: "{{ samba_cronjob_trash_dirs.hour.day | default('*') }}" - month: "{{ samba_cronjob_trash_dirs.hour.month| default('*') }}" - weekday: "{{ samba_cronjob_trash_dirs.hour.weekday| default('*') }}" + day: "{{ samba_cronjob_trash_dirs.day | default('*') }}" + month: "{{ samba_cronjob_trash_dirs.month | default('*') }}" + weekday: "{{ samba_cronjob_trash_dirs.weekday | default('*') }}" user: "{{ samba_cronjob_trash_dirs.user | default('root') }}" job: "{{ samba_cronjob_trash_dirs.job }}" when: - - "groups['samba_server']|string is search(inventory_hostname)" - - clean_samba_trash_exists.stat.exists|bool and clean_samba_trash_dirs.found - tags: - - samba-server - - samba-cron + - inventory_hostname in groups['samba_server'] + - clean_samba_trash_exists.stat.exists | bool + - (clean_samba_trash_dirs.found | int) > 0 + tags: [samba-server, samba-cron] # --- @@ -151,41 +147,37 @@ # --- - name: (samba-config-server.yml) Check if file '/root/bin/samba/set_permissions_samba_shares.sh' exists - stat: + ansible.builtin.stat: path: /root/bin/samba/set_permissions_samba_shares.sh register: set_permissions_on_samba_shares_exists when: - - "groups['samba_server']|string is search(inventory_hostname)" - tags: - - samba-server - - samba-cron + - inventory_hostname in groups['samba_server'] + tags: [samba-server, samba-cron] + - name: (samba-config-server.yml) Adjust configuration for script 'set_permissions_samba_shares.sh' - template: + ansible.builtin.template: dest: /root/bin/samba/conf/set_permissions_samba_shares.conf src: root/bin/samba/conf/set_permissions_samba_shares.conf.j2 when: - - "groups['samba_server']|string is search(inventory_hostname)" - - set_permissions_on_samba_shares_exists.stat.exists|bool - tags: - - samba-server - - samba-cron + - inventory_hostname in groups['samba_server'] + - set_permissions_on_samba_shares_exists.stat.exists | bool + tags: [samba-server, samba-cron] - name: (samba-config-server.yml) Creates a cron job for cleaning up samba trash dirs - cron: - name: '{{ samba_cronjob_permissions.name }}' - minute: '{{ samba_cronjob_permissions.minute }}' + ansible.builtin.cron: + name: "{{ samba_cronjob_permissions.name }}" + minute: "{{ samba_cronjob_permissions.minute }}" hour: "{{ samba_cronjob_permissions.hour | default('*') }}" day: "{{ samba_cronjob_permissions.day | default('*') }}" - month: "{{ samba_cronjob_permissions.month| default('*') }}" - weekday: "{{ samba_cronjob_permissions.weekday| default('*') }}" + month: "{{ samba_cronjob_permissions.month | default('*') }}" + weekday: "{{ samba_cronjob_permissions.weekday | default('*') }}" user: "{{ samba_cronjob_permissions.user | default('root') }}" job: "{{ samba_cronjob_permissions.job }}" when: - - "groups['samba_server']|string is search(inventory_hostname)" - - clean_samba_trash_dirs.found - tags: - - samba-server - - samba-cron + - inventory_hostname in groups['samba_server'] + - (clean_samba_trash_dirs.found | int) > 0 # << int -> bool + tags: [samba-server, samba-cron] + diff --git a/roles/common/tasks/users-systemfiles.yml b/roles/common/tasks/users-systemfiles.yml index 85ef8f9..965a192 100644 --- a/roles/common/tasks/users-systemfiles.yml +++ b/roles/common/tasks/users-systemfiles.yml @@ -17,6 +17,7 @@ local_action: stat path={{ inventory_dir }}/files/homedirs/root register: local_template_dir_root + # -- # Copy .bashrc # --- @@ -40,22 +41,37 @@ tags: - bash -- name: (users-systemfiles.yml) copy .bashrc if it exists - copy: - src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_bashrc') }}" - dest: "~{{ item.item.name }}/.bashrc" - owner: "{{ item.item.name }}" - group: "{{ item.item.name }}" - mode: 0644 - loop: "{{ local_template_dir_default_user.results }}" +# 1. Prüfen, ob für jeden User ein lokales _bashrc existiert +- name: (users-systemfiles.yml) stat user _bashrc + ansible.builtin.stat: + path: "{{ inventory_dir }}/files/homedirs/{{ item.name }}/_bashrc" + delegate_to: localhost + become: false + loop: "{{ default_user }}" + register: bashrc_stats loop_control: - label: '{{ item.item.name }}' + label: '{{ item.name }}' + +# 2. Falls vorhanden, Datei kopieren +- name: (users-systemfiles.yml) copy .bashrc if it exists + ansible.builtin.copy: + src: "{{ inventory_dir }}/files/homedirs/{{ user.name }}/_bashrc" + dest: "~{{ user.name }}/.bashrc" + owner: "{{ user.name }}" + group: "{{ user.name }}" + mode: '0644' + loop: "{{ default_user | zip(bashrc_stats.results) | list }}" + loop_control: + label: "{{ user.name }}" when: - - item.stat.exists - - lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_bashrc') + - stat_result.stat.exists + vars: + user: "{{ item.0 }}" + stat_result: "{{ item.1 }}" tags: - bash + - name: (users-systemfiles.yml) Check if file '/root/.bashrc.ORIG' exists stat: path: /root/.bashrc.ORIG @@ -69,19 +85,28 @@ tags: - bash -- name: (users-systemfiles.yml) copy .bashrc for user root - copy: - src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_bashrc') }}" - dest: "/root/.bashrc" +# 1) Prüfen ob die _bashrc für root auf dem Control-Node existiert +- name: stat root _bashrc on control node + ansible.builtin.stat: + path: "{{ inventory_dir }}/files/homedirs/root/_bashrc" + delegate_to: localhost + become: false + register: bashrc_root_stat + +# 2) Wenn vorhanden, kopieren wir sie nach /root/.bashrc auf dem Zielhost +- name: copy root .bashrc if it exists + ansible.builtin.copy: + src: "{{ inventory_dir }}/files/homedirs/root/_bashrc" + dest: /root/.bashrc owner: root group: root - mode: 0644 - when: - - local_template_dir_root.stat.exists - - lookup('fileglob', inventory_dir + '/files/homedirs/root/_bashrc') + mode: '0644' + become: true + when: bashrc_root_stat.stat.exists tags: - bash + # -- # Copy .profile (Debian System) # --- @@ -108,23 +133,37 @@ - item.stat.exists == False tags: - profile - -- name: (users-systemfiles.yml) copy .profile if it exists - copy: - src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_profile') }}" - dest: "~{{ item.item.name }}/.profile" - owner: "{{ item.item.name }}" - group: "{{ item.item.name }}" - mode: 0644 - loop: "{{ local_template_dir_default_user.results }}" + + +# 1. Prüfen, ob für jeden User ein lokales _profile existiert +- name: (users-systemfiles.yml) stat user _profile + ansible.builtin.stat: + path: "{{ inventory_dir }}/files/homedirs/{{ item.name }}/_profile" + delegate_to: localhost + become: false + loop: "{{ default_user }}" + register: profile_stats loop_control: - label: '{{ item.item.name }}' + label: '{{ item.name }}' + +# 2. Falls vorhanden, Datei kopieren +- name: (users-systemfiles.yml) copy .profile if it exists + ansible.builtin.copy: + src: "{{ inventory_dir }}/files/homedirs/{{ user.name }}/_profile" + dest: "~{{ user.name }}/.profile" + owner: "{{ user.name }}" + group: "{{ user.name }}" + mode: '0644' + loop: "{{ default_user | zip(profile_stats.results) | list }}" + loop_control: + label: "{{ user.name }}" when: - - ansible_facts['distribution'] == "Debian" - - item.stat.exists - - lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_profile') + - stat_result.stat.exists + vars: + user: "{{ item.0 }}" + stat_result: "{{ item.1 }}" tags: - - profile + - bash - name: (users-systemfiles.yml) Check if file '/root/.profile.ORIG' exists stat: @@ -143,19 +182,27 @@ tags: - profile -- name: (users-systemfiles.yml) copy .profile for user root - copy: - src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_profile') }}" - dest: "/root/.profile" + +# 1) Prüfen ob die _profile für root auf dem Control-Node existiert +- name: stat root _profile on control node + ansible.builtin.stat: + path: "{{ inventory_dir }}/files/homedirs/root/_profile" + delegate_to: localhost + become: false + register: profile_root_stat + +# 2) Wenn vorhanden, kopieren wir sie nach /root/.profile auf dem Zielhost +- name: copy root .profile if it exists + ansible.builtin.copy: + src: "{{ inventory_dir }}/files/homedirs/root/_profile" + dest: /root/.profile owner: root group: root - mode: 0644 - when: - - ansible_facts['distribution'] == "Debian" - - local_template_dir_root.stat.exists - - lookup('fileglob', inventory_dir + '/files/homedirs/root/_profile') + mode: '0644' + become: true + when: profile_root_stat.stat.exists tags: - - profile + - bash # -- # Copy .bash_profile (CentOS/Fedora?/RedHat? System) @@ -184,22 +231,39 @@ tags: - profile -- name: (users-systemfiles.yml) copy .bash_profile if it exists - copy: - src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_bash_profile') }}" - dest: "~{{ item.item.name }}/.bash_profile" - owner: "{{ item.item.name }}" - group: "{{ item.item.name }}" - mode: 0644 - loop: "{{ local_template_dir_default_user.results }}" + +# 1. Prüfen, ob für jeden User ein lokales _bash_profile existiert +- name: (users-systemfiles.yml) stat user _bash_profile + ansible.builtin.stat: + path: "{{ inventory_dir }}/files/homedirs/{{ item.name }}/_bash_profile" + delegate_to: localhost + become: false + loop: "{{ default_user }}" + register: bash_profile_stats loop_control: - label: '{{ item.item.name }}' + label: '{{ item.name }}' when: - ansible_facts['distribution'] == "CentOS" - - item.stat.exists - - lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_bash_profile') + +# 2. Falls vorhanden, Datei kopieren +- name: (users-systemfiles.yml) copy .bash_profile if it exists + ansible.builtin.copy: + src: "{{ inventory_dir }}/files/homedirs/{{ user.name }}/_bash_profile" + dest: "~{{ user.name }}/.bash_profile" + owner: "{{ user.name }}" + group: "{{ user.name }}" + mode: '0644' + loop: "{{ default_user | zip(bash_profile_stats.results) | list }}" + loop_control: + label: "{{ user.name }}" + when: + - ansible_facts['distribution'] == "CentOS" + - stat_result.stat.exists + vars: + user: "{{ item.0 }}" + stat_result: "{{ item.1 }}" tags: - - profile + - bash - name: (users-systemfiles.yml) Check if file '/root/.bash_profile.ORIG' exists @@ -219,39 +283,66 @@ tags: - profile -- name: (users-systemfiles.yml) copy .bash_profile for user root - copy: - src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_bash_profile') }}" - dest: "/root/.bash_profile" + +# 1) Prüfen ob die _bash_profile für root auf dem Control-Node existiert +- name: stat root _bash_profile on control node + ansible.builtin.stat: + path: "{{ inventory_dir }}/files/homedirs/root/_bash_profile" + delegate_to: localhost + become: false + register: bash_profile_root_stat + when: + - ansible_facts['distribution'] == "CentOS" + +# 2) Wenn vorhanden, kopieren wir sie nach /root/.bash_profile auf dem Zielhost +- name: copy root .bash_profile if it exists + ansible.builtin.copy: + src: "{{ inventory_dir }}/files/homedirs/root/_bash_profile" + dest: /root/.bash_profile owner: root group: root - mode: 0644 - when: + mode: '0644' + become: true + when: - ansible_facts['distribution'] == "CentOS" - - local_template_dir_root.stat.exists - - lookup('fileglob', inventory_dir + '/files/homedirs/root/_bash_profile') + - bash_profile_root_stat.stat.exists tags: - - profile + - bash + # -- # Copy .vimrc # --- -- name: (users-systemfiles.yml) copy .vimrc if it exists - copy: - src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_vimrc') }}" - dest: "~{{ item.item.name }}/.vimrc" - owner: "{{ item.item.name }}" - group: "{{ item.item.name }}" - mode: 0644 - loop: "{{ local_template_dir_default_user.results }}" +# 1. Prüfen, ob für jeden User ein lokales _vimrc existiert +- name: (users-systemfiles.yml) stat user _vimrc + ansible.builtin.stat: + path: "{{ inventory_dir }}/files/homedirs/{{ item.name }}/_vimrc" + delegate_to: localhost + become: false + loop: "{{ default_user }}" + register: vimrc_stats loop_control: - label: '{{ item.item.name }}' + label: '{{ item.name }}' + +# 2. Falls vorhanden, Datei kopieren +- name: (users-systemfiles.yml) copy .vimrc if it exists + ansible.builtin.copy: + src: "{{ inventory_dir }}/files/homedirs/{{ user.name }}/_vimrc" + dest: "~{{ user.name }}/.vimrc" + owner: "{{ user.name }}" + group: "{{ user.name }}" + mode: '0644' + loop: "{{ default_user | zip(vimrc_stats.results) | list }}" + loop_control: + label: "{{ user.name }}" when: - - item.stat.exists - - lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_vimrc') + - stat_result.stat.exists + vars: + user: "{{ item.0 }}" + stat_result: "{{ item.1 }}" tags: - - vim + - bash - name: (users-systemfiles.yml) Check if .vim directory exists for default users local_action: stat path={{ inventory_dir }}/files/homedirs/{{ item.name }}/.vim @@ -275,18 +366,30 @@ tags: - vim -- name: (users-systemfiles.yml) copy .vimrc for user root - copy: - src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_vimrc') }}" - dest: "/root/.vimrc" +# 1) Prüfen ob die _vimrc für root auf dem Control-Node existiert +- name: stat root _vimrc on control node + ansible.builtin.stat: + path: "{{ inventory_dir }}/files/homedirs/root/_vimrc" + delegate_to: localhost + become: false + register: vimrc_root_stat + when: + - ansible_facts['distribution'] == "CentOS" + +# 2) Wenn vorhanden, kopieren wir sie nach /root/.vimrc auf dem Zielhost +- name: copy root .vimrc if it exists + ansible.builtin.copy: + src: "{{ inventory_dir }}/files/homedirs/root/_vimrc" + dest: /root/.vimrc owner: root group: root - mode: 0644 + mode: '0644' + become: true when: - - local_template_dir_root.stat.exists - - lookup('fileglob', inventory_dir + '/files/homedirs/root/_vimrc') + - ansible_facts['distribution'] == "CentOS" + - vimrc_root_stat.stat.exists tags: - - vim + - bash - name: (users-systemfiles.yml) Check if local template directory .vim exists for user root