update..

2025-10-27 17:27:13 +01:00
parent 3d3f950dad
commit c82630ccf2
5 changed files with 240 additions and 129 deletions
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -10,7 +10,16 @@
 [defaults]
-ansible_managed = *** [ Ansible managed file: DO NOT EDIT DIRECTLY ] ***
+# [DEPRECATION WARNING] 'ansible_managed' used in ansible.cfg
 #
 # The `ansible_managed` variable can be set just like any other variable, or a different 
 # variable can be used.
 #
 # Alternatives: Set the `ansible_managed` variable, or use any custom variable in templates.
 #
 # This feature will be removed from ansible-core version 2.23.
 #
 #ansible_managed = *** [ Ansible managed file: DO NOT EDIT DIRECTLY ] ***
 # Use of 'ansible_managed' 
 # 
--- a/group_vars/all/main.yml
+++ b/group_vars/all/main.yml
@@ -1,5 +1,11 @@
 ---
 ansible_managed: >
  *** ANSIBLE MANAGED FILE - DO NOT EDIT ***
  This file was generated by {{ ansible_user_id }} on {{ ansible_date_time.iso8601 }}
 # ---
 # vars used by roles/ansible_dependencies
 # ---
--- a/host_vars/file-dissens.dissens.netz.yml
+++ b/host_vars/file-dissens.dissens.netz.yml
@@ -423,6 +423,7 @@ samba_user:
  - name: lino.koehler
    groups:
      - projekte
      - team
    password: '20.l1no-ko3hl3r_25/'
  - name: maite.gabriel
--- a/roles/common/tasks/samba-config-server.yml
+++ b/roles/common/tasks/samba-config-server.yml
@@ -92,14 +92,13 @@
 # ---
 - name: (samba-config-server.yml) Check if file '/root/bin/samba/clean_samba_trash.sh' exists
-  stat:
+  ansible.builtin.stat:
    path: /root/bin/samba/clean_samba_trash.sh
  register: clean_samba_trash_exists
  when:
-    - "groups['samba_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['samba_server']
-  tags:
+  tags: [samba-server, samba-cron]
-    - samba-server
+
    - samba-cron
 - name: (samba-config-server.yml) Adjust configuration for script 'clean_samba_trash.sh'
  template: 
@@ -114,36 +113,33 @@
 - name: (samba-config-server.yml) Check if cleaning up trash dirs is configured
-  lineinfile:
+  ansible.builtin.lineinfile:
    path: /root/bin/samba/conf/clean_samba_trash.conf
-    regexp: "^trash_dirs=*"
+    regexp: '^trash_dirs=*'
    state: absent
-  check_mode: yes
+  check_mode: true
  changed_when: false
  register: clean_samba_trash_dirs
  when:
-    - "groups['samba_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['samba_server']
-  tags:
+  tags: [samba-server, samba-cron]
    - samba-server
    - samba-cron
 - name: (samba-config-server.yml) Creates a cron job for cleaning up samba trash dirs
-  cron:
+  ansible.builtin.cron:
-    name: '{{ samba_cronjob_trash_dirs.name }}'
+    name: "{{ samba_cronjob_trash_dirs.name }}"
-    minute: '{{ samba_cronjob_trash_dirs.minute }}'
+    minute: "{{ samba_cronjob_trash_dirs.minute }}"
    hour: "{{ samba_cronjob_trash_dirs.hour | default('*') }}"
-    day: "{{ samba_cronjob_trash_dirs.hour.day | default('*') }}"
+    day: "{{ samba_cronjob_trash_dirs.day | default('*') }}"
-    month: "{{ samba_cronjob_trash_dirs.hour.month| default('*') }}"
+    month: "{{ samba_cronjob_trash_dirs.month | default('*') }}"
-    weekday: "{{ samba_cronjob_trash_dirs.hour.weekday| default('*') }}"
+    weekday: "{{ samba_cronjob_trash_dirs.weekday | default('*') }}"
    user: "{{ samba_cronjob_trash_dirs.user | default('root') }}"
    job: "{{ samba_cronjob_trash_dirs.job }}"
  when:
-    - "groups['samba_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['samba_server']
-    - clean_samba_trash_exists.stat.exists|bool and clean_samba_trash_dirs.found 
+    - clean_samba_trash_exists.stat.exists | bool
-  tags:
+    - (clean_samba_trash_dirs.found | int) > 0
-    - samba-server
+  tags: [samba-server, samba-cron]
    - samba-cron
 # ---
@@ -151,41 +147,37 @@
 # ---
 - name: (samba-config-server.yml) Check if file '/root/bin/samba/set_permissions_samba_shares.sh' exists
-  stat:
+  ansible.builtin.stat:
    path: /root/bin/samba/set_permissions_samba_shares.sh
  register: set_permissions_on_samba_shares_exists
  when:
-    - "groups['samba_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['samba_server']
-  tags:
+  tags: [samba-server, samba-cron]
-    - samba-server
+
    - samba-cron
 - name: (samba-config-server.yml) Adjust configuration for script 'set_permissions_samba_shares.sh'
-  template: 
+  ansible.builtin.template:
    dest: /root/bin/samba/conf/set_permissions_samba_shares.conf
    src: root/bin/samba/conf/set_permissions_samba_shares.conf.j2
  when:
-    - "groups['samba_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['samba_server']
-    - set_permissions_on_samba_shares_exists.stat.exists|bool
+    - set_permissions_on_samba_shares_exists.stat.exists | bool
-  tags:
+  tags: [samba-server, samba-cron]
    - samba-server
    - samba-cron
 - name: (samba-config-server.yml) Creates a cron job for cleaning up samba trash dirs
-  cron:
+  ansible.builtin.cron:
-    name: '{{ samba_cronjob_permissions.name }}'
+    name: "{{ samba_cronjob_permissions.name }}"
-    minute: '{{ samba_cronjob_permissions.minute }}'
+    minute: "{{ samba_cronjob_permissions.minute }}"
    hour: "{{ samba_cronjob_permissions.hour | default('*') }}"
    day: "{{ samba_cronjob_permissions.day | default('*') }}"
-    month: "{{ samba_cronjob_permissions.month| default('*') }}"
+    month: "{{ samba_cronjob_permissions.month | default('*') }}"
-    weekday: "{{ samba_cronjob_permissions.weekday| default('*') }}"
+    weekday: "{{ samba_cronjob_permissions.weekday | default('*') }}"
    user: "{{ samba_cronjob_permissions.user | default('root') }}"
    job: "{{ samba_cronjob_permissions.job }}"
  when:
-    - "groups['samba_server']|string is search(inventory_hostname)"
+    - inventory_hostname in groups['samba_server']
-    - clean_samba_trash_dirs.found
+    - (clean_samba_trash_dirs.found | int) > 0     # << int -> bool
-  tags:
+  tags: [samba-server, samba-cron]
-    - samba-server
+
    - samba-cron
--- a/roles/common/tasks/users-systemfiles.yml
+++ b/roles/common/tasks/users-systemfiles.yml
@@ -17,6 +17,7 @@
  local_action: stat path={{ inventory_dir }}/files/homedirs/root
  register: local_template_dir_root
 # --
 # Copy .bashrc
 # ---
@@ -40,22 +41,37 @@
  tags:
    - bash
- name: (users-systemfiles.yml) copy .bashrc if it exists
+# 1. Prüfen, ob für jeden User ein lokales _bashrc existiert
-  copy: 
+- name: (users-systemfiles.yml) stat user _bashrc
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_bashrc') }}"
+  ansible.builtin.stat:
-    dest: "~{{ item.item.name }}/.bashrc"
+    path: "{{ inventory_dir }}/files/homedirs/{{ item.name }}/_bashrc"
-    owner: "{{ item.item.name }}"
+  delegate_to: localhost
-    group: "{{ item.item.name }}"
+  become: false
-    mode: 0644
+  loop: "{{ default_user }}"
-  loop: "{{ local_template_dir_default_user.results }}"
+  register: bashrc_stats
  loop_control:
-    label: '{{ item.item.name }}'
+    label: '{{ item.name }}'
 # 2. Falls vorhanden, Datei kopieren
 - name: (users-systemfiles.yml) copy .bashrc if it exists
  ansible.builtin.copy:
    src: "{{ inventory_dir }}/files/homedirs/{{ user.name }}/_bashrc"
    dest: "~{{ user.name }}/.bashrc"
    owner: "{{ user.name }}"
    group: "{{ user.name }}"
    mode: '0644'
  loop: "{{ default_user | zip(bashrc_stats.results) | list }}"
  loop_control:
    label: "{{ user.name }}"
  when:
-    - item.stat.exists
+    - stat_result.stat.exists
-    - lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_bashrc')
+  vars:
    user: "{{ item.0 }}"
    stat_result: "{{ item.1 }}"
  tags:
    - bash
 - name: (users-systemfiles.yml) Check if file '/root/.bashrc.ORIG' exists
  stat:
    path: /root/.bashrc.ORIG
@@ -69,19 +85,28 @@
  tags:
    - bash
- name: (users-systemfiles.yml) copy .bashrc for user root
+# 1) Prüfen ob die _bashrc für root auf dem Control-Node existiert
-  copy: 
+- name: stat root _bashrc on control node
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_bashrc') }}"
+  ansible.builtin.stat:
-    dest: "/root/.bashrc"
+    path: "{{ inventory_dir }}/files/homedirs/root/_bashrc"
  delegate_to: localhost
  become: false
  register: bashrc_root_stat
 # 2) Wenn vorhanden, kopieren wir sie nach /root/.bashrc auf dem Zielhost
 - name: copy root .bashrc if it exists
  ansible.builtin.copy:
    src: "{{ inventory_dir }}/files/homedirs/root/_bashrc"
    dest: /root/.bashrc
    owner: root
    group: root
-    mode: 0644
+    mode: '0644'
-  when: 
+  become: true
-    - local_template_dir_root.stat.exists
+  when: bashrc_root_stat.stat.exists
    - lookup('fileglob', inventory_dir + '/files/homedirs/root/_bashrc')
  tags:
    - bash
 # --
 # Copy .profile (Debian System)
 # ---
@@ -108,23 +133,37 @@
    - item.stat.exists == False
  tags:
    - profile
-    
+
- name: (users-systemfiles.yml) copy .profile if it exists
+
-  copy: 
+# 1. Prüfen, ob für jeden User ein lokales _profile existiert
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_profile') }}"
+- name: (users-systemfiles.yml) stat user _profile
-    dest: "~{{ item.item.name }}/.profile"
+  ansible.builtin.stat:
-    owner: "{{ item.item.name }}"
+    path: "{{ inventory_dir }}/files/homedirs/{{ item.name }}/_profile"
-    group: "{{ item.item.name }}"
+  delegate_to: localhost
-    mode: 0644
+  become: false
-  loop: "{{  local_template_dir_default_user.results }}"
+  loop: "{{ default_user }}"
  register: profile_stats
  loop_control:
-    label: '{{ item.item.name }}'
+    label: '{{ item.name }}'
 # 2. Falls vorhanden, Datei kopieren
 - name: (users-systemfiles.yml) copy .profile if it exists
  ansible.builtin.copy:
    src: "{{ inventory_dir }}/files/homedirs/{{ user.name }}/_profile"
    dest: "~{{ user.name }}/.profile"
    owner: "{{ user.name }}"
    group: "{{ user.name }}"
    mode: '0644'
  loop: "{{ default_user | zip(profile_stats.results) | list }}"
  loop_control:
    label: "{{ user.name }}"
  when:
-    - ansible_facts['distribution'] == "Debian"
+    - stat_result.stat.exists
-    - item.stat.exists
+  vars:
-    - lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_profile')
+    user: "{{ item.0 }}"
    stat_result: "{{ item.1 }}"
  tags:
-    - profile
+    - bash
 - name: (users-systemfiles.yml) Check if file '/root/.profile.ORIG' exists
  stat:
@@ -143,19 +182,27 @@
  tags:
    - profile
- name: (users-systemfiles.yml) copy .profile for user root
+
-  copy: 
+# 1) Prüfen ob die _profile für root auf dem Control-Node existiert
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_profile') }}"
+- name: stat root _profile on control node
-    dest: "/root/.profile"
+  ansible.builtin.stat:
    path: "{{ inventory_dir }}/files/homedirs/root/_profile"
  delegate_to: localhost
  become: false
  register: profile_root_stat
 # 2) Wenn vorhanden, kopieren wir sie nach /root/.profile auf dem Zielhost
 - name: copy root .profile if it exists
  ansible.builtin.copy:
    src: "{{ inventory_dir }}/files/homedirs/root/_profile"
    dest: /root/.profile
    owner: root
    group: root
-    mode: 0644
+    mode: '0644'
-  when: 
+  become: true
-    - ansible_facts['distribution'] == "Debian"
+  when: profile_root_stat.stat.exists
    - local_template_dir_root.stat.exists
    - lookup('fileglob', inventory_dir + '/files/homedirs/root/_profile')
  tags:
-    - profile
+    - bash
 # --
 # Copy .bash_profile (CentOS/Fedora?/RedHat? System)
@@ -184,22 +231,39 @@
  tags:
    - profile
- name: (users-systemfiles.yml) copy .bash_profile if it exists
+
-  copy: 
+# 1. Prüfen, ob für jeden User ein lokales _bash_profile existiert
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_bash_profile') }}"
+- name: (users-systemfiles.yml) stat user _bash_profile
-    dest: "~{{ item.item.name }}/.bash_profile"
+  ansible.builtin.stat:
-    owner: "{{ item.item.name }}"
+    path: "{{ inventory_dir }}/files/homedirs/{{ item.name }}/_bash_profile"
-    group: "{{ item.item.name }}"
+  delegate_to: localhost
-    mode: 0644
+  become: false
-  loop: "{{  local_template_dir_default_user.results }}"
+  loop: "{{ default_user }}"
  register: bash_profile_stats
  loop_control:
-    label: '{{ item.item.name }}'
+    label: '{{ item.name }}'
  when:
    - ansible_facts['distribution'] == "CentOS"
-    - item.stat.exists
+
-    - lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_bash_profile')
+# 2. Falls vorhanden, Datei kopieren
 - name: (users-systemfiles.yml) copy .bash_profile if it exists
  ansible.builtin.copy:
    src: "{{ inventory_dir }}/files/homedirs/{{ user.name }}/_bash_profile"
    dest: "~{{ user.name }}/.bash_profile"
    owner: "{{ user.name }}"
    group: "{{ user.name }}"
    mode: '0644'
  loop: "{{ default_user | zip(bash_profile_stats.results) | list }}"
  loop_control:
    label: "{{ user.name }}"
  when:
    - ansible_facts['distribution'] == "CentOS"
    - stat_result.stat.exists
  vars:
    user: "{{ item.0 }}"
    stat_result: "{{ item.1 }}"
  tags:
-    - profile
+    - bash
 - name: (users-systemfiles.yml) Check if file '/root/.bash_profile.ORIG' exists
@@ -219,39 +283,66 @@
  tags:
    - profile
- name: (users-systemfiles.yml) copy .bash_profile for user root
+
-  copy: 
+# 1) Prüfen ob die _bash_profile für root auf dem Control-Node existiert
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_bash_profile') }}"
+- name: stat root _bash_profile on control node
-    dest: "/root/.bash_profile"
+  ansible.builtin.stat:
    path: "{{ inventory_dir }}/files/homedirs/root/_bash_profile"
  delegate_to: localhost
  become: false
  register: bash_profile_root_stat
  when:
    - ansible_facts['distribution'] == "CentOS"
 # 2) Wenn vorhanden, kopieren wir sie nach /root/.bash_profile auf dem Zielhost
 - name: copy root .bash_profile if it exists
  ansible.builtin.copy:
    src: "{{ inventory_dir }}/files/homedirs/root/_bash_profile"
    dest: /root/.bash_profile
    owner: root
    group: root
-    mode: 0644
+    mode: '0644'
-  when: 
+  become: true
  when:
    - ansible_facts['distribution'] == "CentOS"
-    - local_template_dir_root.stat.exists
+    - bash_profile_root_stat.stat.exists
    - lookup('fileglob', inventory_dir + '/files/homedirs/root/_bash_profile')
  tags:
-    - profile
+    - bash
 # --
 # Copy .vimrc
 # ---
- name: (users-systemfiles.yml) copy .vimrc if it exists
+# 1. Prüfen, ob für jeden User ein lokales _vimrc existiert
-  copy: 
+- name: (users-systemfiles.yml) stat user _vimrc
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_vimrc') }}"
+  ansible.builtin.stat:
-    dest: "~{{ item.item.name }}/.vimrc"
+    path: "{{ inventory_dir }}/files/homedirs/{{ item.name }}/_vimrc"
-    owner: "{{ item.item.name }}"
+  delegate_to: localhost
-    group: "{{ item.item.name }}"
+  become: false
-    mode: 0644
+  loop: "{{ default_user }}"
-  loop: "{{  local_template_dir_default_user.results }}"
+  register: vimrc_stats
  loop_control:
-    label: '{{ item.item.name }}'
+    label: '{{ item.name }}'
 # 2. Falls vorhanden, Datei kopieren
 - name: (users-systemfiles.yml) copy .vimrc if it exists
  ansible.builtin.copy:
    src: "{{ inventory_dir }}/files/homedirs/{{ user.name }}/_vimrc"
    dest: "~{{ user.name }}/.vimrc"
    owner: "{{ user.name }}"
    group: "{{ user.name }}"
    mode: '0644'
  loop: "{{ default_user | zip(vimrc_stats.results) | list }}"
  loop_control:
    label: "{{ user.name }}"
  when:
-    - item.stat.exists
+    - stat_result.stat.exists
-    - lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_vimrc')
+  vars:
    user: "{{ item.0 }}"
    stat_result: "{{ item.1 }}"
  tags:
-    - vim
+    - bash
 - name: (users-systemfiles.yml) Check if .vim directory exists for default users
  local_action: stat path={{ inventory_dir }}/files/homedirs/{{ item.name }}/.vim
@@ -275,18 +366,30 @@
  tags:
    - vim
- name: (users-systemfiles.yml) copy .vimrc for user root
+# 1) Prüfen ob die _vimrc für root auf dem Control-Node existiert
-  copy: 
+- name: stat root _vimrc on control node
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_vimrc') }}"
+  ansible.builtin.stat:
-    dest: "/root/.vimrc"
+    path: "{{ inventory_dir }}/files/homedirs/root/_vimrc"
  delegate_to: localhost
  become: false
  register: vimrc_root_stat
  when:
    - ansible_facts['distribution'] == "CentOS"
 # 2) Wenn vorhanden, kopieren wir sie nach /root/.vimrc auf dem Zielhost
 - name: copy root .vimrc if it exists
  ansible.builtin.copy:
    src: "{{ inventory_dir }}/files/homedirs/root/_vimrc"
    dest: /root/.vimrc
    owner: root
    group: root
-    mode: 0644
+    mode: '0644'
  become: true
  when:
-    - local_template_dir_root.stat.exists
+    - ansible_facts['distribution'] == "CentOS"
-    - lookup('fileglob', inventory_dir + '/files/homedirs/root/_vimrc')
+    - vimrc_root_stat.stat.exists
  tags:
-    - vim
+    - bash
 - name: (users-systemfiles.yml) Check if local template directory .vim  exists for user root