update..

2025-10-27 17:27:13 +01:00
parent 3d3f950dad
commit c82630ccf2
5 changed files with 240 additions and 129 deletions
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -10,7 +10,16 @@


 [defaults]
-ansible_managed = *** [ Ansible managed file: DO NOT EDIT DIRECTLY ] ***
+# [DEPRECATION WARNING] 'ansible_managed' used in ansible.cfg
+#
+# The `ansible_managed` variable can be set just like any other variable, or a different 
+# variable can be used.
+#
+# Alternatives: Set the `ansible_managed` variable, or use any custom variable in templates.
+#
+# This feature will be removed from ansible-core version 2.23.
+#
+#ansible_managed = *** [ Ansible managed file: DO NOT EDIT DIRECTLY ] ***

 # Use of 'ansible_managed' 
 # 
--- a/group_vars/all/main.yml
+++ b/group_vars/all/main.yml
@@ -1,5 +1,11 @@
 ---

+
+ansible_managed: >
+  *** ANSIBLE MANAGED FILE - DO NOT EDIT ***
+  This file was generated by {{ ansible_user_id }} on {{ ansible_date_time.iso8601 }}
+
+
 # ---
 # vars used by roles/ansible_dependencies
 # ---
--- a/host_vars/file-dissens.dissens.netz.yml
+++ b/host_vars/file-dissens.dissens.netz.yml
@@ -423,6 +423,7 @@ samba_user:
  - name: lino.koehler
    groups:
      - projekte
+      - team
    password: '20.l1no-ko3hl3r_25/'

  - name: maite.gabriel
--- a/roles/common/tasks/samba-config-server.yml
+++ b/roles/common/tasks/samba-config-server.yml
@@ -92,14 +92,13 @@
 # ---

 - name: (samba-config-server.yml) Check if file '/root/bin/samba/clean_samba_trash.sh' exists
-  stat:
+  ansible.builtin.stat:
    path: /root/bin/samba/clean_samba_trash.sh
  register: clean_samba_trash_exists
  when:
-    - "groups['samba_server']|string is search(inventory_hostname)"
-  tags:
-    - samba-server
-    - samba-cron
+    - inventory_hostname in groups['samba_server']
+  tags: [samba-server, samba-cron]
+

 - name: (samba-config-server.yml) Adjust configuration for script 'clean_samba_trash.sh'
  template: 
@@ -114,36 +113,33 @@


 - name: (samba-config-server.yml) Check if cleaning up trash dirs is configured
-  lineinfile:
+  ansible.builtin.lineinfile:
    path: /root/bin/samba/conf/clean_samba_trash.conf
-    regexp: "^trash_dirs=*"
+    regexp: '^trash_dirs=*'
    state: absent
-  check_mode: yes
+  check_mode: true
  changed_when: false
  register: clean_samba_trash_dirs
  when:
-    - "groups['samba_server']|string is search(inventory_hostname)"
-  tags:
-    - samba-server
-    - samba-cron
+    - inventory_hostname in groups['samba_server']
+  tags: [samba-server, samba-cron]


 - name: (samba-config-server.yml) Creates a cron job for cleaning up samba trash dirs
-  cron:
-    name: '{{ samba_cronjob_trash_dirs.name }}'
-    minute: '{{ samba_cronjob_trash_dirs.minute }}'
+  ansible.builtin.cron:
+    name: "{{ samba_cronjob_trash_dirs.name }}"
+    minute: "{{ samba_cronjob_trash_dirs.minute }}"
    hour: "{{ samba_cronjob_trash_dirs.hour | default('*') }}"
-    day: "{{ samba_cronjob_trash_dirs.hour.day | default('*') }}"
-    month: "{{ samba_cronjob_trash_dirs.hour.month| default('*') }}"
-    weekday: "{{ samba_cronjob_trash_dirs.hour.weekday| default('*') }}"
+    day: "{{ samba_cronjob_trash_dirs.day | default('*') }}"
+    month: "{{ samba_cronjob_trash_dirs.month | default('*') }}"
+    weekday: "{{ samba_cronjob_trash_dirs.weekday | default('*') }}"
    user: "{{ samba_cronjob_trash_dirs.user | default('root') }}"
    job: "{{ samba_cronjob_trash_dirs.job }}"
  when:
-    - "groups['samba_server']|string is search(inventory_hostname)"
-    - clean_samba_trash_exists.stat.exists|bool and clean_samba_trash_dirs.found 
-  tags:
-    - samba-server
-    - samba-cron
+    - inventory_hostname in groups['samba_server']
+    - clean_samba_trash_exists.stat.exists | bool
+    - (clean_samba_trash_dirs.found | int) > 0
+  tags: [samba-server, samba-cron]


 # ---
@@ -151,41 +147,37 @@
 # ---

 - name: (samba-config-server.yml) Check if file '/root/bin/samba/set_permissions_samba_shares.sh' exists
-  stat:
+  ansible.builtin.stat:
    path: /root/bin/samba/set_permissions_samba_shares.sh
  register: set_permissions_on_samba_shares_exists
  when:
-    - "groups['samba_server']|string is search(inventory_hostname)"
-  tags:
-    - samba-server
-    - samba-cron
+    - inventory_hostname in groups['samba_server']
+  tags: [samba-server, samba-cron]
+

 - name: (samba-config-server.yml) Adjust configuration for script 'set_permissions_samba_shares.sh'
-  template: 
+  ansible.builtin.template:
    dest: /root/bin/samba/conf/set_permissions_samba_shares.conf
    src: root/bin/samba/conf/set_permissions_samba_shares.conf.j2
  when:
-    - "groups['samba_server']|string is search(inventory_hostname)"
-    - set_permissions_on_samba_shares_exists.stat.exists|bool
-  tags:
-    - samba-server
-    - samba-cron
+    - inventory_hostname in groups['samba_server']
+    - set_permissions_on_samba_shares_exists.stat.exists | bool
+  tags: [samba-server, samba-cron]


 - name: (samba-config-server.yml) Creates a cron job for cleaning up samba trash dirs
-  cron:
-    name: '{{ samba_cronjob_permissions.name }}'
-    minute: '{{ samba_cronjob_permissions.minute }}'
+  ansible.builtin.cron:
+    name: "{{ samba_cronjob_permissions.name }}"
+    minute: "{{ samba_cronjob_permissions.minute }}"
    hour: "{{ samba_cronjob_permissions.hour | default('*') }}"
    day: "{{ samba_cronjob_permissions.day | default('*') }}"
-    month: "{{ samba_cronjob_permissions.month| default('*') }}"
-    weekday: "{{ samba_cronjob_permissions.weekday| default('*') }}"
+    month: "{{ samba_cronjob_permissions.month | default('*') }}"
+    weekday: "{{ samba_cronjob_permissions.weekday | default('*') }}"
    user: "{{ samba_cronjob_permissions.user | default('root') }}"
    job: "{{ samba_cronjob_permissions.job }}"
  when:
-    - "groups['samba_server']|string is search(inventory_hostname)"
-    - clean_samba_trash_dirs.found
-  tags:
-    - samba-server
-    - samba-cron
+    - inventory_hostname in groups['samba_server']
+    - (clean_samba_trash_dirs.found | int) > 0     # << int -> bool
+  tags: [samba-server, samba-cron]
+

--- a/roles/common/tasks/users-systemfiles.yml
+++ b/roles/common/tasks/users-systemfiles.yml
@@ -17,6 +17,7 @@
  local_action: stat path={{ inventory_dir }}/files/homedirs/root
  register: local_template_dir_root

+
 # --
 # Copy .bashrc
 # ---
@@ -40,22 +41,37 @@
  tags:
    - bash

- name: (users-systemfiles.yml) copy .bashrc if it exists
-  copy: 
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_bashrc') }}"
-    dest: "~{{ item.item.name }}/.bashrc"
-    owner: "{{ item.item.name }}"
-    group: "{{ item.item.name }}"
-    mode: 0644
-  loop: "{{ local_template_dir_default_user.results }}"
+# 1. Prüfen, ob für jeden User ein lokales _bashrc existiert
+- name: (users-systemfiles.yml) stat user _bashrc
+  ansible.builtin.stat:
+    path: "{{ inventory_dir }}/files/homedirs/{{ item.name }}/_bashrc"
+  delegate_to: localhost
+  become: false
+  loop: "{{ default_user }}"
+  register: bashrc_stats
  loop_control:
-    label: '{{ item.item.name }}'
+    label: '{{ item.name }}'
+
+# 2. Falls vorhanden, Datei kopieren
+- name: (users-systemfiles.yml) copy .bashrc if it exists
+  ansible.builtin.copy:
+    src: "{{ inventory_dir }}/files/homedirs/{{ user.name }}/_bashrc"
+    dest: "~{{ user.name }}/.bashrc"
+    owner: "{{ user.name }}"
+    group: "{{ user.name }}"
+    mode: '0644'
+  loop: "{{ default_user | zip(bashrc_stats.results) | list }}"
+  loop_control:
+    label: "{{ user.name }}"
  when:
-    - item.stat.exists
-    - lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_bashrc')
+    - stat_result.stat.exists
+  vars:
+    user: "{{ item.0 }}"
+    stat_result: "{{ item.1 }}"
  tags:
    - bash

+
 - name: (users-systemfiles.yml) Check if file '/root/.bashrc.ORIG' exists
  stat:
    path: /root/.bashrc.ORIG
@@ -69,19 +85,28 @@
  tags:
    - bash

- name: (users-systemfiles.yml) copy .bashrc for user root
-  copy: 
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_bashrc') }}"
-    dest: "/root/.bashrc"
+# 1) Prüfen ob die _bashrc für root auf dem Control-Node existiert
+- name: stat root _bashrc on control node
+  ansible.builtin.stat:
+    path: "{{ inventory_dir }}/files/homedirs/root/_bashrc"
+  delegate_to: localhost
+  become: false
+  register: bashrc_root_stat
+
+# 2) Wenn vorhanden, kopieren wir sie nach /root/.bashrc auf dem Zielhost
+- name: copy root .bashrc if it exists
+  ansible.builtin.copy:
+    src: "{{ inventory_dir }}/files/homedirs/root/_bashrc"
+    dest: /root/.bashrc
    owner: root
    group: root
-    mode: 0644
-  when: 
-    - local_template_dir_root.stat.exists
-    - lookup('fileglob', inventory_dir + '/files/homedirs/root/_bashrc')
+    mode: '0644'
+  become: true
+  when: bashrc_root_stat.stat.exists
  tags:
    - bash

+
 # --
 # Copy .profile (Debian System)
 # ---
@@ -108,23 +133,37 @@
    - item.stat.exists == False
  tags:
    - profile
-    
- name: (users-systemfiles.yml) copy .profile if it exists
-  copy: 
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_profile') }}"
-    dest: "~{{ item.item.name }}/.profile"
-    owner: "{{ item.item.name }}"
-    group: "{{ item.item.name }}"
-    mode: 0644
-  loop: "{{  local_template_dir_default_user.results }}"
+
+
+# 1. Prüfen, ob für jeden User ein lokales _profile existiert
+- name: (users-systemfiles.yml) stat user _profile
+  ansible.builtin.stat:
+    path: "{{ inventory_dir }}/files/homedirs/{{ item.name }}/_profile"
+  delegate_to: localhost
+  become: false
+  loop: "{{ default_user }}"
+  register: profile_stats
  loop_control:
-    label: '{{ item.item.name }}'
+    label: '{{ item.name }}'
+
+# 2. Falls vorhanden, Datei kopieren
+- name: (users-systemfiles.yml) copy .profile if it exists
+  ansible.builtin.copy:
+    src: "{{ inventory_dir }}/files/homedirs/{{ user.name }}/_profile"
+    dest: "~{{ user.name }}/.profile"
+    owner: "{{ user.name }}"
+    group: "{{ user.name }}"
+    mode: '0644'
+  loop: "{{ default_user | zip(profile_stats.results) | list }}"
+  loop_control:
+    label: "{{ user.name }}"
  when:
-    - ansible_facts['distribution'] == "Debian"
-    - item.stat.exists
-    - lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_profile')
+    - stat_result.stat.exists
+  vars:
+    user: "{{ item.0 }}"
+    stat_result: "{{ item.1 }}"
  tags:
-    - profile
+    - bash

 - name: (users-systemfiles.yml) Check if file '/root/.profile.ORIG' exists
  stat:
@@ -143,19 +182,27 @@
  tags:
    - profile

- name: (users-systemfiles.yml) copy .profile for user root
-  copy: 
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_profile') }}"
-    dest: "/root/.profile"
+
+# 1) Prüfen ob die _profile für root auf dem Control-Node existiert
+- name: stat root _profile on control node
+  ansible.builtin.stat:
+    path: "{{ inventory_dir }}/files/homedirs/root/_profile"
+  delegate_to: localhost
+  become: false
+  register: profile_root_stat
+
+# 2) Wenn vorhanden, kopieren wir sie nach /root/.profile auf dem Zielhost
+- name: copy root .profile if it exists
+  ansible.builtin.copy:
+    src: "{{ inventory_dir }}/files/homedirs/root/_profile"
+    dest: /root/.profile
    owner: root
    group: root
-    mode: 0644
-  when: 
-    - ansible_facts['distribution'] == "Debian"
-    - local_template_dir_root.stat.exists
-    - lookup('fileglob', inventory_dir + '/files/homedirs/root/_profile')
+    mode: '0644'
+  become: true
+  when: profile_root_stat.stat.exists
  tags:
-    - profile
+    - bash

 # --
 # Copy .bash_profile (CentOS/Fedora?/RedHat? System)
@@ -184,22 +231,39 @@
  tags:
    - profile
    
- name: (users-systemfiles.yml) copy .bash_profile if it exists
-  copy: 
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_bash_profile') }}"
-    dest: "~{{ item.item.name }}/.bash_profile"
-    owner: "{{ item.item.name }}"
-    group: "{{ item.item.name }}"
-    mode: 0644
-  loop: "{{  local_template_dir_default_user.results }}"
+
+# 1. Prüfen, ob für jeden User ein lokales _bash_profile existiert
+- name: (users-systemfiles.yml) stat user _bash_profile
+  ansible.builtin.stat:
+    path: "{{ inventory_dir }}/files/homedirs/{{ item.name }}/_bash_profile"
+  delegate_to: localhost
+  become: false
+  loop: "{{ default_user }}"
+  register: bash_profile_stats
  loop_control:
-    label: '{{ item.item.name }}'
+    label: '{{ item.name }}'
  when:
    - ansible_facts['distribution'] == "CentOS"
-    - item.stat.exists
-    - lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_bash_profile')
+
+# 2. Falls vorhanden, Datei kopieren
+- name: (users-systemfiles.yml) copy .bash_profile if it exists
+  ansible.builtin.copy:
+    src: "{{ inventory_dir }}/files/homedirs/{{ user.name }}/_bash_profile"
+    dest: "~{{ user.name }}/.bash_profile"
+    owner: "{{ user.name }}"
+    group: "{{ user.name }}"
+    mode: '0644'
+  loop: "{{ default_user | zip(bash_profile_stats.results) | list }}"
+  loop_control:
+    label: "{{ user.name }}"
+  when:
+    - ansible_facts['distribution'] == "CentOS"
+    - stat_result.stat.exists
+  vars:
+    user: "{{ item.0 }}"
+    stat_result: "{{ item.1 }}"
  tags:
-    - profile
+    - bash


 - name: (users-systemfiles.yml) Check if file '/root/.bash_profile.ORIG' exists
@@ -219,39 +283,66 @@
  tags:
    - profile

- name: (users-systemfiles.yml) copy .bash_profile for user root
-  copy: 
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_bash_profile') }}"
-    dest: "/root/.bash_profile"
+
+# 1) Prüfen ob die _bash_profile für root auf dem Control-Node existiert
+- name: stat root _bash_profile on control node
+  ansible.builtin.stat:
+    path: "{{ inventory_dir }}/files/homedirs/root/_bash_profile"
+  delegate_to: localhost
+  become: false
+  register: bash_profile_root_stat
+  when:
+    - ansible_facts['distribution'] == "CentOS"
+
+# 2) Wenn vorhanden, kopieren wir sie nach /root/.bash_profile auf dem Zielhost
+- name: copy root .bash_profile if it exists
+  ansible.builtin.copy:
+    src: "{{ inventory_dir }}/files/homedirs/root/_bash_profile"
+    dest: /root/.bash_profile
    owner: root
    group: root
-    mode: 0644
-  when: 
+    mode: '0644'
+  become: true
+  when:
    - ansible_facts['distribution'] == "CentOS"
-    - local_template_dir_root.stat.exists
-    - lookup('fileglob', inventory_dir + '/files/homedirs/root/_bash_profile')
+    - bash_profile_root_stat.stat.exists
  tags:
-    - profile
+    - bash
    
+
 # --
 # Copy .vimrc
 # ---

- name: (users-systemfiles.yml) copy .vimrc if it exists
-  copy: 
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_vimrc') }}"
-    dest: "~{{ item.item.name }}/.vimrc"
-    owner: "{{ item.item.name }}"
-    group: "{{ item.item.name }}"
-    mode: 0644
-  loop: "{{  local_template_dir_default_user.results }}"
+# 1. Prüfen, ob für jeden User ein lokales _vimrc existiert
+- name: (users-systemfiles.yml) stat user _vimrc
+  ansible.builtin.stat:
+    path: "{{ inventory_dir }}/files/homedirs/{{ item.name }}/_vimrc"
+  delegate_to: localhost
+  become: false
+  loop: "{{ default_user }}"
+  register: vimrc_stats
  loop_control:
-    label: '{{ item.item.name }}'
+    label: '{{ item.name }}'
+
+# 2. Falls vorhanden, Datei kopieren
+- name: (users-systemfiles.yml) copy .vimrc if it exists
+  ansible.builtin.copy:
+    src: "{{ inventory_dir }}/files/homedirs/{{ user.name }}/_vimrc"
+    dest: "~{{ user.name }}/.vimrc"
+    owner: "{{ user.name }}"
+    group: "{{ user.name }}"
+    mode: '0644'
+  loop: "{{ default_user | zip(vimrc_stats.results) | list }}"
+  loop_control:
+    label: "{{ user.name }}"
  when:
-    - item.stat.exists
-    - lookup('fileglob', inventory_dir + '/files/homedirs/' + item.item.name + '/_vimrc')
+    - stat_result.stat.exists
+  vars:
+    user: "{{ item.0 }}"
+    stat_result: "{{ item.1 }}"
  tags:
-    - vim
+    - bash

 - name: (users-systemfiles.yml) Check if .vim directory exists for default users
  local_action: stat path={{ inventory_dir }}/files/homedirs/{{ item.name }}/.vim
@@ -275,18 +366,30 @@
  tags:
    - vim

- name: (users-systemfiles.yml) copy .vimrc for user root
-  copy: 
-    src: "{{ lookup('fileglob', inventory_dir + '/files/homedirs/root/_vimrc') }}"
-    dest: "/root/.vimrc"
+# 1) Prüfen ob die _vimrc für root auf dem Control-Node existiert
+- name: stat root _vimrc on control node
+  ansible.builtin.stat:
+    path: "{{ inventory_dir }}/files/homedirs/root/_vimrc"
+  delegate_to: localhost
+  become: false
+  register: vimrc_root_stat
+  when:
+    - ansible_facts['distribution'] == "CentOS"
+
+# 2) Wenn vorhanden, kopieren wir sie nach /root/.vimrc auf dem Zielhost
+- name: copy root .vimrc if it exists
+  ansible.builtin.copy:
+    src: "{{ inventory_dir }}/files/homedirs/root/_vimrc"
+    dest: /root/.vimrc
    owner: root
    group: root
-    mode: 0644
+    mode: '0644'
+  become: true
  when:
-    - local_template_dir_root.stat.exists
-    - lookup('fileglob', inventory_dir + '/files/homedirs/root/_vimrc')
+    - ansible_facts['distribution'] == "CentOS"
+    - vimrc_root_stat.stat.exists
  tags:
-    - vim
+    - bash


 - name: (users-systemfiles.yml) Check if local template directory .vim  exists for user root