--- - hosts: all become: true vars: apt_packages: - aptitude - arj - cifs-utils - chromium-browser - curl - ethtool - exfat-fuse - exfat-utils - firefox-locale-de - gimp - git - gnupg2 - grsync - haveged - httrack - keepassxc - lightdm - mc - net-tools - nextcloud-client - ntpdate - pdfshuffler - smb4k - synaptic - thunderbird-locale-de - vim - vim-doc - vlc - x11vnc - xz-utils apt_repositories: - repo: ppa:nextcloud-devs/client packages_absent: - apport - gnome-initial-setup - ubuntu-web-launchers debs_present: - CQue_v4.0.5_Linux_64_DE.deb - veracrypt-1.24-Update3-Ubuntu-18.04-amd64.deb fonts_shared: - type: 'opentype' src: FrutigerLTStd-BlackCn.otf dest: frutiger/FrutigerLTStd-BlackCn.otf - type: 'opentype' src: FrutigerLTStd-BlackItalic.otf dest: frutiger/FrutigerLTStd-BlackItalic.otf - type: 'opentype' src: FrutigerLTStd-Black.otf dest: frutiger/FrutigerLTStd-Black.otf - type: 'opentype' src: FrutigerLTStd-BoldCn.otf dest: frutiger/FrutigerLTStd-BoldCn.otf - type: 'opentype' src: FrutigerLTStd-BoldItalic.otf dest: frutiger/FrutigerLTStd-BoldItalic.otf - type: 'opentype' src: FrutigerLTStd-Bold.otf dest: frutiger/FrutigerLTStd-Bold.otf - type: 'opentype' src: FrutigerLTStd-Cn.otf dest: frutiger/FrutigerLTStd-Cn.otf - type: 'opentype' src: FrutigerLTStd-ExtraBlackCn.otf dest: frutiger/FrutigerLTStd-ExtraBlackCn.otf - type: 'opentype' src: FrutigerLTStd-Italic.otf dest: frutiger/FrutigerLTStd-Italic.otf - type: 'opentype' src: FrutigerLTStd-LightCn.otf dest: frutiger/FrutigerLTStd-LightCn.otf - type: 'opentype' src: FrutigerLTStd-LightItalic.otf dest: frutiger/FrutigerLTStd-LightItalic.otf - type: 'opentype' src: FrutigerLTStd-Light.otf dest: frutiger/FrutigerLTStd-Light.otf - type: 'opentype' src: FrutigerLTStd-Roman.otf dest: frutiger/FrutigerLTStd-Roman.otf - type: 'opentype' src: FrutigerLTStd-UltraBlack.otf dest: frutiger/FrutigerLTStd-UltraBlack.otf apt_install_recommends: true apt_remove_recommends: true admin_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== christoph" physicals_packages_dropbear: - dropbear-initramfs - kbd pre_tasks: - name: add group lokaladmin group: name: lokaladmin gid: 1000 - name: ensure lokaladmin is present user: name: lokaladmin group: lokaladmin groups: adm, cdrom, sudo, dip, plugdev, lpadmin, sambashare append: True uid: 1000 password: "$6$bzVyhcWa$X3NeSycmO8qhgjtYDjjg8ANBt1jf.uvRHdkaVL6qTFhXk6RQvChJQpUtBH1Ccg5t5VR/qqoDgOgieYsX08nK31" - name: add authorized_key for christoph authorized_key: user: "{{ item }}" key: "{{ admin_key }}" with_items: - root - lokaladmin - name: Disable motd-news lineinfile: dest: /etc/default/motd-news regexp: '^ENABLED=' line: 'ENABLED=0' - name: Delete unnecessary packages apt: pkg: "{{ packages_absent }}" state: absent tags: apt roles: - role: weareinteractive.apt tags: - apt - lightdm - nextcloud - role: ontic.fonts tags: fonts - role: freedomofpress.signal-desktop tags: signal tasks: - name: copy debs copy: src: "{{ item }}" dest: /root/ owner: root group: root mode: 0644 with_items: "{{ debs_present }}" tags: apt - name: install local debs apt: deb: "/root/{{ item }}" with_items: "{{ debs_present }}" tags: apt - name: system time cron job cron: name: adjust system time minute: 3 job: /usr/sbin/ntpdate 192.168.112.254 > /dev/null - name: wake-on-lan cron job cron: name: "enable wake-on-lan interface {{ item }}" special_time: reboot job: /sbin/ethtool -s {{ item }} wol g when: item != "lo" with_items: "{{ ansible_interfaces }}" tags: wol - name: set default editor alternatives: name: editor path: /usr/bin/vim - name: get christoph admin scripts git: repo: https://git.oopen.de/script/{{ item }} dest: /root/bin/{{ item }} with_items: - admin-stuff - monitoring - name: configure lightdm copy: src: lightdm.conf dest: /etc/lightdm/lightdm.conf owner: root group: root mode: 0644 tags: lightdm - name: make lightdm default (debconf) debconf: name: 'shared' question: 'shared/default-x-display-manager' vtype: 'select' value: 'lightdm' tags: lightdm - name: make lightdm default (systemd) file: path: /etc/systemd/system/display-manager.service src: /lib/systemd/system/lightdm.service state: link tags: lightdm - name: make lightdm default (X11) copy: dest: /etc/X11/default-display-manager content: "/usr/sbin/lightdm\n" owner: root group: root mode: 0644 tags: lightdm - import_tasks: initramfs.yml - import_tasks: gnome.yml tags: - gnome - name: copy printer drivers copy: src: "{{ item }}" dest: /usr/share/ppd/custom owner: root group: lpadmin mode: 0664 with_items: - Canon_LBP712Cx.ppd - UTAX_TA_3555i.ppd notify: configure printers tags: printer handlers: - name: update initramfs command: update-initramfs -u - name: dconf update command: dconf update - name: configure printers shell: "lpadmin -p Kopierer -E -v socket://192.168.112.5 -P /usr/share/ppd/custom/UTAX_TA_3555i.ppd && lpadmin -p Farbdrucker -E -v socket://192.168.112.7 -P /usr/share/ppd/custom/Canon_LBP712Cx.ppd && lpadmin -d Kopierer" # use christophs role to configure NFS/NIS - hosts: all become: true roles: - common