From 5eecd9f862a252ff61ae7c5f6362e76a83bb074c Mon Sep 17 00:00:00 2001
From: Paul Lecuq <paul@paulbsd.com>
Date: Mon, 4 Sep 2017 21:49:56 +0200
Subject: [PATCH] fixed many bugs, added hostname and timezone handling

---
 README.md                           |  35 +++++++++++++++++++++++++++-
 Vagrantfile                         |   2 +-
 playbook.yml                        |   7 ++++++
 roles/common/tasks/apt.yml          |  17 +++++++++-----
 roles/common/tasks/hostname.yml     |  26 +++++++++++++++++++++
 roles/common/tasks/keyboard.yml     |   5 +++-
 roles/common/tasks/main.yml         |  14 ++++++++---
 roles/common/tasks/time.yml         |  10 ++++++++
 roles/common/templates/hostname.j2  |   1 +
 roles/common/templates/hosts.j2     |   7 ++++++
 roles/common/vars/main.yml          |   7 ++++++
 roles/gdm/tasks/main.yml            |   1 +
 roles/gdm/templates/lightdm.conf.j2 |   6 +++++
 roles/gdm/templates/users.conf.j2   |  15 ++++++++++++
 roles/lightdm/handlers/main.yml     |   4 ----
 roles/lightdm/tasks/main.yml        |   4 +---
 roles/samba/tasks/.main.yml.swp     | Bin 12288 -> 0 bytes
 roles/samba/tasks/main.yml          |  27 +++++++++++++++------
 test.yml                            |   4 +++-
 19 files changed, 165 insertions(+), 27 deletions(-)
 create mode 100644 roles/common/tasks/hostname.yml
 create mode 100644 roles/common/tasks/time.yml
 create mode 100644 roles/common/templates/hostname.j2
 create mode 100644 roles/common/templates/hosts.j2
 create mode 100644 roles/common/vars/main.yml
 create mode 100644 roles/gdm/tasks/main.yml
 create mode 100644 roles/gdm/templates/lightdm.conf.j2
 create mode 100644 roles/gdm/templates/users.conf.j2
 delete mode 100644 roles/lightdm/handlers/main.yml
 delete mode 100644 roles/samba/tasks/.main.yml.swp

diff --git a/README.md b/README.md
index 8a5804e..6285208 100644
--- a/README.md
+++ b/README.md
@@ -5,9 +5,42 @@ ansible-gnu-corporate-workstation is a set of roles that enable Active Directory
   - Currently supports Ubuntu 16.04 LTS with Unity, will support other flavors and OS
   - Supports single command to deploy
 
+### Requirements, if not installed
+
+- wget
+- sudo
 
 ### Installation
 
+Run the following command using a terminal emulator :
 ```
-wget https://raw.githubusercontent.com/paulbsd/ansible-gnu-corporate-workstation/master/provision.sh; bash provision.sh
+wget -O provision.sh https://raw.githubusercontent.com/paulbsd/ansible-gnu-corporate-workstation/master/provision.sh; bash provision.sh
+...
+sudo reboot
 ```
+
+### License
+
+Copyright (c) 2017, PaulBSD
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright notice,
+this list of conditions and the following disclaimer in the documentation
+and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
diff --git a/Vagrantfile b/Vagrantfile
index 3bd3617..6c8b378 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -4,7 +4,7 @@
 Vagrant.configure("2") do |config|
   config.vm.box = "boxcutter/ubuntu1604-desktop"
   config.vm.provision "ansible" do |ansible|
-    ansible.verbose = "vv"
+    #ansible.verbose = "vv"
     ansible.playbook = "test.yml"
   end
 end
diff --git a/playbook.yml b/playbook.yml
index 5b7ec04..0342dc6 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -12,18 +12,25 @@
     - kbdvariant: "latin9"
     - localelang: "fr_FR"
     - localelanguage: "fr_FR:"
+    - timezone: "Europe/Paris"
     - languagepacks:
       - language-pack-fr
       - language-pack-fr-base
   vars_prompt:
+    - name: "timezone"
+      prompt: "Timezone "
+      default: "Europe/Paris"
     - name: "ad_dns_domain"
       prompt: "Active Directory DNS domain name "
       private: no
+      default: "organization.int"
     - name: "ad_nt_domain"
       prompt: "NT domain name "
       private: no
+      default: "ORGANIZATION"
     - name: "ad_admin_username"
       prompt: "Admin username "
       private: no
+      default: "Administrator"
     - name: "ad_admin_password"
       prompt: "Admin password "
diff --git a/roles/common/tasks/apt.yml b/roles/common/tasks/apt.yml
index b27422d..70e81a4 100644
--- a/roles/common/tasks/apt.yml
+++ b/roles/common/tasks/apt.yml
@@ -1,21 +1,26 @@
+---
 - name: Update apt sources
   apt:
     update_cache=yes
     upgrade=yes
-  tags: apt
+  tags:
+    - prereqs
+    - apt
 
 - name: Install utils main utils
   apt: name={{ item }}
   with_items:
-    - htop
-    - ncdu
-    - tmux
-  tags: prereqs
+    - "{{ apt_pkgs }}"
+  tags:
+    - prereqs
+    - apt
 
 - name: Install needed language packs
   apt: name={{ item }}
   with_items:
     - language-pack-fr
     - language-pack-fr-base
-  tags: prereqs
+  tags:
+    - prereqs
+    - apt
 
diff --git a/roles/common/tasks/hostname.yml b/roles/common/tasks/hostname.yml
new file mode 100644
index 0000000..96fe3bb
--- /dev/null
+++ b/roles/common/tasks/hostname.yml
@@ -0,0 +1,26 @@
+---
+- name: Set hostname
+  shell: hostname {{ ansible_hostname }}.{{ ad_dns_domain }}
+
+- name: Set hostname file
+  template:
+    src=hostname.j2
+    dest=/etc/hostname
+    mode=0644
+    owner=root
+    group=root
+  tags:
+    - prereqs
+    - hostname
+
+- name: Set hosts file
+  template:
+    src=hosts.j2
+    dest=/etc/hosts
+    mode=0644
+    owner=root
+    group=root
+  tags:
+    - prereqs
+    - hostname
+
diff --git a/roles/common/tasks/keyboard.yml b/roles/common/tasks/keyboard.yml
index 7c45191..4fdaaac 100644
--- a/roles/common/tasks/keyboard.yml
+++ b/roles/common/tasks/keyboard.yml
@@ -1,3 +1,4 @@
+---
 - name: Set keyboard layouts
   template:
     src=keyboard.j2
@@ -5,5 +6,7 @@
     mode=0644
     owner=root
     group=root
-  tags: prereqs
+  tags:
+    - prereqs
+    - keyboard
 
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 861490e..8b40c06 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -1,8 +1,16 @@
+---
 - name: Install aptitude
   command: apt-get install -y aptitude
 
-- name: Include apt updates
+- name: Update lists, upgrade and install needed packages
+  include: apt.yml
+
+- name: Include keyboard configuration
   include: keyboard.yml
 
-- name: Install needed packages
-  include: apt.yml
+- name: Include hostname configuration
+  include: hostname.yml
+
+- name: Include time configuration
+  include: time.yml
+
diff --git a/roles/common/tasks/time.yml b/roles/common/tasks/time.yml
new file mode 100644
index 0000000..efd780a
--- /dev/null
+++ b/roles/common/tasks/time.yml
@@ -0,0 +1,10 @@
+---
+- name: Set Timezone
+  file:
+    src=/usr/share/zoneinfo/{{ timezone }}
+    dest=/etc/localtime
+    force=yes
+    state=link
+  tags:
+    - prereqs
+    - timezone
diff --git a/roles/common/templates/hostname.j2 b/roles/common/templates/hostname.j2
new file mode 100644
index 0000000..2ed4d11
--- /dev/null
+++ b/roles/common/templates/hostname.j2
@@ -0,0 +1 @@
+{{ ansible_hostname }}.{{ ad_dns_domain }}
diff --git a/roles/common/templates/hosts.j2 b/roles/common/templates/hosts.j2
new file mode 100644
index 0000000..2c1d111
--- /dev/null
+++ b/roles/common/templates/hosts.j2
@@ -0,0 +1,7 @@
+127.0.0.1       localhost
+127.0.1.1       {{ ansible_hostname }}.{{ ad_dns_domain }} {{ ansible_hostname }}
+
+# The following lines are desirable for IPv6 capable hosts
+::1     localhost ip6-localhost ip6-loopback
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
diff --git a/roles/common/vars/main.yml b/roles/common/vars/main.yml
new file mode 100644
index 0000000..14385c1
--- /dev/null
+++ b/roles/common/vars/main.yml
@@ -0,0 +1,7 @@
+---
+apt_pkgs:
+  - htop
+  - ntp
+  - ntpdate
+  - ncdu
+  - tmux
diff --git a/roles/gdm/tasks/main.yml b/roles/gdm/tasks/main.yml
new file mode 100644
index 0000000..ed97d53
--- /dev/null
+++ b/roles/gdm/tasks/main.yml
@@ -0,0 +1 @@
+---
diff --git a/roles/gdm/templates/lightdm.conf.j2 b/roles/gdm/templates/lightdm.conf.j2
new file mode 100644
index 0000000..1718b24
--- /dev/null
+++ b/roles/gdm/templates/lightdm.conf.j2
@@ -0,0 +1,6 @@
+[SeatDefaults]
+allow-guest=false
+greeter-hide-users=true
+greeter-show-manual-login=true
+autologin-user=
+
diff --git a/roles/gdm/templates/users.conf.j2 b/roles/gdm/templates/users.conf.j2
new file mode 100644
index 0000000..aa2c3fd
--- /dev/null
+++ b/roles/gdm/templates/users.conf.j2
@@ -0,0 +1,15 @@
+#
+# User accounts configuration
+#
+# NOTE: If you have AccountsService installed on your system, then LightDM will
+# use this instead and these settings will be ignored
+#
+# minimum-uid = Minimum UID required to be shown in greeter
+# hidden-users = Users that are not shown to the user
+# hidden-shells = Shells that indicate a user cannot login
+#
+[UserList]
+minimum-uid=500
+hidden-users=nobody nobody4 noaccess
+hidden-shells=/bin/false /usr/sbin/nologin
+
diff --git a/roles/lightdm/handlers/main.yml b/roles/lightdm/handlers/main.yml
deleted file mode 100644
index 2b3780d..0000000
--- a/roles/lightdm/handlers/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-- name: restart lightdm
-  service:
-    name=lightdm
-    state=restarted
diff --git a/roles/lightdm/tasks/main.yml b/roles/lightdm/tasks/main.yml
index 5706e28..f464266 100644
--- a/roles/lightdm/tasks/main.yml
+++ b/roles/lightdm/tasks/main.yml
@@ -1,3 +1,4 @@
+---
 - name: Set lightdm main configuration file
   template:
     src=lightdm.conf.j2
@@ -5,7 +6,6 @@
     mode=0644
     owner=root
     group=root
-  notify: restart lightdm
   tags: lightdm
 
 - name: Set lightdm users.conf file
@@ -15,6 +15,4 @@
     mode=0644
     owner=root
     group=root
-  notify: restart lightdm
   tags: lightdm
-
diff --git a/roles/samba/tasks/.main.yml.swp b/roles/samba/tasks/.main.yml.swp
deleted file mode 100644
index 406c5e888850b1d22c9081fdd7e4219d2ef69c6c..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 12288
zcmeI2ONbOl7{_b91Y?Yn6><uxY!G2(W;UB8ks%#IFb4x36chx>THRGUQ)_os+g0sk
zF`MAUi>HJfatH{XeBM2H(Suh#nOn%s5cU|)$-nyHPG%nw^df!@Kf1fR9^dz?u7+VM
zo;!KuDF3v(z;Ntk?9bk{Q=h&23wx>=%SD-n;{QARP@A*4kloNAcCwq;Y_m4shv&V4
z_PsJLjW0VQ@%p^#NL{GJ+hV0x*i^Zm6Im>JUbwTamkDjUE7^0!vDuhZMh3_L43vJU
zb7(jFc>bfg;N!!Y5BT&uCrAw$AOmE843GgbKnBPF86X3%kpZ7iu^*7{jwa{NoAcDf
zxw)ki86X2>fDDiUGC&5%02v?yWPl8i0W$Ck8W57PKXx+q_nQbF|NpnY|9{)V*duTk
z+yK9VOW+(h4UU7u;1HMv`@l3<dz-P}!F_NGTm%{%2gkrc@E(`~Yr7e{2d;ykz>i=V
zoCaTjS@6$Wj6DI5z(a5oTmhGX0cXH5@Fkc9`@l4Kx{I;Dz+><L+yS@2Rq!)d1>b=o
zcptn0f`i9kEx4eA43GgbKnBPF86X2>;1x2!xfcW1=haTq#bv7v<KxFBPmT3@X{FB#
z<-90--4w0dP^D>~8|Ar>j)%T@=LElS0k?}nX4)*4P8CLEim$HjA1}{^b0b?wl(P;G
zHTwMP&|ccGt(Bqo@j%ead7UVSV$M5!q)n`iZ0<}Jx0kNI9BDsX)Lvz-U)51Y#Ho_e
zO4CCaFG4t>N{9fd)C2UN1@l$aq)xSc>NbRx#fddbXup*r&Ig4p^Qf@aSE1OEQN{Xg
zW~GYeK3Q0(9!dy~dderwK3}AR4a3y{2(d__wxGK_j|PZ7PlZ?OQ6Djwp)_s64o&r-
zEQHr~gHnSD&^{S%8+@vbie}tUNIQbB1N{Tg#W`Qn*o@px!%P)>p$6*PJev8YuHCOo
z*E4FzYZD4xYs8ms5`J43Z&(<a*NIHpZ)-hA2Gt~tC$Mb>RqdCPK-JZY$6qZMIiA3F
zGf>xlISJH#ZIOYlU$<)hCs$?leQBN;pG&-_>vzpns^eT_o&PRp6k=v43WrK(Qly<E
t)ynwr9hh9>c=5f8a(tsuq3VC*Di^umYOM$(@qIg2V!yrQ-rCf$e*s`Y{;~i7

diff --git a/roles/samba/tasks/main.yml b/roles/samba/tasks/main.yml
index 82736ab..78c028b 100644
--- a/roles/samba/tasks/main.yml
+++ b/roles/samba/tasks/main.yml
@@ -1,3 +1,4 @@
+---
 - name: Install samba and required tools
   apt:
     name={{ item }}
@@ -10,7 +11,8 @@
     - ntpdate
     - samba
     - winbind
-  tags: samba_install
+  tags:
+    - samba
 
 - name: Install nsswitch passwd config
   lineinfile:
@@ -18,7 +20,9 @@
     regexp="^passwd:"
     line="passwd{{ ':' }}   files winbind"
   notify: restart samba
-  tags: samba_nsswitch
+  tags:
+    - samba
+    - nsswitch
 
 - name: Install nsswitch group config
   lineinfile:
@@ -26,7 +30,9 @@
     regexp="^group:"
     line="group{{ ':' }}    files winbind"
   notify: restart samba
-  tags: samba_nsswitch
+  tags:
+    - samba
+    - nsswitch
 
 - name: Install nsswitch shadow config
   lineinfile:
@@ -34,7 +40,9 @@
     regexp="^shadow:"
     line="shadow{{ ':' }}   files winbind"
   notify: restart samba
-  tags: samba_nsswitch
+  tags:
+    - samba
+    - nsswitch
 
 - name: Install samba configuration
   template:
@@ -44,7 +52,9 @@
     owner=root
     group=root
   notify: restart samba
-  tags: samba_smbconf
+  tags:
+    - samba
+    - smbconf
 
 - name: Enable samba services
   service:
@@ -54,9 +64,12 @@
     - smbd
     - nmbd
     - winbind
-  tags: samba_services
+  tags:
+    - samba
 
 - name: Join domain
   shell: net ads join -U {{ ad_admin_username }}%{{ ad_admin_password }}
   notify: restart samba
-  tags: samba_join
+  register: join_domain
+  tags: samba
+
diff --git a/test.yml b/test.yml
index 35f56db..4e5a2b7 100644
--- a/test.yml
+++ b/test.yml
@@ -12,10 +12,12 @@
     - kbdvariant: "latin9"
     - localelang: "fr_FR"
     - localelanguage: "fr_FR:"
+    - timezone: "Europe/Paris"
     - languagepacks:
       - language-pack-fr
       - language-pack-fr-base
-    - ad_dns_domain: AD.PAULBSD.NET
+    - ad_dns_domain: ad.paulbsd.net
     - ad_nt_domain: AD
     - ad_admin_username: Administrator
     - ad_admin_password: Password50
+