fixed many bugs, added hostname and timezone handling
This commit is contained in:
parent
35c81220b0
commit
5eecd9f862
35
README.md
35
README.md
@ -5,9 +5,42 @@ ansible-gnu-corporate-workstation is a set of roles that enable Active Directory
|
|||||||
- Currently supports Ubuntu 16.04 LTS with Unity, will support other flavors and OS
|
- Currently supports Ubuntu 16.04 LTS with Unity, will support other flavors and OS
|
||||||
- Supports single command to deploy
|
- Supports single command to deploy
|
||||||
|
|
||||||
|
### Requirements, if not installed
|
||||||
|
|
||||||
|
- wget
|
||||||
|
- sudo
|
||||||
|
|
||||||
### Installation
|
### Installation
|
||||||
|
|
||||||
|
Run the following command using a terminal emulator :
|
||||||
```
|
```
|
||||||
wget https://raw.githubusercontent.com/paulbsd/ansible-gnu-corporate-workstation/master/provision.sh; bash provision.sh
|
wget -O provision.sh https://raw.githubusercontent.com/paulbsd/ansible-gnu-corporate-workstation/master/provision.sh; bash provision.sh
|
||||||
|
...
|
||||||
|
sudo reboot
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### License
|
||||||
|
|
||||||
|
Copyright (c) 2017, PaulBSD
|
||||||
|
All rights reserved.
|
||||||
|
|
||||||
|
Redistribution and use in source and binary forms, with or without
|
||||||
|
modification, are permitted provided that the following conditions are met:
|
||||||
|
|
||||||
|
1. Redistributions of source code must retain the above copyright notice, this
|
||||||
|
list of conditions and the following disclaimer.
|
||||||
|
2. Redistributions in binary form must reproduce the above copyright notice,
|
||||||
|
this list of conditions and the following disclaimer in the documentation
|
||||||
|
and/or other materials provided with the distribution.
|
||||||
|
|
||||||
|
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
||||||
|
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||||
|
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||||||
|
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
|
||||||
|
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
||||||
|
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
||||||
|
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||||
|
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||||
|
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
|
||||||
|
2
Vagrantfile
vendored
2
Vagrantfile
vendored
@ -4,7 +4,7 @@
|
|||||||
Vagrant.configure("2") do |config|
|
Vagrant.configure("2") do |config|
|
||||||
config.vm.box = "boxcutter/ubuntu1604-desktop"
|
config.vm.box = "boxcutter/ubuntu1604-desktop"
|
||||||
config.vm.provision "ansible" do |ansible|
|
config.vm.provision "ansible" do |ansible|
|
||||||
ansible.verbose = "vv"
|
#ansible.verbose = "vv"
|
||||||
ansible.playbook = "test.yml"
|
ansible.playbook = "test.yml"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -12,18 +12,25 @@
|
|||||||
- kbdvariant: "latin9"
|
- kbdvariant: "latin9"
|
||||||
- localelang: "fr_FR"
|
- localelang: "fr_FR"
|
||||||
- localelanguage: "fr_FR:"
|
- localelanguage: "fr_FR:"
|
||||||
|
- timezone: "Europe/Paris"
|
||||||
- languagepacks:
|
- languagepacks:
|
||||||
- language-pack-fr
|
- language-pack-fr
|
||||||
- language-pack-fr-base
|
- language-pack-fr-base
|
||||||
vars_prompt:
|
vars_prompt:
|
||||||
|
- name: "timezone"
|
||||||
|
prompt: "Timezone "
|
||||||
|
default: "Europe/Paris"
|
||||||
- name: "ad_dns_domain"
|
- name: "ad_dns_domain"
|
||||||
prompt: "Active Directory DNS domain name "
|
prompt: "Active Directory DNS domain name "
|
||||||
private: no
|
private: no
|
||||||
|
default: "organization.int"
|
||||||
- name: "ad_nt_domain"
|
- name: "ad_nt_domain"
|
||||||
prompt: "NT domain name "
|
prompt: "NT domain name "
|
||||||
private: no
|
private: no
|
||||||
|
default: "ORGANIZATION"
|
||||||
- name: "ad_admin_username"
|
- name: "ad_admin_username"
|
||||||
prompt: "Admin username "
|
prompt: "Admin username "
|
||||||
private: no
|
private: no
|
||||||
|
default: "Administrator"
|
||||||
- name: "ad_admin_password"
|
- name: "ad_admin_password"
|
||||||
prompt: "Admin password "
|
prompt: "Admin password "
|
||||||
|
@ -1,21 +1,26 @@
|
|||||||
|
---
|
||||||
- name: Update apt sources
|
- name: Update apt sources
|
||||||
apt:
|
apt:
|
||||||
update_cache=yes
|
update_cache=yes
|
||||||
upgrade=yes
|
upgrade=yes
|
||||||
tags: apt
|
tags:
|
||||||
|
- prereqs
|
||||||
|
- apt
|
||||||
|
|
||||||
- name: Install utils main utils
|
- name: Install utils main utils
|
||||||
apt: name={{ item }}
|
apt: name={{ item }}
|
||||||
with_items:
|
with_items:
|
||||||
- htop
|
- "{{ apt_pkgs }}"
|
||||||
- ncdu
|
tags:
|
||||||
- tmux
|
- prereqs
|
||||||
tags: prereqs
|
- apt
|
||||||
|
|
||||||
- name: Install needed language packs
|
- name: Install needed language packs
|
||||||
apt: name={{ item }}
|
apt: name={{ item }}
|
||||||
with_items:
|
with_items:
|
||||||
- language-pack-fr
|
- language-pack-fr
|
||||||
- language-pack-fr-base
|
- language-pack-fr-base
|
||||||
tags: prereqs
|
tags:
|
||||||
|
- prereqs
|
||||||
|
- apt
|
||||||
|
|
||||||
|
26
roles/common/tasks/hostname.yml
Normal file
26
roles/common/tasks/hostname.yml
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
---
|
||||||
|
- name: Set hostname
|
||||||
|
shell: hostname {{ ansible_hostname }}.{{ ad_dns_domain }}
|
||||||
|
|
||||||
|
- name: Set hostname file
|
||||||
|
template:
|
||||||
|
src=hostname.j2
|
||||||
|
dest=/etc/hostname
|
||||||
|
mode=0644
|
||||||
|
owner=root
|
||||||
|
group=root
|
||||||
|
tags:
|
||||||
|
- prereqs
|
||||||
|
- hostname
|
||||||
|
|
||||||
|
- name: Set hosts file
|
||||||
|
template:
|
||||||
|
src=hosts.j2
|
||||||
|
dest=/etc/hosts
|
||||||
|
mode=0644
|
||||||
|
owner=root
|
||||||
|
group=root
|
||||||
|
tags:
|
||||||
|
- prereqs
|
||||||
|
- hostname
|
||||||
|
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
- name: Set keyboard layouts
|
- name: Set keyboard layouts
|
||||||
template:
|
template:
|
||||||
src=keyboard.j2
|
src=keyboard.j2
|
||||||
@ -5,5 +6,7 @@
|
|||||||
mode=0644
|
mode=0644
|
||||||
owner=root
|
owner=root
|
||||||
group=root
|
group=root
|
||||||
tags: prereqs
|
tags:
|
||||||
|
- prereqs
|
||||||
|
- keyboard
|
||||||
|
|
||||||
|
@ -1,8 +1,16 @@
|
|||||||
|
---
|
||||||
- name: Install aptitude
|
- name: Install aptitude
|
||||||
command: apt-get install -y aptitude
|
command: apt-get install -y aptitude
|
||||||
|
|
||||||
- name: Include apt updates
|
- name: Update lists, upgrade and install needed packages
|
||||||
|
include: apt.yml
|
||||||
|
|
||||||
|
- name: Include keyboard configuration
|
||||||
include: keyboard.yml
|
include: keyboard.yml
|
||||||
|
|
||||||
- name: Install needed packages
|
- name: Include hostname configuration
|
||||||
include: apt.yml
|
include: hostname.yml
|
||||||
|
|
||||||
|
- name: Include time configuration
|
||||||
|
include: time.yml
|
||||||
|
|
||||||
|
10
roles/common/tasks/time.yml
Normal file
10
roles/common/tasks/time.yml
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
---
|
||||||
|
- name: Set Timezone
|
||||||
|
file:
|
||||||
|
src=/usr/share/zoneinfo/{{ timezone }}
|
||||||
|
dest=/etc/localtime
|
||||||
|
force=yes
|
||||||
|
state=link
|
||||||
|
tags:
|
||||||
|
- prereqs
|
||||||
|
- timezone
|
1
roles/common/templates/hostname.j2
Normal file
1
roles/common/templates/hostname.j2
Normal file
@ -0,0 +1 @@
|
|||||||
|
{{ ansible_hostname }}.{{ ad_dns_domain }}
|
7
roles/common/templates/hosts.j2
Normal file
7
roles/common/templates/hosts.j2
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
127.0.0.1 localhost
|
||||||
|
127.0.1.1 {{ ansible_hostname }}.{{ ad_dns_domain }} {{ ansible_hostname }}
|
||||||
|
|
||||||
|
# The following lines are desirable for IPv6 capable hosts
|
||||||
|
::1 localhost ip6-localhost ip6-loopback
|
||||||
|
ff02::1 ip6-allnodes
|
||||||
|
ff02::2 ip6-allrouters
|
7
roles/common/vars/main.yml
Normal file
7
roles/common/vars/main.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
apt_pkgs:
|
||||||
|
- htop
|
||||||
|
- ntp
|
||||||
|
- ntpdate
|
||||||
|
- ncdu
|
||||||
|
- tmux
|
1
roles/gdm/tasks/main.yml
Normal file
1
roles/gdm/tasks/main.yml
Normal file
@ -0,0 +1 @@
|
|||||||
|
---
|
6
roles/gdm/templates/lightdm.conf.j2
Normal file
6
roles/gdm/templates/lightdm.conf.j2
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
[SeatDefaults]
|
||||||
|
allow-guest=false
|
||||||
|
greeter-hide-users=true
|
||||||
|
greeter-show-manual-login=true
|
||||||
|
autologin-user=
|
||||||
|
|
15
roles/gdm/templates/users.conf.j2
Normal file
15
roles/gdm/templates/users.conf.j2
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
#
|
||||||
|
# User accounts configuration
|
||||||
|
#
|
||||||
|
# NOTE: If you have AccountsService installed on your system, then LightDM will
|
||||||
|
# use this instead and these settings will be ignored
|
||||||
|
#
|
||||||
|
# minimum-uid = Minimum UID required to be shown in greeter
|
||||||
|
# hidden-users = Users that are not shown to the user
|
||||||
|
# hidden-shells = Shells that indicate a user cannot login
|
||||||
|
#
|
||||||
|
[UserList]
|
||||||
|
minimum-uid=500
|
||||||
|
hidden-users=nobody nobody4 noaccess
|
||||||
|
hidden-shells=/bin/false /usr/sbin/nologin
|
||||||
|
|
@ -1,4 +0,0 @@
|
|||||||
- name: restart lightdm
|
|
||||||
service:
|
|
||||||
name=lightdm
|
|
||||||
state=restarted
|
|
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
- name: Set lightdm main configuration file
|
- name: Set lightdm main configuration file
|
||||||
template:
|
template:
|
||||||
src=lightdm.conf.j2
|
src=lightdm.conf.j2
|
||||||
@ -5,7 +6,6 @@
|
|||||||
mode=0644
|
mode=0644
|
||||||
owner=root
|
owner=root
|
||||||
group=root
|
group=root
|
||||||
notify: restart lightdm
|
|
||||||
tags: lightdm
|
tags: lightdm
|
||||||
|
|
||||||
- name: Set lightdm users.conf file
|
- name: Set lightdm users.conf file
|
||||||
@ -15,6 +15,4 @@
|
|||||||
mode=0644
|
mode=0644
|
||||||
owner=root
|
owner=root
|
||||||
group=root
|
group=root
|
||||||
notify: restart lightdm
|
|
||||||
tags: lightdm
|
tags: lightdm
|
||||||
|
|
||||||
|
Binary file not shown.
@ -1,3 +1,4 @@
|
|||||||
|
---
|
||||||
- name: Install samba and required tools
|
- name: Install samba and required tools
|
||||||
apt:
|
apt:
|
||||||
name={{ item }}
|
name={{ item }}
|
||||||
@ -10,7 +11,8 @@
|
|||||||
- ntpdate
|
- ntpdate
|
||||||
- samba
|
- samba
|
||||||
- winbind
|
- winbind
|
||||||
tags: samba_install
|
tags:
|
||||||
|
- samba
|
||||||
|
|
||||||
- name: Install nsswitch passwd config
|
- name: Install nsswitch passwd config
|
||||||
lineinfile:
|
lineinfile:
|
||||||
@ -18,7 +20,9 @@
|
|||||||
regexp="^passwd:"
|
regexp="^passwd:"
|
||||||
line="passwd{{ ':' }} files winbind"
|
line="passwd{{ ':' }} files winbind"
|
||||||
notify: restart samba
|
notify: restart samba
|
||||||
tags: samba_nsswitch
|
tags:
|
||||||
|
- samba
|
||||||
|
- nsswitch
|
||||||
|
|
||||||
- name: Install nsswitch group config
|
- name: Install nsswitch group config
|
||||||
lineinfile:
|
lineinfile:
|
||||||
@ -26,7 +30,9 @@
|
|||||||
regexp="^group:"
|
regexp="^group:"
|
||||||
line="group{{ ':' }} files winbind"
|
line="group{{ ':' }} files winbind"
|
||||||
notify: restart samba
|
notify: restart samba
|
||||||
tags: samba_nsswitch
|
tags:
|
||||||
|
- samba
|
||||||
|
- nsswitch
|
||||||
|
|
||||||
- name: Install nsswitch shadow config
|
- name: Install nsswitch shadow config
|
||||||
lineinfile:
|
lineinfile:
|
||||||
@ -34,7 +40,9 @@
|
|||||||
regexp="^shadow:"
|
regexp="^shadow:"
|
||||||
line="shadow{{ ':' }} files winbind"
|
line="shadow{{ ':' }} files winbind"
|
||||||
notify: restart samba
|
notify: restart samba
|
||||||
tags: samba_nsswitch
|
tags:
|
||||||
|
- samba
|
||||||
|
- nsswitch
|
||||||
|
|
||||||
- name: Install samba configuration
|
- name: Install samba configuration
|
||||||
template:
|
template:
|
||||||
@ -44,7 +52,9 @@
|
|||||||
owner=root
|
owner=root
|
||||||
group=root
|
group=root
|
||||||
notify: restart samba
|
notify: restart samba
|
||||||
tags: samba_smbconf
|
tags:
|
||||||
|
- samba
|
||||||
|
- smbconf
|
||||||
|
|
||||||
- name: Enable samba services
|
- name: Enable samba services
|
||||||
service:
|
service:
|
||||||
@ -54,9 +64,12 @@
|
|||||||
- smbd
|
- smbd
|
||||||
- nmbd
|
- nmbd
|
||||||
- winbind
|
- winbind
|
||||||
tags: samba_services
|
tags:
|
||||||
|
- samba
|
||||||
|
|
||||||
- name: Join domain
|
- name: Join domain
|
||||||
shell: net ads join -U {{ ad_admin_username }}%{{ ad_admin_password }}
|
shell: net ads join -U {{ ad_admin_username }}%{{ ad_admin_password }}
|
||||||
notify: restart samba
|
notify: restart samba
|
||||||
tags: samba_join
|
register: join_domain
|
||||||
|
tags: samba
|
||||||
|
|
||||||
|
4
test.yml
4
test.yml
@ -12,10 +12,12 @@
|
|||||||
- kbdvariant: "latin9"
|
- kbdvariant: "latin9"
|
||||||
- localelang: "fr_FR"
|
- localelang: "fr_FR"
|
||||||
- localelanguage: "fr_FR:"
|
- localelanguage: "fr_FR:"
|
||||||
|
- timezone: "Europe/Paris"
|
||||||
- languagepacks:
|
- languagepacks:
|
||||||
- language-pack-fr
|
- language-pack-fr
|
||||||
- language-pack-fr-base
|
- language-pack-fr-base
|
||||||
- ad_dns_domain: AD.PAULBSD.NET
|
- ad_dns_domain: ad.paulbsd.net
|
||||||
- ad_nt_domain: AD
|
- ad_nt_domain: AD
|
||||||
- ad_admin_username: Administrator
|
- ad_admin_username: Administrator
|
||||||
- ad_admin_password: Password50
|
- ad_admin_password: Password50
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user