fixed many bugs, added hostname and timezone handling

2017-09-04 21:49:56 +02:00 · 2017-09-04 21:49:56 +02:00 · 5eecd9f862
commit 5eecd9f862
parent 35c81220b0
19 changed files with 165 additions and 27 deletions
--- a/README.md
+++ b/README.md
@ -5,9 +5,42 @@ ansible-gnu-corporate-workstation is a set of roles that enable Active Directory
  - Currently supports Ubuntu 16.04 LTS with Unity, will support other flavors and OS
  - Supports single command to deploy

+### Requirements, if not installed
+
+- wget
+- sudo

 ### Installation

+Run the following command using a terminal emulator :
 ```
-wget https://raw.githubusercontent.com/paulbsd/ansible-gnu-corporate-workstation/master/provision.sh; bash provision.sh
+wget -O provision.sh https://raw.githubusercontent.com/paulbsd/ansible-gnu-corporate-workstation/master/provision.sh; bash provision.sh
+...
+sudo reboot
 ```
+
+### License
+
+Copyright (c) 2017, PaulBSD
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright notice,
+this list of conditions and the following disclaimer in the documentation
+and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
--- a/2
+++ b/2
@ -4,7 +4,7 @@
 Vagrant.configure("2") do |config|
  config.vm.box = "boxcutter/ubuntu1604-desktop"
  config.vm.provision "ansible" do |ansible|
-    ansible.verbose = "vv"
+    #ansible.verbose = "vv"
    ansible.playbook = "test.yml"
  end
 end
--- a/playbook.yml
+++ b/playbook.yml
@ -12,18 +12,25 @@
    - kbdvariant: "latin9"
    - localelang: "fr_FR"
    - localelanguage: "fr_FR:"
+    - timezone: "Europe/Paris"
    - languagepacks:
      - language-pack-fr
      - language-pack-fr-base
  vars_prompt:
+    - name: "timezone"
+      prompt: "Timezone "
+      default: "Europe/Paris"
    - name: "ad_dns_domain"
      prompt: "Active Directory DNS domain name "
      private: no
+      default: "organization.int"
    - name: "ad_nt_domain"
      prompt: "NT domain name "
      private: no
+      default: "ORGANIZATION"
    - name: "ad_admin_username"
      prompt: "Admin username "
      private: no
+      default: "Administrator"
    - name: "ad_admin_password"
      prompt: "Admin password "
--- a/roles/common/tasks/apt.yml
+++ b/roles/common/tasks/apt.yml
@ -1,21 +1,26 @@
+---
 - name: Update apt sources
  apt:
    update_cache=yes
    upgrade=yes
-  tags: apt
+  tags:
+    - prereqs
+    - apt

 - name: Install utils main utils
  apt: name={{ item }}
  with_items:
-    - htop
-    - ncdu
-    - tmux
-  tags: prereqs
+    - "{{ apt_pkgs }}"
+  tags:
+    - prereqs
+    - apt

 - name: Install needed language packs
  apt: name={{ item }}
  with_items:
    - language-pack-fr
    - language-pack-fr-base
-  tags: prereqs
+  tags:
+    - prereqs
+    - apt

--- a/roles/common/tasks/hostname.yml
+++ b/roles/common/tasks/hostname.yml
@ -0,0 +1,26 @@
+---
+- name: Set hostname
+  shell: hostname {{ ansible_hostname }}.{{ ad_dns_domain }}
+
+- name: Set hostname file
+  template:
+    src=hostname.j2
+    dest=/etc/hostname
+    mode=0644
+    owner=root
+    group=root
+  tags:
+    - prereqs
+    - hostname
+
+- name: Set hosts file
+  template:
+    src=hosts.j2
+    dest=/etc/hosts
+    mode=0644
+    owner=root
+    group=root
+  tags:
+    - prereqs
+    - hostname
+
--- a/roles/common/tasks/keyboard.yml
+++ b/roles/common/tasks/keyboard.yml
@ -1,3 +1,4 @@
+---
 - name: Set keyboard layouts
  template:
    src=keyboard.j2
@ -5,5 +6,7 @@
    mode=0644
    owner=root
    group=root
-  tags: prereqs
+  tags:
+    - prereqs
+    - keyboard

--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@ -1,8 +1,16 @@
+---
 - name: Install aptitude
  command: apt-get install -y aptitude

- name: Include apt updates
+- name: Update lists, upgrade and install needed packages
+  include: apt.yml
+
+- name: Include keyboard configuration
  include: keyboard.yml

- name: Install needed packages
-  include: apt.yml
+- name: Include hostname configuration
+  include: hostname.yml
+
+- name: Include time configuration
+  include: time.yml
+
--- a/roles/common/tasks/time.yml
+++ b/roles/common/tasks/time.yml
@ -0,0 +1,10 @@
+---
+- name: Set Timezone
+  file:
+    src=/usr/share/zoneinfo/{{ timezone }}
+    dest=/etc/localtime
+    force=yes
+    state=link
+  tags:
+    - prereqs
+    - timezone
--- a/roles/common/templates/hostname.j2
+++ b/roles/common/templates/hostname.j2
@ -0,0 +1 @@
+{{ ansible_hostname }}.{{ ad_dns_domain }}
--- a/roles/common/templates/hosts.j2
+++ b/roles/common/templates/hosts.j2
@ -0,0 +1,7 @@
+127.0.0.1       localhost
+127.0.1.1       {{ ansible_hostname }}.{{ ad_dns_domain }} {{ ansible_hostname }}
+
+# The following lines are desirable for IPv6 capable hosts
+::1     localhost ip6-localhost ip6-loopback
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
--- a/roles/common/vars/main.yml
+++ b/roles/common/vars/main.yml
@ -0,0 +1,7 @@
+---
+apt_pkgs:
+  - htop
+  - ntp
+  - ntpdate
+  - ncdu
+  - tmux
--- a/roles/gdm/tasks/main.yml
+++ b/roles/gdm/tasks/main.yml
@ -0,0 +1 @@
+---
--- a/roles/gdm/templates/lightdm.conf.j2
+++ b/roles/gdm/templates/lightdm.conf.j2
@ -0,0 +1,6 @@
+[SeatDefaults]
+allow-guest=false
+greeter-hide-users=true
+greeter-show-manual-login=true
+autologin-user=
+
--- a/roles/gdm/templates/users.conf.j2
+++ b/roles/gdm/templates/users.conf.j2
@ -0,0 +1,15 @@
+#
+# User accounts configuration
+#
+# NOTE: If you have AccountsService installed on your system, then LightDM will
+# use this instead and these settings will be ignored
+#
+# minimum-uid = Minimum UID required to be shown in greeter
+# hidden-users = Users that are not shown to the user
+# hidden-shells = Shells that indicate a user cannot login
+#
+[UserList]
+minimum-uid=500
+hidden-users=nobody nobody4 noaccess
+hidden-shells=/bin/false /usr/sbin/nologin
+
--- a/roles/lightdm/handlers/main.yml
+++ b/roles/lightdm/handlers/main.yml
@ -1,4 +0,0 @@
- name: restart lightdm
-  service:
-    name=lightdm
-    state=restarted
--- a/roles/lightdm/tasks/main.yml
+++ b/roles/lightdm/tasks/main.yml
@ -1,3 +1,4 @@
+---
 - name: Set lightdm main configuration file
  template:
    src=lightdm.conf.j2
@ -5,7 +6,6 @@
    mode=0644
    owner=root
    group=root
-  notify: restart lightdm
  tags: lightdm

 - name: Set lightdm users.conf file
@ -15,6 +15,4 @@
    mode=0644
    owner=root
    group=root
-  notify: restart lightdm
  tags: lightdm
-
--- a/roles/samba/tasks/.main.yml.swp
+++ b/roles/samba/tasks/.main.yml.swp
--- a/roles/samba/tasks/main.yml
+++ b/roles/samba/tasks/main.yml
@ -1,3 +1,4 @@
+---
 - name: Install samba and required tools
  apt:
    name={{ item }}
@ -10,7 +11,8 @@
    - ntpdate
    - samba
    - winbind
-  tags: samba_install
+  tags:
+    - samba

 - name: Install nsswitch passwd config
  lineinfile:
@ -18,7 +20,9 @@
    regexp="^passwd:"
    line="passwd{{ ':' }}   files winbind"
  notify: restart samba
-  tags: samba_nsswitch
+  tags:
+    - samba
+    - nsswitch

 - name: Install nsswitch group config
  lineinfile:
@ -26,7 +30,9 @@
    regexp="^group:"
    line="group{{ ':' }}    files winbind"
  notify: restart samba
-  tags: samba_nsswitch
+  tags:
+    - samba
+    - nsswitch

 - name: Install nsswitch shadow config
  lineinfile:
@ -34,7 +40,9 @@
    regexp="^shadow:"
    line="shadow{{ ':' }}   files winbind"
  notify: restart samba
-  tags: samba_nsswitch
+  tags:
+    - samba
+    - nsswitch

 - name: Install samba configuration
  template:
@ -44,7 +52,9 @@
    owner=root
    group=root
  notify: restart samba
-  tags: samba_smbconf
+  tags:
+    - samba
+    - smbconf

 - name: Enable samba services
  service:
@ -54,9 +64,12 @@
    - smbd
    - nmbd
    - winbind
-  tags: samba_services
+  tags:
+    - samba

 - name: Join domain
  shell: net ads join -U {{ ad_admin_username }}%{{ ad_admin_password }}
  notify: restart samba
-  tags: samba_join
+  register: join_domain
+  tags: samba
+
--- a/test.yml
+++ b/test.yml
@ -12,10 +12,12 @@
    - kbdvariant: "latin9"
    - localelang: "fr_FR"
    - localelanguage: "fr_FR:"
+    - timezone: "Europe/Paris"
    - languagepacks:
      - language-pack-fr
      - language-pack-fr-base
-    - ad_dns_domain: AD.PAULBSD.NET
+    - ad_dns_domain: ad.paulbsd.net
    - ad_nt_domain: AD
    - ad_admin_username: Administrator
    - ad_admin_password: Password50
+