From bdc31cb021b36e5d3023d8892523a3ec3a1647dd Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 7 Mar 2021 23:39:39 +0100 Subject: add host ch-mc --- chaos-at-home/ch-equinox-ws.yml | 8 +++++ chaos-at-home/ch-mc.yml | 21 ++++++++++++ inventory/host_vars/ch-mc.yml | 65 +++++++++++++++++++++++++++++++++++++ inventory/hosts.ini | 1 + roles/apt-repo/kodi/files/repo.gpg | Bin 0 -> 624 bytes roles/apt-repo/kodi/tasks/main.yml | 20 ++++++++++++ roles/ws/users/defaults/main.yml | 2 ++ roles/ws/users/tasks/main.yml | 15 +++++++++ 8 files changed, 132 insertions(+) create mode 100644 chaos-at-home/ch-mc.yml create mode 100644 inventory/host_vars/ch-mc.yml create mode 100644 roles/apt-repo/kodi/files/repo.gpg create mode 100644 roles/apt-repo/kodi/tasks/main.yml create mode 100644 roles/ws/users/defaults/main.yml create mode 100644 roles/ws/users/tasks/main.yml diff --git a/chaos-at-home/ch-equinox-ws.yml b/chaos-at-home/ch-equinox-ws.yml index 5f92a171..74410228 100644 --- a/chaos-at-home/ch-equinox-ws.yml +++ b/chaos-at-home/ch-equinox-ws.yml @@ -25,3 +25,11 @@ path: /etc/default/keyboard regexp: '#?\s*XKBOPTIONS=' line: 'XKBOPTIONS="caps:none"' + + - name: mount fileserver volumes + mount: + src: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets['ch-prometheus']) | ipaddr('address') }}:/" + path: /srv/files + fstype: nfs4 + opts: nodev,x-systemd.automount,nofail + state: mounted diff --git a/chaos-at-home/ch-mc.yml b/chaos-at-home/ch-mc.yml new file mode 100644 index 00000000..6f683d93 --- /dev/null +++ b/chaos-at-home/ch-mc.yml @@ -0,0 +1,21 @@ +--- +- name: Basic Setup + hosts: ch-mc + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd + - role: core/zsh + - role: core/cpu-microcode + - role: network/wakeonlan + - role: apt-repo/kodi + - role: ws/base + - role: ws/users + post_tasks: + - name: mount fileserver volumes + mount: + src: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets['ch-prometheus']) | ipaddr('address') }}:/" + path: /srv/files + fstype: nfs4 + opts: nodev,x-systemd.automount,nofail,ro + state: mounted diff --git a/inventory/host_vars/ch-mc.yml b/inventory/host_vars/ch-mc.yml new file mode 100644 index 00000000..a91639d1 --- /dev/null +++ b/inventory/host_vars/ch-mc.yml @@ -0,0 +1,65 @@ +--- +preseed_language: de +preseed_country: AT +preseed_locales: + - de_AT.UTF-8 + - de_DE.UTF-8 + - en_US.UTF-8 + +preseed_no_splash: no +preseed_install_tasks: + - xubuntu-desktop + + +install: + efi: no + disks: + primary: "/dev/disk/by-id/ata-OCZ-VERTEX2_OCZ-B7P98I86F4PC14I7" + system_lvm: + volumes: + - name: root + size: 20G + filesystem: ext4 + mountpoint: / + - name: var+log + size: 768M + filesystem: ext4 + mountpoint: /var/log + mount_options: + - noatime + - nodev + - noexec + +network: + nameservers: "{{ network_zones.lan.dns }}" + domain: "{{ host_domain }}" + primary: &_network_primary_ + name: eno1 + address: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" + gateway: "{{ network_zones.lan.gateway }}" + interfaces: + - *_network_primary_ + + +base_modules_blacklist: "{{ base_modules_blacklist_none }}" + +apt_repo_components: + - main + - restricted + - universe + - multiverse + + +ws_base_extra_packages: + - nfs-common + # needs apt-repo/kodi + - kodi + - kodi-inputstream-rtmp + - kodi-inputstream-adaptive + +ws_base_lightdm_defaults: + autologin-user: equinox + autologin-user-timeout: 0 + +ws_users: + - equinox diff --git a/inventory/hosts.ini b/inventory/hosts.ini index f7160fb3..1e052e8f 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -31,6 +31,7 @@ ch-testvm-prometheus host_name=testvm-prometheus ch-iot host_name=iot ch-vpn host_name=vpn ch-epimetheus host_name=epimetheus +ch-mc host_name=mc ch-atlas host_name=atlas ch-pan host_name=pan ch-keyserver host_name=keyserver diff --git a/roles/apt-repo/kodi/files/repo.gpg b/roles/apt-repo/kodi/files/repo.gpg new file mode 100644 index 00000000..7b2188fd Binary files /dev/null and b/roles/apt-repo/kodi/files/repo.gpg differ diff --git a/roles/apt-repo/kodi/tasks/main.yml b/roles/apt-repo/kodi/tasks/main.yml new file mode 100644 index 00000000..30bd07b5 --- /dev/null +++ b/roles/apt-repo/kodi/tasks/main.yml @@ -0,0 +1,20 @@ +--- +- name: add repository key + copy: + src: repo.gpg + dest: /etc/apt/trusted.gpg.d/kodi.gpg + register: apt_repo_kodi_key + +- name: add repository entry + copy: + content: | + deb http://ppa.launchpad.net/team-xbmc/ppa/ubuntu {{ ansible_distribution_release }} main + dest: /etc/apt/sources.list.d/kodi.list + register: apt_repo_kodi_sources + +- name: update apt cache + when: apt_repo_kodi_key is changed or + apt_repo_kodi_sources is changed + command: apt-get update + args: + warn: false diff --git a/roles/ws/users/defaults/main.yml b/roles/ws/users/defaults/main.yml new file mode 100644 index 00000000..2e82bf88 --- /dev/null +++ b/roles/ws/users/defaults/main.yml @@ -0,0 +1,2 @@ +--- +ws_users_default_shell: /bin/zsh diff --git a/roles/ws/users/tasks/main.yml b/roles/ws/users/tasks/main.yml new file mode 100644 index 00000000..23d9eb73 --- /dev/null +++ b/roles/ws/users/tasks/main.yml @@ -0,0 +1,15 @@ +--- +- name: add workstation users + loop: "{{ ws_users }}" + user: + name: "{{ item }}" + state: present + password: "{{ hostvars[inventory_hostname]['vault_user_password_'+item] }}" ## TODO: find nicer way to do this + shell: "{{ users[item].shell | default(ws_users_default_shell) }}" + +- name: install ssh keys for workstation users + loop: "{{ ws_users }}" + authorized_key: + user: "{{ item }}" + key: "{{ users[item].ssh | join('\n') }}" + exclusive: yes -- cgit v1.2.3