initial commit
This commit is contained in:
Timo Makinen
commit
f9b5769d6c
2 changed files with 193 additions and 0 deletions
11
deploy.sh
Executable file
11
deploy.sh
Executable file
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/bash
|
||||
|
||||
# run sudo to cache creds
|
||||
sudo /bin/true
|
||||
|
||||
# update modules and check depencies
|
||||
git pull
|
||||
rpm -q ansible > /dev/null || sudo yum -y install ansible
|
||||
|
||||
# run playbook
|
||||
ansible-playbook deploy.yml
|
||||
182
deploy.yml
Normal file
182
deploy.yml
Normal file
|
|
@ -0,0 +1,182 @@
|
|||
---
|
||||
|
||||
- name: "deploy workstation"
|
||||
hosts: localhost
|
||||
connection: local
|
||||
become: true
|
||||
become_method: sudo
|
||||
|
||||
tasks:
|
||||
- name: "remove unneeded packages"
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: absent
|
||||
with_items:
|
||||
- abrt
|
||||
- mlocate
|
||||
|
||||
- name: "install rpmfusion repositories"
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: installed
|
||||
with_items:
|
||||
- "https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-{{ ansible_distribution_major_version}}.noarch.rpm"
|
||||
- "https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-{{ ansible_distribution_major_version}}.noarch.rpm"
|
||||
# - name: "enable rpmfusion free repository"
|
||||
# command: dnf config-manager --enable-repo=rpmfusion-free
|
||||
# - name: "enable rpmfusion nonfree repository"
|
||||
# command: dnf config-manager --enable-repo=rpmfusion-nonfree
|
||||
|
||||
- name: "hide grub menu during boot"
|
||||
lineinfile:
|
||||
path: /etc/default/grub
|
||||
line: "{{ item }}"
|
||||
with_items:
|
||||
- GRUB_HIDDEN_TIMEOUT=1
|
||||
- GRUB_HIDDEN_TIMEOUT_QUIET=true
|
||||
- name: "remove grub default timeout"
|
||||
lineinfile:
|
||||
path: /etc/default/grub
|
||||
regexp: "^GRUB_TIMEOUT="
|
||||
state: absent
|
||||
|
||||
- name: "enable google chrome repository"
|
||||
yum_repository:
|
||||
name: google-chrome
|
||||
baseurl: http://dl.google.com/linux/chrome/rpm/stable/x86_64
|
||||
description: Google Chrome
|
||||
gpgcheck: true
|
||||
gpgkey: https://dl.google.com/linux/linux_signing_key.pub
|
||||
enabled: true
|
||||
- name: "install google chrome"
|
||||
package:
|
||||
name: google-chrome
|
||||
state: present
|
||||
- name: "create google chrome policy directories"
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: root
|
||||
group: root
|
||||
with_items:
|
||||
- /etc/opt/chrome/policies/managed
|
||||
- /etc/opt/chrome/policies/recommended
|
||||
- name: "install google chrome managed settings"
|
||||
copy:
|
||||
dest: /etc/opt/chrome/policies/managed/defaults.json
|
||||
content: |
|
||||
{
|
||||
"HomepageLocation": "https://www.foo.sh",
|
||||
"PasswordManagerEnabled": false,
|
||||
}
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: root
|
||||
- name: "install google chrome recommended settings"
|
||||
copy:
|
||||
dest: /etc/opt/chrome/policies/recommended/defaults.json
|
||||
content: |
|
||||
{
|
||||
"RestoreOnStartup": 1,
|
||||
"ImportHistory": false
|
||||
}
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: "enable spotify repository"
|
||||
yum_repository:
|
||||
name: spotify
|
||||
baseurl: https://negativo17.org/repos/spotify/fedora-$releasever/x86_64/
|
||||
description: Spotify
|
||||
gpgcheck: true
|
||||
gpgkey: https://negativo17.org/repos/RPM-GPG-KEY-slaanesh
|
||||
enabled: true
|
||||
- name: "install spotify"
|
||||
package:
|
||||
name: spotify
|
||||
state: present
|
||||
|
||||
- name: "install generic tools"
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- dia
|
||||
- elinks
|
||||
- geteltorito
|
||||
- gimp
|
||||
- krb5-workstation
|
||||
- mutt
|
||||
- openldap-clients
|
||||
- setroubleshoot
|
||||
- thunderbird
|
||||
|
||||
- name: "install extra packages for development"
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- black
|
||||
- emacs
|
||||
- htop
|
||||
- iftop
|
||||
- iotop
|
||||
- python3-ansible-lint
|
||||
- ShellCheck
|
||||
- strace
|
||||
- yamllint
|
||||
- vim-enhanced
|
||||
- wireshark
|
||||
|
||||
- name: "install virtualization packages"
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- libvirt
|
||||
- podman
|
||||
- virt-install
|
||||
|
||||
- name: "configure mutt"
|
||||
copy:
|
||||
dest: /etc/Muttrc.local
|
||||
content: |
|
||||
set use_8bitmime
|
||||
set hostname=foo.sh
|
||||
set imap_authenticators="gssapi:plain"
|
||||
set spoolfile=imaps://${USER}@mail.foo.sh/INBOX
|
||||
set folder=imaps://${USER}@mail.foo.sh
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: "configure ldap client"
|
||||
copy:
|
||||
dest: /etc/openldap/ldap.conf
|
||||
content: |
|
||||
BASE dc=foo,dc=sh
|
||||
URI ldaps://ldap.foo.sh
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: "configure kerberos client"
|
||||
copy:
|
||||
dest: /etc/krb5.conf.d/foo.sh.conf
|
||||
content: |
|
||||
[libdefaults]
|
||||
default_realm = FOO.SH
|
||||
|
||||
[domain_realm]
|
||||
foo.sh = FOO.SH
|
||||
.foo.sh = FOO.SH
|
||||
|
||||
[realms]
|
||||
FOO.SH = {
|
||||
kdc = https://id.foo.sh/KdcProxy
|
||||
}
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: root
|
||||
Loading…
Add table
Reference in a new issue