commit d88ed5f3d23eeb7b2c47981009a223ffe3b09f2c Author: Emil Miler Date: Sat Apr 29 19:51:14 2023 +0200 Initial commit diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..87d2179 --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,5 @@ +[defaults] +inventory = hosts +remote_user = root +forks = 8 +interpreter_python = /usr/bin/python3 diff --git a/files/bakalari/bakalari.desktop b/files/bakalari/bakalari.desktop new file mode 100644 index 0000000..fd64842 --- /dev/null +++ b/files/bakalari/bakalari.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Name=Bakaláři +Exec=/usr/bin/firefox https://dochazka.gjk.cz/login +StartupNotify=true +Terminal=false +Type=Application +Categories=Utility; +Icon=/usr/share/icons/bakalari.png diff --git a/files/bakalari/bakalari.png b/files/bakalari/bakalari.png new file mode 100644 index 0000000..aae09cc Binary files /dev/null and b/files/bakalari/bakalari.png differ diff --git a/files/desktop/autologin b/files/desktop/autologin new file mode 100644 index 0000000..733bde7 --- /dev/null +++ b/files/desktop/autologin @@ -0,0 +1,3 @@ +[daemon] +AutomaticLogin=student +AutomaticLoginEnable=True diff --git a/files/desktop/main b/files/desktop/main new file mode 100644 index 0000000..6584a2e --- /dev/null +++ b/files/desktop/main @@ -0,0 +1,17 @@ +[org/gnome/desktop/input-sources] +sources = [('xkb', 'us'), ('xkb', 'cz')] + +[org/gnome/desktop/a11y] +always-show-universal-access-status = false + +[org/gnome/shell] +favorite-apps = ['firefox.desktop', 'org.gnome.Console.desktop', 'org.gnome.Nautilus.desktop'] + +[org/gnome/login-screen] +disable-user-list = true + +[org/gnome/desktop/interface] +gtk-theme = 'Adwaita-dark' + +[org/gnome/settings-daemon/plugins] +sleep-inactive-ac-timeout = 0 diff --git a/files/desktop/profile/user b/files/desktop/profile/user new file mode 100644 index 0000000..aca0641 --- /dev/null +++ b/files/desktop/profile/user @@ -0,0 +1,2 @@ +user-db:user +system-db:local diff --git a/files/desktop/screensaver b/files/desktop/screensaver new file mode 100644 index 0000000..905e57b --- /dev/null +++ b/files/desktop/screensaver @@ -0,0 +1,8 @@ +[org/gnome/desktop/session] +# Number of seconds of inactivity before the screen goes blank +# Set to 0 seconds if you want to deactivate the screensaver. +idle-delay=uint32 {{ timeout_blank }} + +[org/gnome/desktop/screensaver] +# Number of seconds after the screen is blank before locking the screen +lock-delay=uint32 {{ timeout_lock }} diff --git a/files/firefox/uBlock0@raymondhill.net.xpi b/files/firefox/uBlock0@raymondhill.net.xpi new file mode 100644 index 0000000..49b0df0 Binary files /dev/null and b/files/firefox/uBlock0@raymondhill.net.xpi differ diff --git a/files/grub/grub b/files/grub/grub new file mode 100644 index 0000000..2dbe790 --- /dev/null +++ b/files/grub/grub @@ -0,0 +1,22 @@ +# +# Configuration file for GRUB. +# +GRUB_DEFAULT=2 +#GRUB_HIDDEN_TIMEOUT=0 +#GRUB_HIDDEN_TIMEOUT_QUIET=false +GRUB_TIMEOUT={{ grub_timeout }} +GRUB_DISTRIBUTOR="Void" +GRUB_CMDLINE_LINUX_DEFAULT="loglevel=4 net.ifnames=0" +# Uncomment to use basic console +GRUB_TERMINAL_INPUT=console +# Uncomment to disable graphical terminal +GRUB_TERMINAL_OUTPUT=console +#GRUB_BACKGROUND=/usr/share/void-artwork/splash.png +#GRUB_GFXMODE=1920x1080x32 +#GRUB_DISABLE_LINUX_UUID=true +#GRUB_DISABLE_RECOVERY=true +# Uncomment and set to the desired menu colors. Used by normal and wallpaper +# modes only. Entries specified as foreground/background. +#GRUB_COLOR_NORMAL="light-blue/black" +#GRUB_COLOR_HIGHLIGHT="light-cyan/blue" +GRUB_DISABLE_OS_PROBER=false diff --git a/group_vars/all.yaml b/group_vars/all.yaml new file mode 100644 index 0000000..4dab453 --- /dev/null +++ b/group_vars/all.yaml @@ -0,0 +1,61 @@ +--- +timeout_blank: 1800 +timeout_lock: 30 +grub_timeout: 5 + +ssh_keys: + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEm981GRiUIsp8e4bTDv+d9SyHfQ8P18W5oovgmAfnip em@x210 + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDqmyaaIqRU9hx8PxRnIqe/pRANIxrEEscuMWrHZF1yh snowflake@flakeX230 + +xbps_install: + # General + - htop + - screen + - tmux + - vim + - nano + - curl + - wget + # Software development + - git + - gcc + - guile + - valgrind + - emacs + - vscode + - arduino + - arduino-cli + - idle-python3 + # Web Browsers + - firefox + # Documents + - libreoffice + - texstudio + - texlive-bin + # Multimedia + - ffmpeg + - celluloid + - audacity + - gimp + - inkscape + - kdenlive + - shotcut + - krita + - mypaint + # CAD + - freecad + - openscad + - PrusaSlicer + # Databases + - sqlitebrowser + # Fun & games + - neofetch + - sl + - cowsay + - ponysay + - figlet + - asciiquarium + - cbonsai + - cmatrix + # - openarena +xbps_remove: diff --git a/group_vars/pom.yaml b/group_vars/pom.yaml new file mode 100644 index 0000000..3ddf893 --- /dev/null +++ b/group_vars/pom.yaml @@ -0,0 +1,2 @@ +--- +grub_timeout: 8 diff --git a/group_vars/teachers.yml b/group_vars/teachers.yml new file mode 100644 index 0000000..5fcbc2a --- /dev/null +++ b/group_vars/teachers.yml @@ -0,0 +1,3 @@ +--- +timeout_blank: 1800 +timeout_lock: 10 diff --git a/hosts b/hosts new file mode 100644 index 0000000..8f842da --- /dev/null +++ b/hosts @@ -0,0 +1,57 @@ +[students_pov] +VU01.local +VU02.local +VU03.local +VU04.local +VU05.local +VU06.local +VU07.local +VU08.local +VU09.local +VU10.local +VU11.local +VU12.local +VU13.local +VU14.local +VU15.local + +[students_pom] +MU02.local +MU03.local +MU04.local +MU05.local +MU06.local +MU07.local +MU08.local +MU09.local +MU10.local +MU11.local +MU12.local +MU13.local +MU14.local +MU15.local +MU16.local +MU17.local +MU18.local + +[teacher_pov] +VU00.local + +[teacher_pom] +MU01.local + +[pov:children] +students_pov +teacher_pov + +[pom:children] +students_pom +teacher_pom + +[teachers:children] +teacher_pov +teacher_pom + +[students:children] +students_pov +students_pom diff --git a/reboot.yaml b/reboot.yaml new file mode 100644 index 0000000..1713d97 --- /dev/null +++ b/reboot.yaml @@ -0,0 +1,7 @@ +--- +- name: Reboot all machines + hosts: all + + tasks: + - name: Reboot all machines + ansible.builtin.reboot: diff --git a/setup.yaml b/setup.yaml new file mode 100644 index 0000000..8def85a --- /dev/null +++ b/setup.yaml @@ -0,0 +1,230 @@ +--- +- name: SSH + hosts: all + + tasks: + - name: Ensure root ssh directory exists + file: + path: /root/.ssh + state: directory + + - name: Import SSH keys + authorized_key: + user: root + key: '{{ item }}' + state: present + loop: '{{ ssh_keys }}' + + +- name: General + hosts: all + + tasks: + - name: Install Software + community.general.xbps: + name: + - avahi + - chrony + state: present + + - name: Enable Avahi service + community.general.runit: + name: avahi-daemon + enabled: true + state: started + + - name: Enable Chrony service + community.general.runit: + name: chronyd + enabled: true + state: started + + - name: Disable wpa_supplicant + community.general.runit: + name: wpa_supplicant + enabled: false + state: stopped + + - name: Disable redundant TTYs + community.general.runit: + name: '{{ item }}' + enabled: false + state: stopped + loop: + - agetty-tty3 + - agetty-tty4 + - agetty-tty5 + - agetty-tty6 + + +- name: Users + hosts: all + + tasks: + - name: Set bash as default shell for root + user: + name: root + shell: /bin/bash + + - name: User student + user: + name: student + password: $6$7Z.h8Q6CO9AevdIp$8W2nuvD7ZqeXBO.Azsayx2tJ4L0KD44hOz5aNzpGPN/hUtaROvmY7aJ0x7Ie3CPawp6lV4ln2fHQQ7V5Yuy7k0 + groups: + # Arduino serial access + - dialout + state: present + + - name: Lock bash configuration files for student + # Can be removed after LDAP setup + file: + path: '{{ item }}' + owner: root + group: root + mode: 644 + state: touch + loop: + - /home/student/.bashrc + - /home/student/.bash_profile + + - name: Disable SSH for user student + ansible.builtin.lineinfile: + path: "/etc/ssh/sshd_config" + line: "DenyUsers student" + create: true + + +- name: Software + hosts: all + + tasks: + - name: Add non-free repository + community.general.xbps: + name: void-repo-nonfree + state: present + + - name: Upgrade all packages + community.general.xbps: + upgrade: true + + - name: Install packages + community.general.xbps: + name: '{{ xbps_install }}' + state: present + when: xbps_install + + - name: Recursively remove packages + community.general.xbps: + name: '{{ xbps_remove }}' + state: absent + recurse: true + when: xbps_remove + + +- name: Gnome + hosts: all + + handlers: + - name: Update dconf database + command: 'dconf update' + + tasks: + - name: Install Gnome + community.general.xbps: + name: + - dbus + - gnome + - gnome-apps + - gdm + - xorg # Prevents a crash on some systems + - mesa-vdpau + - mesa-vaapi + - pipewire + state: present + + - name: Enable services + community.general.runit: + name: '{{ item }}' + enabled: true + state: started + loop: + - dbus + - gdm + + - name: Enable autologin + copy: + src: 'files/desktop/autologin' + dest: '/etc/gdm/custom.conf' + notify: Update dconf database + + - name: Ensure directories exist + file: + path: '{{item}}' + state: directory + loop: + - /etc/dconf/db/local.d + - /etc/dconf/db/local.d/locks + + - name: Create user profile + copy: + src: 'files/desktop/profile/user' + dest: '/etc/dconf/profile/user' + + - name: Copy configuration files + copy: + src: 'files/desktop/main' + dest: '/etc/dconf/db/local.d/main' + notify: Update dconf database + + - name: Set screen timeout + template: + src: 'files/desktop/screensaver' + dest: '/etc/dconf/db/local.d/screensaver' + notify: Update dconf database + + +- name: GRUB + hosts: all + + handlers: + - name: grub-mkconfig + command: 'grub-mkconfig -o /boot/grub/grub.cfg' + + tasks: + - name: Copy GRUB configuration + template: + src: 'files/grub/grub' + dest: '/etc/default/grub' + notify: grub-mkconfig + + +- name: Firefox + hosts: all + + tasks: + - name: Ensure Firefox extensions folder exists + file: + path: "/usr/lib64/firefox/distribution/extensions" + state: directory + + - name: Install firefox extensions + copy: + src: "{{ item }}" + dest: "/usr/lib64/firefox/distribution/extensions/" + loop: + - "files/firefox/uBlock0@raymondhill.net.xpi" + + +- name: Bakaláři + hosts: teachers + + tasks: + - name: Create a desktop shortcut for Bakaláři + copy: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + loop: + - src: "files/bakalari/bakalari.desktop" + dest: "/usr/share/applications/bakalari.desktop" + - src: "files/bakalari/bakalari.png" + dest: "/usr/share/icons/bakalari.png" diff --git a/shudown.yaml b/shudown.yaml new file mode 100644 index 0000000..25c2574 --- /dev/null +++ b/shudown.yaml @@ -0,0 +1,7 @@ +--- +- name: Shutdown all machines + hosts: all + + tasks: + - name: Shutting down + community.general.shutdown: