From: Christian Heller Date: Fri, 17 Mar 2017 02:07:09 +0000 (+0100) Subject: Add first stab at ansible config for new thinkpad. X-Git-Url: https://plomlompom.com/repos/%7B%7B%20web_path%20%7D%7D/decks/%7B%7Bdeck_id%7D%7D/cards?a=commitdiff_plain;h=2da55dda3ec713a4b92d5a18e645045183518624;p=config Add first stab at ansible config for new thinkpad. --- diff --git a/ansible/.config.yml.swp b/ansible/.config.yml.swp new file mode 100644 index 0000000..82d1860 Binary files /dev/null and b/ansible/.config.yml.swp differ diff --git a/ansible/config.yml b/ansible/config.yml new file mode 100644 index 0000000..b30e379 --- /dev/null +++ b/ansible/config.yml @@ -0,0 +1,23 @@ +--- +- hosts: all + user: root + become: yes + tasks: + + - include: tasks/hostname.yml + vars: + hostname: w530 + + - include: tasks/apt_init.yml + + - include: tasks/console_init.yml + + - include: tasks/timezone.yml + vars: + timezone: Europe/Berlin + + - name: ensure boot messages are not cleand on start up + replace: + dest: /etc/systemd/system/getty.target.wants/getty@tty1.service + regexp: '^TTYVTDisallocate=yes.*$' + replace: 'TTYVDisallocate=no' diff --git a/ansible/files/_etc_apt_apt.conf.d_99mindeps b/ansible/files/_etc_apt_apt.conf.d_99mindeps new file mode 100644 index 0000000..4aaef79 --- /dev/null +++ b/ansible/files/_etc_apt_apt.conf.d_99mindeps @@ -0,0 +1,4 @@ +APT::AutoRemove::RecommendsImportant "false"; +APT::AutoRemove::SuggestsImportant "false"; +APT::Install-Recommends "false"; +APT::Install-Suggests "false"; diff --git a/ansible/files/_etc_default_console-setup b/ansible/files/_etc_default_console-setup new file mode 100644 index 0000000..090d241 --- /dev/null +++ b/ansible/files/_etc_default_console-setup @@ -0,0 +1,4 @@ +CHARMAP="UTF-8" +CODESET="Lat15" +FONTFACE="Terminus" +FONTSIZE="6x12" diff --git a/ansible/files/_etc_default_keyboard b/ansible/files/_etc_default_keyboard new file mode 100644 index 0000000..b8f918b --- /dev/null +++ b/ansible/files/_etc_default_keyboard @@ -0,0 +1 @@ +XKBLAYOUT="de" diff --git a/ansible/files/_etc_profile b/ansible/files/_etc_profile new file mode 100644 index 0000000..5884d7b --- /dev/null +++ b/ansible/files/_etc_profile @@ -0,0 +1,35 @@ +# /etc/profile: system-wide .profile file for the Bourne shell (sh(1)) +# and Bourne compatible shells (bash(1), ksh(1), ash(1), ...). + +if [ "`id -u`" -eq 0 ]; then + PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +else + PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games" +fi +export PATH + +if [ "${PS1-}" ]; then + if [ "${BASH-}" ] && [ "$BASH" != "/bin/sh" ]; then + # The file bash.bashrc already sets the default PS1. + # PS1='\h:\w\$ ' + if [ -f /etc/bash.bashrc ]; then + . /etc/bash.bashrc + fi + else + if [ "`id -u`" -eq 0 ]; then + PS1='# ' + else + PS1='$ ' + fi + fi +fi + +if [ -d /etc/profile.d ]; then + for i in /etc/profile.d/*.sh; do + if [ -r $i ]; then + . $i + fi + done + unset i +fi +export LC_ALL="en_US.UTF-8" diff --git a/ansible/run.sh b/ansible/run.sh new file mode 100644 index 0000000..02856c2 --- /dev/null +++ b/ansible/run.sh @@ -0,0 +1 @@ +ansible-playbook -i 'localhost,' -c local config.yml diff --git a/ansible/tasks/.console_init.yml.swp b/ansible/tasks/.console_init.yml.swp new file mode 100644 index 0000000..2d903f7 Binary files /dev/null and b/ansible/tasks/.console_init.yml.swp differ diff --git a/ansible/tasks/.timezone.yml.swp b/ansible/tasks/.timezone.yml.swp new file mode 100644 index 0000000..e51c376 Binary files /dev/null and b/ansible/tasks/.timezone.yml.swp differ diff --git a/ansible/tasks/apt_init.yml b/ansible/tasks/apt_init.yml new file mode 100644 index 0000000..f94a54f --- /dev/null +++ b/ansible/tasks/apt_init.yml @@ -0,0 +1,23 @@ +--- +- include: tasks/set_repos.yml + +- name: update package lists + apt: + update_cache: yes + +- name: write APT config file + copy: + src: files/_etc_apt_apt.conf.d_99mindeps + dest: /etc/apt/apt.conf.d/99mindeps + +- name: check for initial_purge_happened flag + stat: path=flags/initial_purge_happened + register: initial_purge + +- name: perform initial purge + include: tasks/initial_purge.yml + when: initial_purge.stat.exists == False + +- name: APT - dist-upgrade + apt: + upgrade: dist diff --git a/ansible/tasks/console_init.yml b/ansible/tasks/console_init.yml new file mode 100644 index 0000000..248ebcc --- /dev/null +++ b/ansible/tasks/console_init.yml @@ -0,0 +1,33 @@ +--- +- name: write terminal config file + copy: + src: files/_etc_default_console-setup + dest: /etc/default/console-setup + +- name: write keyboard config file + copy: + src: files/_etc_default_keyboard + dest: /etc/default/keyboard + +- name: ensure locales is installed + apt: + name: locales + state: present + +- name: ensure setupcon is installed + apt: + name: console-setup + state: present + +- name: generate en_US.UTF-8 locale + locale_gen: + name: en_US.UTF-8 + state: present + +- name: write /etc/profile (with locale export) + copy: + src: files/_etc_profile + dest: /etc/profile + +- name: run setupcon to apply console settings from /etc/default/ + command: setupcon diff --git a/ansible/tasks/hostname.yml b/ansible/tasks/hostname.yml new file mode 100644 index 0000000..f5e036b --- /dev/null +++ b/ansible/tasks/hostname.yml @@ -0,0 +1,13 @@ +--- + +- name: set hostname in /etc/hostname + shell: echo {{ hostname }} > /etc/hostname + +- name: set hostname in /etc/hosts + replace: + dest: /etc/hosts + regexp: '^127\.0\.1\.1.*$' + replace: '127.0.1.1 {{ hostname }}' + +- name: set hostname for current session + shell: hostname {{ hostname }} diff --git a/ansible/tasks/initial_purge.yml b/ansible/tasks/initial_purge.yml new file mode 100644 index 0000000..1354170 --- /dev/null +++ b/ansible/tasks/initial_purge.yml @@ -0,0 +1,29 @@ +--- + +- name: collect officially required packages + shell: dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > /tmp/list_white_unsorted + +- name: add "ifupdown" and "isc-dhcp-client" (to keep internet connection afterwards) and "ansible" (to keep its modules available for continuing the configuration) to required packages + shell: echo 'ifupdown' >> /tmp/list_white_unsorted && echo 'isc-dhcp-client' >> /tmp/list_white_unsorted && echo 'ansible' >> /tmp/list_white_unsorted && sort /tmp/list_white_unsorted > /tmp/list_white + +- name: collect currently installed packages + shell: dpkg-query -Wf '${Package}\n' > /tmp/list_all_packages && sort /tmp/list_all_packages > /tmp/foo && mv /tmp/foo /tmp/list_all_packages + +- name: create black list of packages to mark as automatically installed from the difference between the required packages and the packages currently installed + shell: comm -3 /tmp/list_all_packages /tmp/list_white > /tmp/list_black + +- name: mark all packages from black list as automatically installed + shell: apt-mark auto $(cat /tmp/list_black) + +- name: purge all packages automatically installed that are not depended on + shell: DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove + +- name: ensure flags directory exists + file: + path: flags + state: directory + +- name: set initial_purge_happened flag, so that this whole process does not get repeated + file: + path: flags/initial_purge_happened + state: touch diff --git a/ansible/tasks/set_repos.yml b/ansible/tasks/set_repos.yml new file mode 100644 index 0000000..7605883 --- /dev/null +++ b/ansible/tasks/set_repos.yml @@ -0,0 +1,21 @@ +--- + +- name: APT - use stretch repo + apt_repository: + repo: deb http://ftp.debian.org/debian/ stretch main contrib non-free + state: present + +- name: APT - use stretch security updates repo + apt_repository: + repo: deb http://security.debian.org/ stretch/updates main contrib non-free + state: present + +- name: APT - use stretch-updates repo + apt_repository: + repo: deb http://ftp.debian.org/debian/ stretch-updates main contrib non-free + state: present + +- name: APT - use stretch-backports repo + apt_repository: + repo: deb http://ftp.debian.org/debian stretch-backports main contrib non-free + state: present diff --git a/ansible/tasks/timezone.yml b/ansible/tasks/timezone.yml new file mode 100644 index 0000000..d60232b --- /dev/null +++ b/ansible/tasks/timezone.yml @@ -0,0 +1,10 @@ +--- + +- name: set /etc/timezone + shell: echo '{{ timezone }}' > /etc/timezone + +- name: set /etc/localtime + file: + src: /usr/share/zoneinfo/{{ timezone }} + path: /etc/localtime + state: link