diff --git a/lmn-desktop.yml b/lmn-desktop.yml index 8d7306d..61e3f27 100644 --- a/lmn-desktop.yml +++ b/lmn-desktop.yml @@ -12,7 +12,7 @@ register: adpw no_log: true when: "ansible_cmdline.adpw is not defined" - - name: preseed apparmor + - name: Preseed apparmor debconf: name: apparmor question: apparmor/homedirs @@ -20,6 +20,15 @@ /srv/samba/schools/default-school/teachers/ /srv/samba/schools/default-school/students/*/ vtype: string + - name: Preseed unattended-upgrades + debconf: + name: unattended-upgrades + question: unattended-upgrades/enable_auto_updates + value: True + vtype: boolean + + vars_files: + - vars-qgsoftware.yml vars: domain: "{{ ansible_domain }}" @@ -38,13 +47,6 @@ ## Local mirror for mscorefonts. Remove or leave empty to use no mirror: mirror_msfonts: http://netboot.qgm.lan/mscorefonts/ - ## Local Mirror for Greenfoot and BlueJ. Leave empty to skip installation of bluej and greenfoot - mirror_javadev: http://netboot.qgm.lan/javadev/ - ## Bluej/Greenfoot Versionen - bluej_target_version: "5.2.0" - greenfoot_target_version: "3.7.1" - - # Linbo Passwort rsyncsecret: Muster! ## Use grub-mkpasswd-pbkdf2: to calculate the password hash, this hash is for "geheim": @@ -71,3 +73,81 @@ - lmn_qgsddm - lmn_printer #- kerberize + + + tasks: + - name: Fix unattended-upgrades + ansible.builtin.copy: + dest: /etc/apt/apt.conf.d/20auto-upgrades + content: | + APT::Periodic::Update-Package-Lists "1"; + APT::Periodic::Unattended-Upgrade "0"; + + - name: Fix mount point permissions and owner + file: + path: "{{ item }}" + mode: '0755' + owner: root + group: root + loop: + - /srv/samba + - /srv/samba/schools + - /srv/samba/schools/default-school + + - name: Disable Grub submenus + lineinfile: + dest: /etc/default/grub + line: 'GRUB_DISABLE_SUBMENU=true' + insertafter: '^GRUB_TIMEOUT=.*' + notify: Run update-grub + + + - name: Check for the buggy kernel + stat: + path: /boot/vmlinuz-6.1.0-17-amd64 + register: bug + + - name: Check for the fixed kernel + stat: + path: /boot/vmlinuz-6.1.0-18-amd64 + register: fix + + - name: Work around kernel with CIFS regression + block: + - name: Make sure kernel package -16 is available + ansible.builtin.apt: + name: linux-image-6.1.0-16-amd64 + state: present + - name: Set 6.1.0-16 as default kernel in grub + lineinfile: + dest: /etc/default/grub + regexp: '^(GRUB_DEFAULT=).*' + line: '\g<1>"Debian GNU/Linux, with Linux 6.1.0-16-amd64"' + backrefs: yes + notify: Run update-grub + when: bug.stat.exists and not fix.stat.exists + + - name: Set latest kernel in grub if bug is fixed + lineinfile: + dest: /etc/default/grub + regexp: '^(GRUB_DEFAULT=).*' + line: '\g<1>0' + backrefs: yes + when: fix.stat.exists or not bug.stat.exists + notify: Run update-grub + + - name: Remove "unattended-upgrades" package + ansible.builtin.apt: + name: unattended-upgrades + state: absent + purge: True + + - name: Fix stuttering sound on HDMI + lineinfile: + dest: /etc/default/grub + regexp: '^(GRUB_CMDLINE_LINUX=).*' + line: '\g<1>"intel_iommu=on,igfx_off"' + backrefs: yes + when: "'lt-' in inventory_hostname" + notify: Run update-grub + diff --git a/qgm-desktop.yml b/qgm-desktop.yml index 7c1e2a9..ebca43c 100644 --- a/qgm-desktop.yml +++ b/qgm-desktop.yml @@ -4,8 +4,13 @@ hosts: all remote_user: ansible become: yes + + vars_files: + - vars-qgsoftware.yml vars: + playbook_name: "qgm-desktop.yml" + joinpw: '' domain: "{{ ansible_domain }}" kerberize_uris: qgm.lan realm: QGM.LAN @@ -17,15 +22,10 @@ no_proxy: firewall.qgm.lan, server.qgm.lan, qgm.lan ## PAM mount nextcloud, remove or leave empty to skip: - web_dav: https://wolke.qg-moessingen.de/remote.php/dav/files/%(USER) + web_dav: https://wolke.qg-moessingen.de/nextcloud/remote.php/dav/files/%(USER) ## Local mirror for mscorefonts. Remove or leave empty to use no mirror: mirror_msfonts: http://netboot.qgm.lan/mscorefonts/ - ## Local Mirror for Greenfoot and BlueJ - mirror_javadev: http://netboot.qgm.lan/javadev/ - ## Bluej/Greenfoot Versionen - bluej_target_version: "5.2.0" - greenfoot_target_version: "3.7.1" # Linbo Passwort rsyncsecret: Muster! @@ -44,12 +44,131 @@ extra_pkgs_bpo: [] # [ linux-image-amd64 ] roles: - #- lmn_network - - up2date_debian - #- lmn_sssd - #- lmn_mount - #- lmn_kde + - lmn_network + #- up2date_debian + - lmn_sssd + - lmn_mount + - lmn_kde - lmn_qgm ## school specific customization + - lmn_qgsoftware - lmn_qgsddm - #- lmn_printer + - lmn_printer #- kerberize + + tasks: + - name: Remove debian packages for FreeCAD + apt: + name: + - freecad + - freecad-common + - freecad-python3 + - libfreecad-python3-0.20 + autoremove: true + state: absent + + - name: Remove debian packages for PrusaSlicer + apt: + name: + - prusa-slicer + - slic3r-prusa + autoremove: true + state: absent + + - name: Copy Server roots-pubkey to clients + authorized_key: + user: ansible + state: present + key: "{{ lookup('file', 'pubkeys/serverroot.pub') }}" + + - name: Fix unattended-upgrades + ansible.builtin.copy: + dest: /etc/apt/apt.conf.d/20auto-upgrades + content: | + APT::Periodic::Update-Package-Lists "1"; + APT::Periodic::Unattended-Upgrade "0"; + + - name: Prepare mount point for homes + ansible.builtin.file: + path: /srv/samba/schools/default-school/ + state: directory + mode: '0755' + + - name: Fix mount point permissions and owner + file: + path: "{{ item }}" + mode: '0755' + owner: root + group: root + loop: + - /srv/samba + - /srv/samba/schools + - /srv/samba/schools/default-school + + - name: Disable Grub submenus + lineinfile: + dest: /etc/default/grub + line: 'GRUB_DISABLE_SUBMENU=true' + insertafter: '^GRUB_TIMEOUT=.*' + notify: Run update-grub + + + - name: Check for the buggy kernel + stat: + path: /boot/vmlinuz-6.1.0-17-amd64 + register: bug + + - name: Check for the fixed kernel + stat: + path: /boot/vmlinuz-6.1.0-18-amd64 + register: fix + + - name: Work around kernel with CIFS regression + block: + - name: Make sure kernel package -16 is available + ansible.builtin.apt: + name: linux-image-6.1.0-16-amd64 + state: present + - name: Set 6.1.0-16 as default kernel in grub + lineinfile: + dest: /etc/default/grub + regexp: '^(GRUB_DEFAULT=).*' + line: '\g<1>"Debian GNU/Linux, with Linux 6.1.0-16-amd64"' + backrefs: yes + notify: Run update-grub + when: bug.stat.exists and not fix.stat.exists + + - name: Set latest kernel in grub if bug is fixed + lineinfile: + dest: /etc/default/grub + regexp: '^(GRUB_DEFAULT=).*' + line: '\g<1>0' + backrefs: yes + when: fix.stat.exists or not bug.stat.exists + notify: Run update-grub + + - name: Remove "unattended-upgrades" package + ansible.builtin.apt: + name: unattended-upgrades + state: absent + purge: True + + - name: Fix stuttering sound on HDMI + lineinfile: + dest: /etc/default/grub + regexp: '^(GRUB_CMDLINE_LINUX=).*' + line: '\g<1>"intel_iommu=on,igfx_off"' + backrefs: yes + when: "'lt-' in inventory_hostname" + notify: Run update-grub + + - name: Aktuelle Zeit zum Client schreiben + copy: + content: | + playbook={{ playbook_name }} + timestamp={{ ansible_date_time.date }}-{{ ansible_date_time.time }} + unixtime={{ ansible_date_time.epoch }} + ansiblehost={{ ansible_hostname }} + dest: /etc/ansible_timestamp.txt + + + diff --git a/qgm-laptop.yml b/qgm-laptop.yml index 7c786b6..0a3c3ff 100644 --- a/qgm-laptop.yml +++ b/qgm-laptop.yml @@ -5,6 +5,9 @@ remote_user: ansible become: yes + vars_files: + - vars-qgsoftware.yml + vars: domain: "{{ ansible_domain }}" kerberize_uris: qgm.lan @@ -22,13 +25,6 @@ ## Local mirror for mscorefonts. Remove or leave empty to use no mirror: mirror_msfonts: http://netboot.qgm.lan/mscorefonts/ - ## Local Mirror for Greenfoot and BlueJ. Leave empty to skip installation of bluej and greenfoot - mirror_javadev: http://netboot.qgm.lan/javadev/ - ## Bluej/Greenfoot Versionen - bluej_target_version: "5.2.0" - greenfoot_target_version: "3.7.1" - - # Linbo Passwort rsyncsecret: Muster! ## Use grub-mkpasswd-pbkdf2: to calculate the password hash, this hash is for "geheim": @@ -46,13 +42,99 @@ extra_pkgs_bpo: [] # [ linux-image-amd64 ] roles: - #- lmn_network + - lmn_network #- up2date_debian - #- lmn_sssd - #- lmn_mount - #- lmn_kde - #- lmn_qgm - #- lmn_qgsddm + - lmn_sssd + - lmn_mount + - lmn_kde + - lmn_qgm + - lmn_qgsddm - lmn_qglaptop - #- lmn_printer + - lmn_printer #- kerberize + + + tasks: + - name: Fix unattended-upgrades + ansible.builtin.copy: + dest: /etc/apt/apt.conf.d/20auto-upgrades + content: | + APT::Periodic::Update-Package-Lists "1"; + APT::Periodic::Unattended-Upgrade "0"; + + - name: Prepare mount point for homes + ansible.builtin.file: + path: /srv/samba/schools/default-school/ + state: directory + mode: '0755' + + - name: Fix mount point permissions and owner + file: + path: "{{ item }}" + mode: '0755' + owner: root + group: root + loop: + - /srv/samba + - /srv/samba/schools + - /srv/samba/schools/default-school + + - name: Disable Grub submenus + lineinfile: + dest: /etc/default/grub + line: 'GRUB_DISABLE_SUBMENU=true' + insertafter: '^GRUB_TIMEOUT=.*' + notify: Run update-grub + + + - name: Check for the buggy kernel + stat: + path: /boot/vmlinuz-6.1.0-17-amd64 + register: bug + + - name: Check for the fixed kernel + stat: + path: /boot/vmlinuz-6.1.0-18-amd64 + register: fix + + - name: Work around kernel with CIFS regression + block: + - name: Make sure kernel package -16 is available + ansible.builtin.apt: + name: linux-image-6.1.0-16-amd64 + state: present + - name: Set 6.1.0-16 as default kernel in grub + lineinfile: + dest: /etc/default/grub + regexp: '^(GRUB_DEFAULT=).*' + line: '\g<1>"Debian GNU/Linux, with Linux 6.1.0-16-amd64"' + backrefs: yes + notify: Run update-grub + when: bug.stat.exists and not fix.stat.exists + + - name: Set latest kernel in grub if bug is fixed + lineinfile: + dest: /etc/default/grub + regexp: '^(GRUB_DEFAULT=).*' + line: '\g<1>0' + backrefs: yes + when: fix.stat.exists or not bug.stat.exists + notify: Run update-grub + + - name: Remove "unattended-upgrades" package + ansible.builtin.apt: + name: unattended-upgrades + state: absent + purge: True + + - name: Fix stuttering sound on HDMI + lineinfile: + dest: /etc/default/grub + regexp: '^(GRUB_CMDLINE_LINUX=).*' + line: '\g<1>"intel_iommu=on,igfx_off"' + backrefs: yes + when: "'lt-' in inventory_hostname" + notify: Run update-grub + + + diff --git a/qgm-updatecache.yml b/qgm-updatecache.yml new file mode 100644 index 0000000..c1ac128 --- /dev/null +++ b/qgm-updatecache.yml @@ -0,0 +1,16 @@ +## This playbook deploys a KDE desktop machine for LinuxMuster. +# hosts: localhost +# remote_user: ansible +# become: yes +--- +- name: Update local software cache on netboot Host + hosts: localhost + connection: local + become: yes + + vars_files: + - vars-qgsoftware.yml + + roles: + - qgm_updatecache + diff --git a/roles/activate_last_kernel/handlers/main.yml b/roles/activate_last_kernel/handlers/main.yml new file mode 100644 index 0000000..e2b8cdf --- /dev/null +++ b/roles/activate_last_kernel/handlers/main.yml @@ -0,0 +1,2 @@ +- name: Run update-grub + command: update-grub diff --git a/roles/activate_last_kernel/tasks/main.yml b/roles/activate_last_kernel/tasks/main.yml new file mode 100644 index 0000000..26b7650 --- /dev/null +++ b/roles/activate_last_kernel/tasks/main.yml @@ -0,0 +1,15 @@ +--- +- name: Change Grub default Kernel + lineinfile: + dest: /etc/default/grub + regexp: '^(GRUB_DEFAULT=).*' + line: '\g<1>"1>2"' + backrefs: yes + notify: Run update-grub + +- name: Remove grub protection + ansible.builtin.blockinfile: + path: /etc/grub.d/40_custom + marker: "# {mark} ANSIBLE MANAGED BLOCK" + block: "" + notify: Run update-grub diff --git a/roles/lmn_kde/tasks/main.yml b/roles/lmn_kde/tasks/main.yml index 74bed30..00f4e36 100644 --- a/roles/lmn_kde/tasks/main.yml +++ b/roles/lmn_kde/tasks/main.yml @@ -8,7 +8,6 @@ - codeblocks - dia - flameshot - - freecad - ghex - gimp - inkscape @@ -24,6 +23,7 @@ - task-german-kde-desktop - task-kde-desktop - thonny + - scdaemon - thunderbird-l10n-de - vlc - vym @@ -46,6 +46,7 @@ name: - libreoffice - libreoffice-l10n-de + - libreoffice-gtk3 - kicad - kicad-doc-de state: latest # noqa package-latest @@ -113,13 +114,13 @@ replace: '"quiet splash"' notify: Run update-grub -- name: Protect grub menu entries - blockinfile: - path: /etc/grub.d/40_custom - block: | - set superusers='root' - password_pbkdf2 root {{ grub_pwd }} - notify: Run update-grub +#- name: Protect grub menu entries +# blockinfile: +# path: /etc/grub.d/40_custom +# block: | +# set superusers='root' +# password_pbkdf2 root {{ grub_pwd }} +# notify: Run update-grub - name: Allow booting default entry lineinfile: diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml index 969f188..e0eb999 100644 --- a/roles/lmn_mount/tasks/main.yml +++ b/roles/lmn_mount/tasks/main.yml @@ -39,6 +39,11 @@ insertafter: "" +- name: Prepare mount point for homes + ansible.builtin.file: + path: /srv/samba/schools/default-school/ + state: directory + mode: '0755' - name: Prepare persistent user cache base directory ansible.builtin.file: diff --git a/roles/lmn_qglaptop/tasks/main.yml b/roles/lmn_qglaptop/tasks/main.yml index 5142b0e..1fb205d 100644 --- a/roles/lmn_qglaptop/tasks/main.yml +++ b/roles/lmn_qglaptop/tasks/main.yml @@ -97,3 +97,11 @@ state: started enabled: no + +######### +# /etc/apt/apt.conf proxy Zeile entfernen, damit Updates möglich sind +- name: Proxy aus apt entfernen + ansible.builtin.lineinfile: + dest: /etc/apt/apt.conf + state: absent + regexp: '^Acquire::http::Proxy' diff --git a/roles/lmn_qgm/files/BeamerSetup.sh b/roles/lmn_qgm/files/BeamerSetup.sh new file mode 100755 index 0000000..124a426 --- /dev/null +++ b/roles/lmn_qgm/files/BeamerSetup.sh @@ -0,0 +1,67 @@ +#!/bin/bash + +# Get connected monitors and their native resolutions +monitor_info=$(xrandr --query) + +# Extract primary monitor name +primary_monitor_name=$(echo "$monitor_info" | grep " primary" | cut -d" " -f1) + +# Extract secondary monitor name and native resolution +secondary_monitor_line=$(echo "$monitor_info" | grep -m1 -n -P " connected(?! primary)") +secondary_monitor_line_number=$(echo "$secondary_monitor_line" | cut -d":" -f1) +secondary_monitor_name=$(echo "$secondary_monitor_line" | cut -d":" -f2 | cut -d" " -f1) +if [ ! -z "$secondary_monitor_line_number" ]; then + secondary_resolution=$(echo "$monitor_info" | sed -e "1,${secondary_monitor_line_number}d" | grep -m1 "+" | awk '{ print $1 }') +fi + +if [ -z "$secondary_monitor_name" ] || [ -z "$secondary_resolution" ] || [ -z "$primary_monitor_name" ]; then + zenity --error --text="Es konnten keine passenden Bildschirme gefunden werden. Sind Sie sich sicher, dass der Beamer eingeschaltet und verbunden ist?" + exit 1 +fi + +# Find out which resolutions we want to recommend +if [ "$secondary_resolution" = "1920x1080" ]; then + recommend_high_res="Ja" + recommend_low_res="Nein" + default_xga="FALSE" + default_hd="TRUE" +else + recommend_high_res="Nein" + recommend_low_res="Ja" + default_xga="TRUE" + default_hd="FALSE" +fi + +# Generate GUI to let the user select a resolution +mode=$(zenity --list --radiolist --title="Beamer Setup" --text="Beamer mit der Auflösung $secondary_resolution gefunden." \ +--print-column=3 --width 500 --height 250 \ +--column= --column="Name" --column="Auflösung" --column="Format" --column="Empfohlen" \ +FALSE "Full HD" "1920x1080" "16:9" "$recommend_high_res" \ +"$default_hd" "HD" "1280x720" "16:9" "Ja" \ +"$default_xga" "XGA" "1024x768" "4:3" "$recommend_low_res") + +# Use xrandr to configure both displays +if [ ! -z "$mode" ]; then + xrandr --output $primary_monitor_name --mode $mode + xrandr --output $secondary_monitor_name --mode $mode --same-as $primary_monitor_name +fi + +# Use pactl to set audio output to hdmi +profile="output:hdmi-stereo+input:analog-stereo" +sink_line=$(pactl list short sinks | grep -m1 alsa_output.pci-) +sink_nr=$(echo $sink_line | awk '{ print $1 }') +sink_name_hdmi=$(echo $sink_line | awk '{ print $2 }' | grep hdmi) +if [ ! -z "$sink_nr" ] && [ -z "$sink_name_hdmi" ]; then + card_name=$(pactl list cards short | grep -m1 alsa_card.pci- | awk '{ print $2 }') + pactl set-card-profile $card_name $profile +fi + +if [ ! -z "$sink_nr" ]; then + pactl set-default-sink $(pactl list short sinks | grep -m1 alsa_output.pci- | awk '{ print $1 }') +fi + +# if there is no hdmi sink search for a card profile to change +if [ -z "$sink_nr" ]; then + card_name=$(pactl list cards short | head -n 1 | awk '{ print $2 }') + pactl set-card-profile $card_name $profile +fi diff --git a/roles/lmn_qgm/files/beamer.png b/roles/lmn_qgm/files/beamer.png new file mode 100644 index 0000000..3977d07 Binary files /dev/null and b/roles/lmn_qgm/files/beamer.png differ diff --git a/roles/lmn_qgm/files/firefox-esr.desktop b/roles/lmn_qgm/files/firefox-esr.desktop new file mode 100644 index 0000000..942268b --- /dev/null +++ b/roles/lmn_qgm/files/firefox-esr.desktop @@ -0,0 +1,104 @@ +[Desktop Entry] +Name=Firefox ESR +Name[bg]=Firefox ESR +Name[ca]=Firefox ESR +Name[cs]=Firefox ESR +Name[el]=Firefox ESR +Name[es]=Firefox ESR +Name[fa]=Firefox ESR +Name[fi]=Firefox ESR +Name[fr]=Firefox ESR +Name[hu]=Firefox ESR +Name[it]=Firefox ESR +Name[ja]=Firefox ESR +Name[ko]=Firefox ESR +Name[nb]=Firefox ESR +Name[nl]=Firefox ESR +Name[nn]=Firefox ESR +Name[no]=Firefox ESR +Name[pl]=Firefox ESR +Name[pt]=Firefox ESR +Name[pt_BR]=Firefox ESR +Name[ru]=Firefox ESR +Name[sk]=Firefox ESR +Name[sv]=Firefox ESR +Comment=Browse the World Wide Web +Comment[bg]=Сърфиране в Мрежата +Comment[ca]=Navegueu per el web +Comment[cs]=Prohlížení stránek World Wide Webu +Comment[de]=Im Internet surfen +Comment[el]=Περιηγηθείτε στον παγκόσμιο ιστό +Comment[es]=Navegue por la web +Comment[fa]=صفحات شبکه جهانی اینترنت را مرور نمایید +Comment[fi]=Selaa Internetin WWW-sivuja +Comment[fr]=Navigue sur Internet +Comment[hu]=A világháló böngészése +Comment[it]=Esplora il web +Comment[ja]=ウェブを閲覧します +Comment[ko]=웹을 돌아 다닙니다 +Comment[nb]=Surf på nettet +Comment[nl]=Verken het internet +Comment[nn]=Surf på nettet +Comment[no]=Surf på nettet +Comment[pl]=Przeglądanie stron WWW +Comment[pt]=Navegue na Internet +Comment[pt_BR]=Navegue na Internet +Comment[ru]=Обозреватель Всемирной Паутины +Comment[sk]=Prehliadanie internetu +Comment[sv]=Surfa på webben +GenericName=Web Browser +GenericName[bg]=Интернет браузър +GenericName[ca]=Navegador web +GenericName[cs]=Webový prohlížeč +GenericName[de]=Webbrowser +GenericName[el]=Περιηγητής ιστού +GenericName[es]=Navegador web +GenericName[fa]=مرورگر اینترنتی +GenericName[fi]=WWW-selain +GenericName[fr]=Navigateur Web +GenericName[hu]=Webböngésző +GenericName[it]=Browser Web +GenericName[ja]=ウェブ・ブラウザ +GenericName[ko]=웹 브라우저 +GenericName[nb]=Nettleser +GenericName[nl]=Webbrowser +GenericName[nn]=Nettlesar +GenericName[no]=Nettleser +GenericName[pl]=Przeglądarka WWW +GenericName[pt]=Navegador Web +GenericName[pt_BR]=Navegador Web +GenericName[ru]=Интернет-браузер +GenericName[sk]=Internetový prehliadač +GenericName[sv]=Webbläsare +X-GNOME-FullName=Firefox ESR Web Browser +X-GNOME-FullName[bg]=Интернет браузър (Firefox ESR) +X-GNOME-FullName[ca]=Navegador web Firefox ESR +X-GNOME-FullName[cs]=Firefox ESR Webový prohlížeč +X-GNOME-FullName[el]=Περιηγήτης Ιστού Firefox ESR +X-GNOME-FullName[es]=Navegador web Firefox ESR +X-GNOME-FullName[fa]=مرورگر اینترنتی Firefox ESR +X-GNOME-FullName[fi]=Firefox ESR-selain +X-GNOME-FullName[fr]=Navigateur Web Firefox ESR +X-GNOME-FullName[hu]=Firefox ESR webböngésző +X-GNOME-FullName[it]=Firefox ESR Browser Web +X-GNOME-FullName[ja]=Firefox ESR ウェブ・ブラウザ +X-GNOME-FullName[ko]=Firefox ESR 웹 브라우저 +X-GNOME-FullName[nb]=Firefox ESR Nettleser +X-GNOME-FullName[nl]=Firefox ESR webbrowser +X-GNOME-FullName[nn]=Firefox ESR Nettlesar +X-GNOME-FullName[no]=Firefox ESR Nettleser +X-GNOME-FullName[pl]=Przeglądarka WWW Firefox ESR +X-GNOME-FullName[pt]=Firefox ESR Navegador Web +X-GNOME-FullName[pt_BR]=Navegador Web Firefox ESR +X-GNOME-FullName[ru]=Интернет-браузер Firefox ESR +X-GNOME-FullName[sk]=Internetový prehliadač Firefox ESR +X-GNOME-FullName[sv]=Webbläsaren Firefox ESR +Exec=/usr/lib/firefox-esr/firefox-esr %u --allow-downgrade +Terminal=false +X-MultipleArgs=false +Type=Application +Icon=firefox-esr +Categories=Network;WebBrowser; +MimeType=text/html;text/xml;application/xhtml+xml;application/xml;application/vnd.mozilla.xul+xml;application/rss+xml;application/rdf+xml;image/gif;image/jpeg;image/png;x-scheme-handler/http;x-scheme-handler/https; +StartupWMClass=Firefox-esr +StartupNotify=true diff --git a/roles/lmn_qgm/files/logout.png b/roles/lmn_qgm/files/logout.png new file mode 100644 index 0000000..93302b3 Binary files /dev/null and b/roles/lmn_qgm/files/logout.png differ diff --git a/roles/lmn_qgm/files/qgm-abmelden.desktop b/roles/lmn_qgm/files/qgm-abmelden.desktop new file mode 100644 index 0000000..88bcdcd --- /dev/null +++ b/roles/lmn_qgm/files/qgm-abmelden.desktop @@ -0,0 +1,13 @@ +#!/usr/bin/env xdg-open +[Desktop Entry] +Version=1.0 +Type=Application +Terminal=false +Exec=qdbus org.kde.ksmserver /KSMServer logout 1 0 1 +Name[de_DE]=Abmelden +Name=Abmelden +Icon=/usr/share/icons/logout.png +Hidden=false +Comment= +Path= +StartupNotify=false diff --git a/roles/lmn_qgm/files/qgm-beamersetup.desktop b/roles/lmn_qgm/files/qgm-beamersetup.desktop new file mode 100644 index 0000000..8b695b0 --- /dev/null +++ b/roles/lmn_qgm/files/qgm-beamersetup.desktop @@ -0,0 +1,15 @@ +#!/usr/bin/env xdg-open + +[Desktop Entry] +Version=1.0 +Type=Application +Terminal=false +Exec=BeamerSetup.sh +Name[de_DE]=QG-Beamersetup +Name=QG-Beamersetup +Icon=/usr/share/icons/beamer.png +Hidden=false +Comment= +Path= +StartupNotify=false + diff --git a/roles/lmn_qgm/files/qgm-login.sh b/roles/lmn_qgm/files/qgm-login.sh index dd239c5..e34a982 100644 --- a/roles/lmn_qgm/files/qgm-login.sh +++ b/roles/lmn_qgm/files/qgm-login.sh @@ -1,2 +1,26 @@ [[ "${UID}" -lt 10000 ]] && return + +# Desktop Verzeichnis? +DESKDIR=$(xdg-user-dir DESKTOP) +echo $DESKDIR >> /tmp/login.log + +# Wallpaper kwriteconfig5 --file "$HOME/.config/plasma-org.kde.plasma.desktop-appletsrc" --group 'Containments' --group '1' --group 'Wallpaper' --group 'org.kde.image' --group 'General' --key 'Image' "/usr/local/share/qgm/qgm_background_wallpaper.jpg" || return + +# Beamer-Icon +rm -f $DESKDIR/qgm-beamersetup.desktop +if [[ $(hostname -s) = lt-* || $(hostname -s) = r109-dell16 ]]; then + cp /usr/share/applications/qgm-beamersetup.desktop $DESKDIR/qgm-beamersetup.desktop + chmod 755 $DESKDIR/qgm-beamersetup.desktop +fi + +# Abmelden Knopf +echo "cp /usr/share/applications/qgm-abmelden.desktop $DESKDIR/qgm-abmelden.desktop" >> /tmp/login.log +cp /usr/share/applications/qgm-abmelden.desktop $DESKDIR/qgm-abmelden.desktop +chmod 755 $DESKDIR/qgm-abmelden.desktop + +# user-places löschen, wegen Schuljahreswechsel... +echo "rm $HOME/.local/share/user-places.xbel" >> /tmp/login.log +rm $HOME/.local/share/user-places.xbel + +echo "Done" >> /tmp/login.log diff --git a/roles/lmn_qgm/files/qgm-soundfix.desktop b/roles/lmn_qgm/files/qgm-soundfix.desktop deleted file mode 100644 index b72d7d0..0000000 --- a/roles/lmn_qgm/files/qgm-soundfix.desktop +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/env xdg-open - -[Desktop Entry] -Version=1.0 -Type=Application -Terminal=false -Exec=qgm-soundfix.sh -Name[de_DE]=QG - Ton zum Beamer -Name=QG - Ton zum Beamer -Icon=/usr/share/icons/breeze-dark/emblems/symbolic/emblem-music-symbolic.svg -Hidden=false -Comment= -Path= -StartupNotify=false - diff --git a/roles/lmn_qgm/files/qgm-soundfix.sh b/roles/lmn_qgm/files/qgm-soundfix.sh deleted file mode 100755 index 01ab3fc..0000000 --- a/roles/lmn_qgm/files/qgm-soundfix.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -CARD=$(pactl list cards short | head -n 1 | awk '{print $2}') -pactl set-card-profile $CARD output:hdmi-stereo+input:analog-stereo -HDMISINK=$(pactl list sinks short | grep hdmi | awk '{print $2}') -pactl set-default-sink $HDMISINK diff --git a/roles/lmn_qgm/tasks/base.yml b/roles/lmn_qgm/tasks/base.yml new file mode 100644 index 0000000..d705bd9 --- /dev/null +++ b/roles/lmn_qgm/tasks/base.yml @@ -0,0 +1,273 @@ +--- +######### +# Management: Ansible User benötigt auf den Clients kein +# Passwort für sudo +- name: Enable passwordless sudo access for user ansible + lineinfile: + path: /etc/sudoers + state: present + regexp: '^ansible ALL=' + line: 'ansible ALL=(ALL) NOPASSWD: ALL' + validate: '/usr/sbin/visudo -cf %s' + +######### +# Paketvorkonfigurationen +- name: Preseed ttf-mscorefonts-installer + ansible.builtin.debconf: + name: ttf-mscorefonts-installer + question: msttcorefonts/dlurl + value: "{{ mirror_msfonts }}" + vtype: string + when: mirror_msfonts is defined and mirror_msfonts | length > 0 + +- name: Preseed libdvd-pkg + ansible.builtin.debconf: + name: libdvd-pkg + question: libdvd-pkg/build + value: "true" + vtype: boolean + ansible.builtin.debconf: + name: libdvd-pkg + question: libdvd-pkg/post-invoke_hook-install + value: "true" + vtype: boolean + ansible.builtin.debconf: + name: libdvd-pkg + question: libdvd-pkg/post-invoke_hook-remove + value: "false" + vtype: boolean + +######### +# Softwareauswahl +- name: Install desktop EDU packages and some more + apt: + name: + - curl + - git + - gitg + - gitk + - lshw + - libnotify-bin ## needed for pwroff script + - neovim + - net-tools + - ethtool + - netcat-openbsd + - nmap + - tmux + - hexyl + - meld + - tree + - hashcat + - ttf-mscorefonts-installer + - libdvd-pkg + - handbrake + - firmware-intel-sound + - cura + - filius + - wine + - kdenlive + - terminator + - geany + autoremove: true + state: latest + environment: + http_proxy: '' # this is needed to avoid ttf-mscorefonts-installer picking up aptcacher + +######### +# libdvdcss muss gebaut werden +# Optimierungspotential: Einmal bauen und über netboot +# die Pakete verteilen geht wahrscheinlich schneller + +- name: Build libdvdcss + ansible.builtin.shell: + cmd: dpkg-reconfigure -f noninteractive libdvd-pkg + +######### +# Den cups-browsed will ich gar nicht haben, nicht +# nur disablen. +- name: Remove cups-browsed + ansible.builtin.apt: + name: cups-browsed + state: absent + + +######### +# Das Skript, das beim Userlogin ausgeführt wird +# Setzt derzeit nur den Hintergrund zurück - nicht bei der +# allerersten Anmeldung eines Nutzers, weil es da die KDE Config noch +# nicht gibt. + +- name: Copy qgm-login.sh for misc login Tasks + copy: + src: files/qgm-login.sh + dest: /etc/profile.d/qgm-login.sh + mode: '0644' + owner: root + group: root + +######### +# Anpassungen an KDE +# - Doppelklick zum öffnen von Dateien +# - Style aug breeze fetstackern +# - Kein Benutzerwechsel +# - Kein Lockscreen +# - Keine neue Session +# - Login Session immer leer starten, nicht die laufenden Anwendungen merken + +- name: Set mandatory KDE settings + ansible.builtin.copy: + dest: /etc/xdg/kdeglobals + content: | + [KDE][$i] + SingleClick=false + widgetStyle=breeze + + [KDE Action Restrictions][$i] + action/switch_user=false + action/lock_screen=false + action/start_new_session=false + + [General][$i] + loginMode=emptySession + +######### +# Screen Locking abschalten, Mittelstufenschüler... +- name: Disable screen locking + ansible.builtin.copy: + dest: /etc/xdg/kscreenlockerrc + content: | + [Daemon][$i] + Autolock=false + LockOnResume=false + + [Greeter][Wallpaper][org.kde.image][General] + Image=file:///usr/local/share/qgm/qgm_background.jpg + +######## +# Logout beschleunigen +- name: Wartezeit nach KDE nach Logout/Shutdown verkürzen + ansible.builtin.replace: + path: /usr/share/plasma/look-and-feel/org.kde.breeze.desktop/contents/logout/Logout.qml + regexp: '^(\s+)property real timeout:.*$' + replace: '\1property real timeout: 4' + +######## +# Wayland abschalten, Standardsession X11 +# SDDM hat (noch) keine Option, die Standardsession vorzugeben +# Bei einem "normalen" System, merkt er sich die letzte Sitzung, die +# der Nutzer wählt für künftige Anmeldungen, das klappt im Netz nicht. +# Die Session Liste baut er alphabetisch zusammen aus den desktop-Dateien +# in den Verzeichnissen /usr/share/wayland-sessions und /usr/share/xsessions/ +# der erste Eintrag ist Standard - und das ist leider eben immer die Sitzung in +# wayland-sessions. Darum: Weg damit ;) + +- name: Disable wayland session systemwide + ansible.builtin.file: + path: /usr/share/wayland-sessions/plasmawayland.desktop + state: absent + + +######### +# plasma-discover ist der grafische Paketmamanger +# der stürzt nur ab und die Bejutzer können eh +# nichts selbst installieren +- name: Remove plasma-discover + ansible.builtin.apt: + name: plasma-discover + state: absent + +######### +# Anpassungen für Arduino +# - modemmanager dinstallieren, soll die Probleme mit wechselnden +# Device Namen lössen (ungetestet) +# - Udev-Rule, so dass die Devices mit 0666 angelegt werden, wie +# Warnung des Debian Pakets "arduino" wegen der dialout Gruppe +# bleiben leider. + +- name: Remove modemmanager to fix arduino problems + ansible.builtin.apt: + name: modemmanager + state: absent + +- name: Copy arduino udev rule + copy: + src: files/52-arduino.rules + dest: /etc/udev/rules.d/52-arduino.rules + mode: '0644' + owner: root + group: root + +- name: reload udev rules + ansible.builtin.command: udevadm control --reload-rules + +- name: trigger udev update + ansible.builtin.command: udevadm trigger + + +######### +# Firefox ESR Anpassungen +# Lesezeichen und Startseite müssen in der +# Datei firefox_policies.json für die eigene Schule +# angepasst werden. +- name: Create firefox policies directory + ansible.builtin.file: + path: /etc/firefox-esr/policies + state: directory + mode: '0755' + +- name: Create a symbolic link firefox to firefox-esr + ansible.builtin.file: + src: /etc/firefox-esr + dest: /etc/firefox + state: link + +- name: Copy firefox policy + ansible.builtin.copy: + src: firefox_policies.json + dest: /etc/firefox-esr/policies/policies.json + +- name: Remove wrongly copied policies file + ansible.builtin.file: + path: /etc/firefox-esr/policies/firefox_policies.json + state: absent + +########## +# Enable WOL +# +- name: Enable WOL + ansible.builtin.command: ethtool -s {{ ansible_default_ipv4.interface }} wol g + +- name: Copy 81-wol.rules to target + copy: + src: 81-wol.rules + dest: /etc/udev/rules.d/81-wol.rules + mode: '0644' + owner: root + group: root + +- name: Copy qgm-abmelden.desktop + copy: + src: qgm-abmelden.desktop + dest: /usr/share/applications/qgm-abmelden.desktop + mode: '0755' + owner: root + group: root + +- name: Copy modified Forefox Starter + copy: + src: firefox-esr.desktop + dest: /usr/share/applications/firefox-esr.desktop + mode: '0644' + owner: root + group: root + +- name: Copy logout icon + copy: + src: logout.png + dest: /usr/share/icons/logout.png + mode: '0644' + owner: root + group: root + + + diff --git a/roles/lmn_qgm/tasks/beamerscript.yml b/roles/lmn_qgm/tasks/beamerscript.yml new file mode 100644 index 0000000..bc3f80e --- /dev/null +++ b/roles/lmn_qgm/tasks/beamerscript.yml @@ -0,0 +1,41 @@ +########## +# Laptop Skripte +# +# Copy Beamer +- name: Copy BeamerSetup.sh + copy: + src: BeamerSetup.sh + dest: /usr/local/bin/BeamerSetup.sh + mode: '0755' + owner: root + group: root + +- name: Copy qgm-beamersetup.desktop + copy: + src: qgm-beamersetup.desktop + dest: /usr/share/applications/qgm-beamersetup.desktop + mode: '0644' + owner: root + group: root + +- name: Copy icon + copy: + src: beamer.png + dest: /usr/share/icons/beamer.png + mode: '0644' + owner: root + group: root + +# Remove old scripts +- name: Remove qgm-soudfix.sh + file: + path: /usr/local/bin/qgm-soundfix.sh + state: absent + +- name: Delete qgm-soudfix.desktop + file: + path: /usr/share/applications/qgm-soundfix.desktop + state: absent + + + diff --git a/roles/lmn_qgm/tasks/main.yml b/roles/lmn_qgm/tasks/main.yml index 9e146ca..d4da06d 100644 --- a/roles/lmn_qgm/tasks/main.yml +++ b/roles/lmn_qgm/tasks/main.yml @@ -1,288 +1,14 @@ --- -######### -# Management: Ansible User benötigt auf den Clients kein -# Passwort für sudo -- name: Enable passwordless sudo access for user ansible - lineinfile: - path: /etc/sudoers - state: present - regexp: '^ansible ALL=' - line: 'ansible ALL=(ALL) NOPASSWD: ALL' - validate: '/usr/sbin/visudo -cf %s' +- name: Base configuration for all hosts + import_tasks: + file: base.yml -- name: Gather the package facts - ansible.builtin.package_facts: - manager: auto +- name: Fix sound on lt- hosts + import_tasks: + file: soundfix.yml + when: "'lt-' in inventory_hostname" -######### -# Paketvorkonfigurationen -- name: Preseed ttf-mscorefonts-installer - ansible.builtin.debconf: - name: ttf-mscorefonts-installer - question: msttcorefonts/dlurl - value: "{{ mirror_msfonts }}" - vtype: string - when: mirror_msfonts is defined and mirror_msfonts | length > 0 - -- name: Preseed libdvd-pkg - ansible.builtin.debconf: - name: libdvd-pkg - question: libdvd-pkg/build - value: "true" - vtype: boolean - ansible.builtin.debconf: - name: libdvd-pkg - question: libdvd-pkg/post-invoke_hook-install - value: "true" - vtype: boolean - ansible.builtin.debconf: - name: libdvd-pkg - question: libdvd-pkg/post-invoke_hook-remove - value: "false" - vtype: boolean - -######### -# Softwareauswahl -- name: Install desktop EDU packages and some more - apt: - name: - - curl - - git - - gitg - - gitk - - libnotify-bin ## needed for pwroff script - - neovim - - net-tools - - ethtool - - netcat-openbsd - - nmap - - tmux - - tree - - ttf-mscorefonts-installer - - libdvd-pkg - - handbrake - - slic3r-prusa - - filius - - wine - autoremove: true - state: latest - environment: - http_proxy: '' # this is needed to avoid ttf-mscorefonts-installer picking up aptcacher - -######### -# libdvdcss muss gebaut werden -# Optimierungspotential: Einmal bauen und über netboot -# die Pakete verteilen geht wahrscheinlich schneller - -- name: Build libdvdcss - ansible.builtin.shell: - cmd: dpkg-reconfigure -f noninteractive libdvd-pkg - -######### -# Den cups-browsed will ich gar nicht haben, nicht -# nur disablen. -- name: Remove cups-browsed - ansible.builtin.apt: - name: cups-browsed - state: absent - - -######### -# Das Skript, das beim Userlogin ausgeführt wird -# Setzt derzeit nur den Hintergrund zurück - nicht bei der -# allerersten Anmeldung eines Nutzers, weil es da die KDE Config noch -# nicht gibt. - -- name: Copy qgm-login.sh for misc login Tasks - copy: - src: files/qgm-login.sh - dest: /etc/profile.d/qgm-login.sh - mode: '0644' - owner: root - group: root - -######### -# Anpassungen an KDE -# - Doppelklick zum öffnen von Dateien -# - Style aug breeze fetstackern -# - Kein Benutzerwechsel -# - Kein Lockscreen -# - Keine neue Session - -- name: Set mandatory KDE settings - ansible.builtin.copy: - dest: /etc/xdg/kdeglobals - content: | - [KDE][$i] - SingleClick=false - widgetStyle=breeze - - [KDE Action Restrictions][$i] - action/switch_user=false - action/lock_screen=false - action/start_new_session=false - -######### -# Screen Locking abschalten, Mittelstufenschüler... -- name: Disable screen locking - ansible.builtin.copy: - dest: /etc/xdg/kscreenlockerrc - content: | - [Daemon][$i] - Autolock=false - LockOnResume=false - - [Greeter][Wallpaper][org.kde.image][General] - Image=file:///usr/local/share/qgm/qgm_background.jpg - -######## -# Logout beschleunigen -- name: Wartezeit nach KDE nach Logout/Shutdown verkürzen - ansible.builtin.replace: - path: /usr/share/plasma/look-and-feel/org.kde.breeze.desktop/contents/logout/Logout.qml - regexp: '^(\s+)property real timeout:.*$' - replace: '\1property real timeout: 4' - -######## -# Wayland abschalten, Standardsession X11 -# SDDM hat (noch) keine Option, die Standardsession vorzugeben -# Bei einem "normalen" System, merkt er sich die letzte Sitzung, die -# der Nutzer wählt für künftige Anmeldungen, das klappt im Netz nicht. -# Die Session Liste baut er alphabetisch zusammen aus den desktop-Dateien -# in den Verzeichnissen /usr/share/wayland-sessions und /usr/share/xsessions/ -# der erste Eintrag ist Standard - und das ist leider eben immer die Sitzung in -# wayland-sessions. Darum: Weg damit ;) - -- name: Disable wayland session systemwide - ansible.builtin.file: - path: /usr/share/wayland-sessions/plasmawayland.desktop - state: absent - - -######### -# plasma-discover ist der grafische Paketmamanger -# der stürzt nur ab und die Bejutzer können eh -# nichts selbst installieren -- name: Remove plasma-discover - ansible.builtin.apt: - name: plasma-discover - state: absent - -######### -# Greenfoot und BlueJ. -# Müssen einmalig auf den netboot Server -# in den http Cache geschoben werden. -# Siehe Script im Repo. - -- name: Determine installed bluej version - set_fact: - bluej_installed_version: "{{ bluej_target_version if ansible_facts.packages['bluej'][0]['version'] is defined else 0 }}" - -- name: Install bluej if necessary - ansible.builtin.apt: - deb: "{{ mirror_javadev }}/bluej.deb" - when: (mirror_javadev is defined and mirror_javadev | length > 0) and - (bluej_target_version is defined and bluej_target_version | length > 0 ) and - (bluej_installed_version != bluej_target_version ) - -- name: Determine installed greenfoot version - set_fact: - greenfoot_installed_version: "{{ greenfoot_target_version if ansible_facts.packages['greenfoot'][0]['version'] is defined else 0 }}" - -- name: Install greenfoot if necessary - ansible.builtin.apt: - deb: "{{ mirror_javadev }}/greenfoot.deb" - when: (mirror_javadev is defined and mirror_javadev | length > 0) and - (greenfoot_target_version is defined and greenfoot_target_version | length > 0 ) and - (greenfoot_installed_version != greenfoot_target_version ) - -######### -# Anpassungen für Arduino -# - modemmanager dinstallieren, soll die Probleme mit wechselnden -# Device Namen lössen (ungetestet) -# - Udev-Rule, so dass die Devices mit 0666 angelegt werden, wie -# Warnung des Debian Pakets "arduino" wegen der dialout Gruppe -# bleiben leider. - -- name: Remove modemmanager to fix arduino problems - ansible.builtin.apt: - name: modemmanager - state: absent - -- name: Copy arduino udev rule - copy: - src: files/52-arduino.rules - dest: /etc/udev/rules.d/52-arduino.rules - mode: '0644' - owner: root - group: root - -- name: reload udev rules - ansible.builtin.command: udevadm control --reload-rules - -- name: trigger udev update - ansible.builtin.command: udevadm trigger - - -######### -# Firefox ESR Anpassungen -# Lesezeichen und Startseite müssen in der -# Datei firefox_policies.json für die eigene Schule -# angepasst werden. -- name: Create firefox policies directory - ansible.builtin.file: - path: /etc/firefox-esr/policies - state: directory - mode: '0755' - -- name: Create a symbolic link firefox to firefox-esr - ansible.builtin.file: - src: /etc/firefox-esr - dest: /etc/firefox - state: link - -- name: Copy firefox policy - ansible.builtin.copy: - src: firefox_policies.json - dest: /etc/firefox-esr/policies/policies.json - -- name: Remove wrongly copied policies file - ansible.builtin.file: - path: /etc/firefox-esr/policies/firefox_policies.json - state: absent - -########## -# Enable WOL -# -- name: Enable WOL - ansible.builtin.command: ethtool -s {{ ansible_default_ipv4.interface }} wol g - -- name: Copy 81-wol.rules to target - copy: - src: 81-wol.rules - dest: /etc/udev/rules.d/81-wol.rules - mode: '0644' - owner: root - group: root - -########## -# Laptop Skripte -# -- name: Copy qgm-soudfix.sh - copy: - src: qgm-soundfix.sh - dest: /usr/local/bin/qgm-soundfix.sh - mode: '0755' - owner: root - group: root - -- name: Copy qgm-soudfix.desktop - copy: - src: qgm-soundfix.desktop - dest: /usr/share/applications/qgm-soundfix.desktop - mode: '0644' - owner: root - group: root - - - +- name: Copy Beamerscript to lt- hosts + import_tasks: + file: beamerscript.yml + when: "'lt-' in inventory_hostname" diff --git a/roles/lmn_qgm/tasks/soundfix.yml b/roles/lmn_qgm/tasks/soundfix.yml new file mode 100644 index 0000000..020d8b6 --- /dev/null +++ b/roles/lmn_qgm/tasks/soundfix.yml @@ -0,0 +1,11 @@ +--- +# Probleme mit akgehackten Ton über HDMI an +# den Laptops in den Klassenzimmern +# ACHTUNG: Beddingung hostname muss mit lt- beginnen. +- name: Fix stuttering sound on HDMI + lineinfile: + dest: /etc/default/grub + regexp: '^(GRUB_CMDLINE_LINUX=).*' + line: '\g<1>"intel_iommu=on,igfx_off"' + backrefs: yes + notify: Run update-grub diff --git a/roles/lmn_qgsddm/files/qgm_background.jpg b/roles/lmn_qgsddm/files/qgm_background.jpg index a99fa4c..a7f1314 100644 Binary files a/roles/lmn_qgsddm/files/qgm_background.jpg and b/roles/lmn_qgsddm/files/qgm_background.jpg differ diff --git a/roles/lmn_qgsddm/files/qgm_background_wallpaper.jpg b/roles/lmn_qgsddm/files/qgm_background_wallpaper.jpg index f6f9488..991ef13 100644 Binary files a/roles/lmn_qgsddm/files/qgm_background_wallpaper.jpg and b/roles/lmn_qgsddm/files/qgm_background_wallpaper.jpg differ diff --git a/roles/lmn_qgsoftware/files/logseq.png b/roles/lmn_qgsoftware/files/logseq.png new file mode 100644 index 0000000..7b12837 Binary files /dev/null and b/roles/lmn_qgsoftware/files/logseq.png differ diff --git a/roles/lmn_qgsoftware/files/prusaslicer.png b/roles/lmn_qgsoftware/files/prusaslicer.png new file mode 100644 index 0000000..a667be3 Binary files /dev/null and b/roles/lmn_qgsoftware/files/prusaslicer.png differ diff --git a/roles/lmn_qgsoftware/files/qg.appimage.ArduinoIDE2.desktop b/roles/lmn_qgsoftware/files/qg.appimage.ArduinoIDE2.desktop new file mode 100644 index 0000000..f498c8f --- /dev/null +++ b/roles/lmn_qgsoftware/files/qg.appimage.ArduinoIDE2.desktop @@ -0,0 +1,13 @@ +[Desktop Entry] +Name=Arduino IDE2 AppImage +Comment=Open-source electronics prototyping platform +GenericName=Arduino IDE +Exec=unset -v https_proxy http_proxy && . /opt/appimages/arduino2/start-arduino2-appimage %f > /tmp/arduinoAppimage.log 2>&1 +Icon=arduino +Type=Application +Terminal=false +Categories=Development;Engineering;Electronics;IDE; +MimeType=text/x-arduino +Keywords=embedded electronics;electronics;avr;microcontroller; +StartupWMClass=processing-app-Base + diff --git a/roles/lmn_qgsoftware/files/qg.appimage.FreeCAD.desktop b/roles/lmn_qgsoftware/files/qg.appimage.FreeCAD.desktop new file mode 100644 index 0000000..dfb3dc0 --- /dev/null +++ b/roles/lmn_qgsoftware/files/qg.appimage.FreeCAD.desktop @@ -0,0 +1,19 @@ +[Desktop Entry] +Name=FreeCAD Appimage +Name[de]=FreeCAD Appimage +Name[pl]=FreeCAD Appimage +Name[ru]=FreeCAD Appimage +Comment=Feature based Parametric Modeler Appimage +Comment[de]=Feature-basierter parametrischer Modellierer Appimage +Comment[ru]=Система автоматизированного проектирования Appimage +GenericName=CAD Application Appimage +GenericName[de]=CAD-Anwendung Appimage +GenericName[pl]=Aplikacja CAD Appimage +GenericName[ru]=Система автоматизированного проектирования Appimage +Exec=/opt/appimages/freecad/FreeCAD.AppImage - --single-instance %F +Terminal=false +Type=Application +Icon=org.freecadweb.FreeCAD +Categories=Graphics;Science;Education;Engineering; +StartupNotify=true +MimeType=application/x-extension-fcstd;model/obj;model/iges;image/vnd.dwg;image/vnd.dxf;model/vnd.collada+xml;application/iges;model/iges;model/step;model/step+zip;model/stl;application/vnd.shp;model/vrml; diff --git a/roles/lmn_qgsoftware/files/qg.appimage.Logseq.desktop b/roles/lmn_qgsoftware/files/qg.appimage.Logseq.desktop new file mode 100644 index 0000000..ac85aa7 --- /dev/null +++ b/roles/lmn_qgsoftware/files/qg.appimage.Logseq.desktop @@ -0,0 +1,10 @@ +[Desktop Entry] +Encoding=UTF-8 +Name=Logseq +Comment=Logseq for Desktop +Exec=/opt/appimages/logseq/Logseq.AppImage $SANDBOXPARAM %u +Icon=logseq +StartupWMClass=undefined +Type=Application +Categories=Office; +MimeType=x-scheme-handler/logseq;text/html; diff --git a/roles/lmn_qgsoftware/files/qg.appimage.PrusaSlicer.desktop b/roles/lmn_qgsoftware/files/qg.appimage.PrusaSlicer.desktop new file mode 100644 index 0000000..3530f51 --- /dev/null +++ b/roles/lmn_qgsoftware/files/qg.appimage.PrusaSlicer.desktop @@ -0,0 +1,13 @@ +[Desktop Entry] +Name=Prusa Slicer Appimage +Name[de]=Prusa Slicer Appimage +Name[pl]=Prusa Slicer Appimage +Comment=Slicer for 3d Printing +GenericName=Slicing App Image +Exec=/opt/appimages/prusaslicer/PrusaSlicer.AppImage +Terminal=false +Type=Application +Icon=prusaslicer +Categories=Graphics;Science;Education;Engineering; +StartupNotify=true +MimeType=application/x-extension-fcstd;model/obj;model/iges;image/vnd.dwg;image/vnd.dxf;model/vnd.collada+xml;application/iges;model/iges;model/step;model/step+zip;model/stl;application/vnd.shp;model/vrml; diff --git a/roles/lmn_qgsoftware/files/start-arduino2-appimage b/roles/lmn_qgsoftware/files/start-arduino2-appimage new file mode 100755 index 0000000..8613c89 --- /dev/null +++ b/roles/lmn_qgsoftware/files/start-arduino2-appimage @@ -0,0 +1,16 @@ +echo "---------------------" +cachedir=/var/cache/user/${KDE_SESSION_UID}/arduino15 +echo "Cachedir: $cachedir" +echo "---------------------" +template=/var/lib/arduino2/template +arduinoAppimage=/opt/appimages/arduino2/ArduinoIDE2.AppImage + +mkdir -p $cachedir + +rsync -avr --delete $template/ $cachedir/ > /dev/null 2>&1 +rm -rf ${HOME}/.arduino15 +ln -s $cachedir ${HOME}/.arduino15 + +$arduinoAppimage $1 & + + diff --git a/roles/lmn_qgsoftware/tasks/install.yml b/roles/lmn_qgsoftware/tasks/install.yml new file mode 100644 index 0000000..d23f3e3 --- /dev/null +++ b/roles/lmn_qgsoftware/tasks/install.yml @@ -0,0 +1,196 @@ +--- +######### +# Greenfoot und BlueJ. + +- name: Determine installed bluej version + shell: "dpkg -l bluej 2> /dev/null | grep ii | awk '{print $3}'" + register: command_output +- set_fact: + bluej_installed_version: "{{ command_output.stdout }}" + +- name: Determine installed greenfoot version + shell: "dpkg -l greenfoot 2> /dev/null | grep ii | awk '{print $3}'" + register: command_output +- set_fact: + greenfoot_installed_version: "{{ command_output.stdout }}" + +- name: Install bluej if necessary + ansible.builtin.apt: + deb: "{{ mirror_javadev }}/bluej-{{ bluej_target_version }}.deb" + when: (mirror_javadev is defined and mirror_javadev | length > 0) and + (bluej_target_version is defined and bluej_target_version | length > 0 ) and + (bluej_installed_version != bluej_target_version ) + +- name: Install greenfoot if necessary + ansible.builtin.apt: + deb: "{{ mirror_javadev }}/greenfoot-{{ greenfoot_target_version }}.deb" + when: (mirror_javadev is defined and mirror_javadev | length > 0) and + (greenfoot_target_version is defined and greenfoot_target_version | length > 0 ) and + (greenfoot_installed_version != greenfoot_target_version ) + +######## +# FreeCAD AppImage +# +- name: Make sure target dir exists + ansible.builtin.file: + path: /opt/appimages/freecad/ + state: directory + recurse: yes + owner: root + group: root + mode: '0755' + +- name: Download FreeCAD AppImage from Cache + ansible.builtin.get_url: + url: "{{ mirror_appimage }}/FreeCAD.AppImage" + dest: /opt/appimages/freecad/FreeCAD.AppImage + mode: '0755' + +- name: Copy desktop freecad starter file to target + copy: + src: files/qg.appimage.FreeCAD.desktop + dest: /usr/share/applications/qg.appimage.FreeCAD.desktop + mode: '0644' + owner: root + group: root + +######## +# Arduino2 AppImage +# +- name: Make sure target dir exists + ansible.builtin.file: + path: /opt/appimages/arduino2/ + state: directory + recurse: yes + owner: root + group: root + mode: '0755' + +- name: Make sure lib dir for template exists + ansible.builtin.file: + path: /var/lib/arduino2 + state: directory + recurse: yes + owner: root + group: root + mode: '0755' + +- name: Download Arduino2 AppImage from Cache + ansible.builtin.get_url: + url: "{{ mirror_appimage }}/ArduinoIDE2.AppImage" + dest: /opt/appimages/arduino2/ArduinoIDE2.AppImage + mode: '0755' + +- name: Copy desktop arduino2 starter file to target + copy: + src: files/qg.appimage.ArduinoIDE2.desktop + dest: /usr/share/applications/qg.appimage.ArduinoIDE2.desktop + mode: '0644' + owner: root + group: root + +- name: Copy arduino Appimage start Script to target + copy: + src: files/start-arduino2-appimage + dest: /opt/appimages/arduino2/start-arduino2-appimage + mode: '0755' + owner: root + group: root + +- name: Delete arduino15 template + ansible.builtin.file: + state: absent + path: /var/lib/arduino2/template + +- name: Extract up to date arduino15 template to target + ansible.builtin.unarchive: + src: "{{ mirror_appimage }}/ArduinoIDE2-template.zip" + dest: /var/lib/arduino2/ + remote_src: yes + +######## +# Prusa Slicer AppImage +# +- name: Make sure target dir exists + ansible.builtin.file: + path: /opt/appimages/prusaslicer/ + state: directory + recurse: yes + owner: root + group: root + mode: '0755' + +- name: Download PrusaSlicer AppImage from Cache + ansible.builtin.get_url: + url: "{{ mirror_appimage }}/PrusaSlicer.AppImage" + dest: /opt/appimages/prusaslicer/PrusaSlicer.AppImage + mode: '0755' + +- name: Copy desktop PrusaSlicer starter file to target + copy: + src: files/qg.appimage.PrusaSlicer.desktop + dest: /usr/share/applications/qg.appimage.PrusaSlicer.desktop + mode: '0644' + owner: root + +- name: Copy desktop Prusaslicer icon file to target + copy: + src: files/prusaslicer.png + dest: /usr/share/icons/prusaslicer.png + mode: '0644' + owner: root + group: root + group: root + + +######## +# Logseq AppImage +# +- name: Make sure target dir for logseq exists + ansible.builtin.file: + path: /opt/appimages/logseq/ + state: directory + recurse: yes + owner: root + group: root + mode: '0755' + +- name: Download logseq AppImage from Cache + ansible.builtin.get_url: + url: "{{ mirror_appimage }}/Logseq.AppImage" + dest: /opt/appimages/logseq/Logseq.AppImage + mode: '0755' + +- name: Copy desktop logseq starter file to target + copy: + src: files/qg.appimage.Logseq.desktop + dest: /usr/share/applications/qg.appimage.Logseq.desktop + mode: '0644' + owner: root + group: root + +- name: Copy desktop logseq icon file to target + copy: + src: files/logseq.png + dest: /usr/share/icons/logseq.png + mode: '0644' + owner: root + group: root + +######## +# Digital als tarpack +# +- name: Unpack digital.zip to target + ansible.builtin.unarchive: + src: "{{ tarpack_digital }}" + dest: / + remote_src: yes + when: tarpack_digital is defined and tarpack_digital | length > 0 + + +####### +# Scratch +- name: Install scratch + ansible.builtin.apt: + deb: "{{ mirror_debs }}/{{ scratch_install_name }}" + diff --git a/roles/lmn_qgsoftware/tasks/main.yml b/roles/lmn_qgsoftware/tasks/main.yml new file mode 100644 index 0000000..ad5591a --- /dev/null +++ b/roles/lmn_qgsoftware/tasks/main.yml @@ -0,0 +1,8 @@ +--- +- name: Install additional software + import_tasks: + file: install.yml + +- name: Remove unwanted software + import_tasks: + file: remove.yml diff --git a/roles/lmn_qgsoftware/tasks/remove.yml b/roles/lmn_qgsoftware/tasks/remove.yml new file mode 100644 index 0000000..cb3f726 --- /dev/null +++ b/roles/lmn_qgsoftware/tasks/remove.yml @@ -0,0 +1,8 @@ +--- +####### +# Uninstall KDE-Connect +- name: Uninstall KDe Connect + apt: + name: kdeconnect + state: absent + diff --git a/roles/lmn_sssd/tasks/main.yml b/roles/lmn_sssd/tasks/main.yml index 082af5c..2c468ff 100644 --- a/roles/lmn_sssd/tasks/main.yml +++ b/roles/lmn_sssd/tasks/main.yml @@ -18,8 +18,9 @@ - name: join the domain shell: cmd: > - echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') }}" | + echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') + joinpw | default('') }}" | adcli join --stdin-password -U global-admin {{ domain | upper }} when: > ansible_cmdline.adpw | default('') | length > 0 or - adpw.user_input | default('') | length > 0 + adpw.user_input | default('') | length > 0 or + joinpw | default('') | length > 0 diff --git a/roles/qgm_updatecache/files/qg.appimage.FreeCAD.desktop b/roles/qgm_updatecache/files/qg.appimage.FreeCAD.desktop new file mode 100644 index 0000000..dfb3dc0 --- /dev/null +++ b/roles/qgm_updatecache/files/qg.appimage.FreeCAD.desktop @@ -0,0 +1,19 @@ +[Desktop Entry] +Name=FreeCAD Appimage +Name[de]=FreeCAD Appimage +Name[pl]=FreeCAD Appimage +Name[ru]=FreeCAD Appimage +Comment=Feature based Parametric Modeler Appimage +Comment[de]=Feature-basierter parametrischer Modellierer Appimage +Comment[ru]=Система автоматизированного проектирования Appimage +GenericName=CAD Application Appimage +GenericName[de]=CAD-Anwendung Appimage +GenericName[pl]=Aplikacja CAD Appimage +GenericName[ru]=Система автоматизированного проектирования Appimage +Exec=/opt/appimages/freecad/FreeCAD.AppImage - --single-instance %F +Terminal=false +Type=Application +Icon=org.freecadweb.FreeCAD +Categories=Graphics;Science;Education;Engineering; +StartupNotify=true +MimeType=application/x-extension-fcstd;model/obj;model/iges;image/vnd.dwg;image/vnd.dxf;model/vnd.collada+xml;application/iges;model/iges;model/step;model/step+zip;model/stl;application/vnd.shp;model/vrml; diff --git a/roles/qgm_updatecache/tasks/download.yml b/roles/qgm_updatecache/tasks/download.yml new file mode 100644 index 0000000..df25b12 --- /dev/null +++ b/roles/qgm_updatecache/tasks/download.yml @@ -0,0 +1,111 @@ +--- +- name: Create greenfoot/bluej version strings w/o points + set_fact: + bluejVersion: "{{ bluej_target_version | replace('.','.') }}" + greenfootVersion: "{{ greenfoot_target_version | replace('.','') }}" + +- name: Get download URIs + set_fact: + bluejURI: "{{ bluej_src_uri | replace ('VERSION', bluejVersion) }}" + greenfootURI: "{{ greenfoot_src_uri | replace ('VERSION', greenfootVersion) }}" + +- name: Create target filenames + set_fact: + bluejTargetFile: /var/www/html/javadev/bluej-{{ bluej_target_version }}.deb + greenfootTargetFile: /var/www/html/javadev/greenfoot-{{ greenfoot_target_version }}.deb + +- name: Check if greenfoot target-file exists + delegate_to: localhost + stat: + path: "{{ greenfootTargetFile }}" + register: gftf + +- name: Check if bluej target-file exists + delegate_to: localhost + stat: + path: "{{ bluejTargetFile }}" + register: bjtf + +- name: Download Greenfoot + delegate_to: localhost + command: wget {{ greenfootURI }} -O {{ greenfootTargetFile }} + when: not gftf.stat.exists + +- name: Download Bluej + delegate_to: localhost + command: wget {{ bluejURI }} -O {{ bluejTargetFile }} + when: not bjtf.stat.exists + +#### Freecad +- name: Check if freecad target-file exists + delegate_to: localhost + stat: + path: "{{ freecadTargetFile }}" + register: fctf + +- name: Download FreeCAD AppImage + delegate_to: localhost + command: wget {{ freecadFullURI }} -O {{ freecadTargetFile }} + when: not fctf.stat.exists + +#### Arduino +- name: Check if arduino2 target-file exists + delegate_to: localhost + stat: + path: "{{ arduinoTargetFile }}" + register: artf + +- name: Download Arduino AppImage + delegate_to: localhost + command: wget {{ arduinoFullURI }} -O {{ arduinoTargetFile }} + when: not artf.stat.exists + +#### Prusa Slicer +- name: Check if PrusaSlicer target-file exists + delegate_to: localhost + stat: + path: "{{ prusaTargetFile }}" + register: prtf + +- name: Create unzip dir for prusaslicer + ansible.builtin.file: + path: /tmp/prusaslicer.tmp + state: directory + +- name: Download and unpack PrusaSlicer Zip-Archive + delegate_to: localhost + unarchive: + src: "{{ prusaFullURI }}" + dest: /tmp/prusaslicer.tmp + remote_src: yes + when: not prtf.stat.exists + +- name: Copy Prusyslicer Appimage to cache + copy: + src: "{{ item }}" + dest: "{{ prusaTargetFile }}" + with_fileglob: + - "/tmp/prusaslicer.tmp/*newer-distros*" + +##command: wget {{ prusaFullURI }} -O /tmp/prusaslicer.zip + +###{{ freecadTargetFile }} + +#### Logseq + +- name: Check if logseq target-file exists + delegate_to: localhost + stat: + path: "{{ logseqTargetFile }}" + register: lstf + +- name: Download logseq AppImage + delegate_to: localhost + command: wget {{ logseqFullURI }} -O {{ logseqTargetFile }} + when: not lstf.stat.exists + +### Scratch offline + +- name: Download Scratch Offline deb + delegate_to: localhost + command: wget {{ scratch_src_uri }} -O /var/www/html/debs/{{ scratch_install_name }} diff --git a/roles/qgm_updatecache/tasks/main.yml b/roles/qgm_updatecache/tasks/main.yml new file mode 100644 index 0000000..85998aa --- /dev/null +++ b/roles/qgm_updatecache/tasks/main.yml @@ -0,0 +1,4 @@ +--- +- name: Download additional software + import_tasks: + file: download.yml diff --git a/roles/qgm_vpdisplay/tasks/main.yml b/roles/qgm_vpdisplay/tasks/main.yml deleted file mode 100644 index ce591ac..0000000 --- a/roles/qgm_vpdisplay/tasks/main.yml +++ /dev/null @@ -1,70 +0,0 @@ - vars_files: - - settings.vault - - vars: - packages: - - vim - - firefox-esr - - i3 - - xorg - - git - - unclutter - - tasks: - - name: "Install needed Packages" - apt: - pkg: - "{{ packages }}" - - - name: "change line in systemd config for autologin" - lineinfile: - path: "/etc/systemd/system/getty.target.wants/getty@tty1.service" - regexp: "ExecStart=-/sbin/agetty" - line: "ExecStart=-/sbin/agetty --noclear --autologin vp %I $TERM" - - - name: "Copy .profile for startx" - copy: - src: "files/dot.profile" - dest: "/home/vp/.profile" - owner: vp - group: vp - mode: 0755 - - - name: "Create i3 config dir" - file: - path: "/home/vp/.config/i3" - state: directory - owner: vp - group: vp - mode: '0755' - - - name: "Copy i3 config" - copy: - src: "files/i3.config" - dest: "/home/vp/.config/i3/config" - owner: vp - group: vp - mode: 0644 - - - name: "Get vplan display repo" - git: - repo: "https://gitea.schule.social/QG-VP-Dev/VP-Screens-Management.git" - dest: /home/vp/vp - - - name: "Configuration Template for Vplan" - template: - src: "templates/settings.js.j2" - dest: "/home/vp/vp/settings.js" - owner: vp - group: vp - mode: 0644 - - - name: "Change to teacher version if applicable" - when: "'lehrer' in group_names" - lineinfile: - path: "/home/vp/vp/settings.js" - regexp: "^const plantype" - line: "const plantype = \"lehrer\";" - - - name: "Reboot" - ansible.builtin.reboot: diff --git a/roles/qgm_vpdisplay/vars/main.yml b/roles/qgm_vpdisplay/vars/main.yml deleted file mode 100644 index 7a61307..0000000 --- a/roles/qgm_vpdisplay/vars/main.yml +++ /dev/null @@ -1,7 +0,0 @@ -packages: - - vim - - firefox-esr - - i3 - - xorg - - git - - unclutter diff --git a/scripts/get_greenfoot_bluej.sh b/scripts/get_greenfoot_bluej.sh deleted file mode 100755 index 88e8510..0000000 --- a/scripts/get_greenfoot_bluej.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash - -srvpath=/var/www/html/javadev -mkdir -p $srvpath -rm -f $srvpath/* -cd $srvpath || exit 1 - -greenfoot=https://www.greenfoot.org/download/files/Greenfoot-linux-371.deb -bluej=https://www.bluej.org/download/files/BlueJ-linux-520.deb - -wget $greenfoot -O $srvpath/greenfoot.deb -wget $bluej -O $srvpath/bluej.deb - - diff --git a/scripts/qgm-power.sh b/scripts/qgm-power.sh new file mode 100755 index 0000000..c7e56e1 --- /dev/null +++ b/scripts/qgm-power.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +. /etc/lmn7-netboot.conf + +filter=$1 + +cd $NBROOT || exit 1 + +if [ "x$2" == "xoff" ]; then + ansible-playbook -i $INVENTORY -l $filter shutdown.yml +fi + +if [ "x$2" == "xon" ]; then + ansible-playbook -i $INVENTORY -l $filter wol.yml +fi + diff --git a/vars-qgsoftware.yml b/vars-qgsoftware.yml new file mode 100644 index 0000000..7173e2f --- /dev/null +++ b/vars-qgsoftware.yml @@ -0,0 +1,40 @@ +#### Bluej/Greenfoot +## Bluej/Greenfoot Versionen +## Für Updates anpassen +bluej_target_version: "5.4.2" +greenfoot_target_version: "3.9.0" +## -- +greenfoot_src_uri: https://www.greenfoot.org/download/files/Greenfoot-linux-x64-VERSION.deb +bluej_src_uri: https://github.com/k-pet-group/BlueJ-Greenfoot/releases/download/BLUEJ-RELEASE-VERSION/BlueJ-linux-x64-VERSION.deb +mirror_javadev: http://netboot.qgm.lan/javadev/ + +#### Miror for misc "unofficial" debs +mirror_debs: http://netboot.qgm.lan/debs + +#### Scratch Offline Editor +scratch_src_uri: https://github.com/redshaderobotics/scratch3.0-linux/releases/download/3.3.0/scratch-desktop_3.3.0_amd64.deb +scratch_install_name: scratch_offline.deb + +#### Base Uri fuer die Appimages +mirror_appimage: http://netboot.qgm.lan/appimage/ + +#### FreeCAD Appimage +#freecadFullURI: https://github.com/FreeCAD/FreeCAD-Bundle/releases/download/0.21.2/FreeCAD_0.21.2-2023-12-17-conda-Linux-x86_64-py310.AppImage +freecadFullURI: https://github.com/FreeCAD/FreeCAD/releases/download/1.0.0/FreeCAD_1.0.0-conda-Linux-x86_64-py311.AppImage +freecadTargetFile: /var/www/html/appimage/FreeCAD.AppImage + +#### PrusaSlicer AppImage +prusaFullURI: https://cdn.prusa3d.com/downloads/drivers/prusa3d_linux_2_8_1.zip +prusaTargetFile: /var/www/html/appimage/PrusaSlicer.AppImage + +#### Arduino2 AppImage +arduinoFullURI: https://downloads.arduino.cc/arduino-ide/arduino-ide_2.3.4_Linux_64bit.AppImage +arduinoTargetFile: /var/www/html/appimage/ArduinoIDE2.AppImage + +#### Logseq Appimage +logseqFullURI: https://github.com/logseq/logseq/releases/download/0.10.9/Logseq-linux-x64-0.10.9.AppImage +logseqTargetFile: /var/www/html/appimage/Logseq.AppImage + +#### Digital circuit simulation +tarpack_digital: http://netboot.qgm.lan/tarpacks/digital.tgz +