playbooks/trixie
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Erste Version, die direkt funktioniert

Browse source
This commit is contained in:
Frank Schiebel 2025-08-06 08:46:39 +02:00
parent efd48de6c7
commit 1d41476110
4 changed files with 26 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

14
lmn-client.yml
View file

@ -22,13 +22,13 @@
remote_user: ansible remote_user: ansible
become: true become: true
pre_tasks: pre_tasks:
- name: Ask for global-admin AD password # - name: Ask for global-admin AD password
ansible.builtin.pause: # ansible.builtin.pause:
prompt: "Enter global-admin AD password. Leave empty to skip domain join" # prompt: "Enter global-admin AD password. Leave empty to skip domain join"
echo: false # echo: false
register: adpw # register: adpw
no_log: true # no_log: true
when: "ansible_cmdline.adpw is not defined" # when: "ansible_cmdline.adpw is not defined"
- name: Preseed apparmor - name: Preseed apparmor
ansible.builtin.debconf: ansible.builtin.debconf:
name: apparmor name: apparmor

14
qgm-vars.yml Normal file
View file

@ -0,0 +1,14 @@
domain: "{{ ansible_domain }}"
ansible_become_password: 'geheim2324'
# Comment out on productive systems when ssh key is provided
security_defaultuser_login_disable: false
## Configure additional apt options. E.g. Apt-cacher?
apt_conf: "Acquire::http::Proxy \"http://10.16.1.2:3142/\";"
ntp_serv: "server.{{ domain }}"
joinpw: "QGPWllmC!ga"
grub_pwd: "geheimgeheim!!"

4
roles/lmn_network/tasks/main.yml
View file

@ -5,14 +5,14 @@
mode: '0644' mode: '0644'
content: > content: >
{{ apt_conf }} {{ apt_conf }}
when: apt_conf | bool | default(false) when: apt_conf is defined
- name: Set NTP server - name: Set NTP server
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/systemd/timesyncd.conf path: /etc/systemd/timesyncd.conf
insertafter: '^#NTP=' insertafter: '^#NTP='
line: NTP={{ ntp_serv }} line: NTP={{ ntp_serv }}
when: ntp_serv | bool | default(false) when: ntp_serv is defined
- name: Add proposed-updates repository - name: Add proposed-updates repository
ansible.builtin.apt_repository: ansible.builtin.apt_repository:

5
roles/lmn_sssd/tasks/main.yml
View file

@ -17,8 +17,9 @@
- name: Join the domain - name: Join the domain
ansible.builtin.shell: ansible.builtin.shell:
cmd: > cmd: >
echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') }}" | echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') + joinpw | default('') }}" |
adcli join --stdin-password -U global-admin {{ domain | upper }} adcli join --stdin-password -U global-admin {{ domain | upper }}
when: > when: >
ansible_cmdline.adpw | default('') | length > 0 or ansible_cmdline.adpw | default('') | length > 0 or
adpw.user_input | default('') | length > 0 adpw.user_input | default('') | length > 0 or
joinpw is defined