113 lines
3.2 KiB
YAML
113 lines
3.2 KiB
YAML
---
|
|
- name: Include OS-specific variables
|
|
include_vars: "os_{{ ansible_lsb.id }}_{{ ansible_lsb.major_release }}.yml"
|
|
|
|
- name: Create directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: "{{ def_username }}"
|
|
group: "{{ def_username }}"
|
|
with_items:
|
|
- "/home/{{ def_username }}/Documents/ftp"
|
|
- "/home/{{ def_username }}/Documents/smb"
|
|
- "/home/{{ def_username }}/scripts"
|
|
tags: create_dirs
|
|
- name: update hosts file
|
|
become: true
|
|
blockinfile:
|
|
dest: /etc/hosts
|
|
content: "{{ lookup('template', '{{ role_path }}/templates/hosts.j2') }}"
|
|
state: present
|
|
tags: update_hosts
|
|
- name: install required packages
|
|
become: true
|
|
package:
|
|
name: "{{ dependency_packages }}"
|
|
state: present
|
|
- name: set hostname
|
|
become: true
|
|
hostname:
|
|
name: '{{ inventory_hostname }}'
|
|
tags: set_hostname
|
|
- name: enable openvpn
|
|
become: true
|
|
service:
|
|
name: openvpn
|
|
enabled: yes
|
|
tags: enable_openvpn
|
|
register: openvpn_enabled
|
|
- name: enable openvpn config
|
|
become: true
|
|
lineinfile:
|
|
path: /etc/default/openvpn
|
|
state: present
|
|
regexp: '^#AUTOSTART="all"'
|
|
line: 'AUTOSTART="all"'
|
|
tags: enable_openvpn
|
|
- name: start openvpn
|
|
become: true
|
|
systemd:
|
|
daemon_reload: yes
|
|
name: openvpn
|
|
state: restarted
|
|
tags: enable_openvpn
|
|
when: openvpn_enabled
|
|
- name: allow pi to sudo without pw
|
|
lineinfile:
|
|
path: /etc/sudoers
|
|
state: present
|
|
regexp: '^%sudo'
|
|
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
|
|
validate: 'visudo -cf %s'
|
|
become: true
|
|
tags: pi_sudo
|
|
#- name: Ensure the locale exists
|
|
# locale_gen:
|
|
# name: en_US.UTF-8
|
|
# state: present
|
|
# become: yes
|
|
#- name: set as default locale
|
|
# command: raspi-config nonint do_change_locale en_US.UTF-8
|
|
# become: yes
|
|
#- name: set keyboard to us
|
|
# command: raspi-config nonint do_configure_keyboard us
|
|
- name: copy proc_check script and set exec
|
|
template:
|
|
src: "{{ role_path }}/files/proc_check.sh"
|
|
dest: "/home/{{ def_username }}/scripts/proc_check.sh"
|
|
owner: "{{ def_username }}"
|
|
group: "{{ def_username }}"
|
|
mode: a+x
|
|
- name: schedule proc_check script to run at 12:30am
|
|
cron:
|
|
name: "prock_check"
|
|
minute: "30"
|
|
hour: "0"
|
|
weekday: "*"
|
|
job: "/home/{{ def_username }}/scripts/proc_check.sh"
|
|
- name: sddm autologin
|
|
become: yes
|
|
template:
|
|
src: "{{ role_path }}/templates/sddm.conf.j2"
|
|
dest: /etc/sddm.conf
|
|
owner: root
|
|
|
|
- name: pi
|
|
become: yes
|
|
user:
|
|
name: "{{ def_username }}"
|
|
state: present
|
|
update_password: always
|
|
# 'piadmin99'
|
|
#password: "$6$Vmob4l5KBg11gcNV$fY.hrffHEc9gpcFhVdEmW7tepxJURBmkgQhC7kC25VsxcfHAtlqEP6Cvm6nK4jtqndkaQ/I29h/MkKk8KsdSV1"
|
|
password: "$6$rmO12Z8HeUt6wQ$6JM550bdYBEQ22HWw2Ax1hKxawTDG5odoIFj6.RtHDUVs4jUVnqA.StSBr0HJiSw4Xnn2VBrLBxuZ7MLY820O0"
|
|
tags: pi password
|
|
|
|
- name: remove xscreensaver
|
|
become: yes
|
|
apt:
|
|
name: xscreensaver
|
|
state: absent
|
|
autoremove: yes
|