X-Git-Url: https://freie-schul-it.de/gitweb/fsit-cmgt.git/blobdiff_plain/340e7bb6f6009f20ecdded89bd9cf128cc845057..ee1a3b3e5a72f2e6657386337ae4c985fee4ab90:/library/bootstrap.yml?ds=sidebyside

diff --git a/library/bootstrap.yml b/library/bootstrap.yml
index 8b2f44b..a005d4c 100644
--- a/library/bootstrap.yml
+++ b/library/bootstrap.yml
@@ -1,38 +1,63 @@
 ---
-   - name: change ansible-user password
-     user:
-       name: ansible
-       update_password: always
-       password: "{{ ansibleuser|password_hash('sha512') }}"
-   - name: hide system-account
-     copy:
-       src: fsit-cmgt/files/gdm-ansible
-       dest: /var/lib/AccountsService/users/ansible
-       #- name: stop automatic remote printer installation
-       #ansible.builtin.systemd:
-       #name: cups-browsed
-       #state: stopped
-       #- name: disable automatic remote printer installation
-       #ansible.builtin.systemd:
-       #name: cups-browsed
-       #enabled: no
-   - name: remove apt-config-file derived from preseeding
-     ansible.builtin.file:
-       path: /etc/apt/apt.conf
-       state: absent
-   - name: copy new apt-proxy config file to apt.conf.d-dir
-     ansible.builtin.template:
-       src: files/apt-proxy_01proxy.j2
-       dest: /etc/apt/apt.conf.d/01proxy
-   - name: Update and upgrade apt packages
-     apt:
-       update_cache: yes
-       upgrade: yes
-   - name: install core-packages
-     apt:
-       pkg:
-       - htop
-       - glances
-       - inxi
-       - bmon
+- name: change ansible-user password
+  ansible.builtin.user:
+    name: ansible
+    update_password: always
+    password: "{{ ansibleuser|password_hash('sha512') }}"
+- name: hide system-account
+  ansible.builtin.lineinfile:
+    path: /var/lib/AccountsService/users/ansible
+    regex: 'SystemAccount=*'
+    line: 'SystemAccount=true'
+- name: remove apt-config-file derived from preseeding
+  ansible.builtin.file:
+    path: /etc/apt/apt.conf
+    state: absent
+- name: copy new apt-proxy config file to apt.conf.d-dir
+  ansible.builtin.copy:
+    dest: /etc/apt/apt.conf.d/01proxy
+    content: |
+      Acquire::http { Proxy "http://{{ aptproxy }}:3142"; };
+      Acquire::https { Proxy "https://"; };
+- name: prepare ubuntu-DNS for working in local network
+  file:
+    src: /run/systemd/resolve/resolv.conf
+    dest: /etc/resolv.conf
+    state: link
+    force: yes
+  when: ansible_facts['distribution'] == 'Ubuntu'
+- name: Update and upgrade apt packages
+  apt:
+    update_cache: true
+    upgrade: true
+    autoremove: true
+- name: install core-packages
+  apt:
+    pkg:
+    - htop
+#    - glances
+    - inxi
+    - bmon
+    - vim
+    - mtr-tiny
+    - tmux
+- name: configure apt-unattended-upgrades part one
+  ansible.builtin.copy:
+    dest: /etc/apt/apt.conf.d/10periodic
+    content: |
+      APT::Periodic::Update-Package-Lists "1";
+      APT::Periodic::Unattended-Upgrade "1";
+      APT::Periodic::Download-Upgradeable-Packages "1";
+      APT::Periodic::AutocleanInterval "7";
+#- name: configure apt-unattended-upgrades part two
+#  ansible.builtin.lineinfile:
+# MÃ¼ssen wir noch an einem neuen GerÃ¤t nachvollziehen :-)
+#- name: stop automatic remote printer installation
+#  ansible.builtin.systemd:
+#    name: cups-browsed
+#    state: stopped
+#- name: disable automatic remote printer installation
+#  ansible.builtin.systemd:
+#    name: cups-browsed
+#    enabled: no
 ...