X-Git-Url: https://freie-schul-it.de/gitweb/fsit-cmgt.git/blobdiff_plain/ba14ca45b8552ca158bf43782ae7e0396b49e6f1..ee1a3b3e5a72f2e6657386337ae4c985fee4ab90:/library/bootstrap.yml?ds=inline

diff --git a/library/bootstrap.yml b/library/bootstrap.yml
index 9342d0c..a005d4c 100644
--- a/library/bootstrap.yml
+++ b/library/bootstrap.yml
@@ -5,41 +5,59 @@
     update_password: always
     password: "{{ ansibleuser|password_hash('sha512') }}"
 - name: hide system-account
-  ansible.builtin.copy:
-    dest: /var/lib/AccountsService/users/ansible
-    content: |
-      [User]
-      Session=
-      XSession=
-      Icon=/home/ansible/.face
-      SystemAccount=true
-      [InputSource0]
-      xkb=de
-       #- name: stop automatic remote printer installation
-       #ansible.builtin.systemd:
-       #name: cups-browsed
-       #state: stopped
-       #- name: disable automatic remote printer installation
-       #ansible.builtin.systemd:
-       #name: cups-browsed
-       #enabled: no
+  ansible.builtin.lineinfile:
+    path: /var/lib/AccountsService/users/ansible
+    regex: 'SystemAccount=*'
+    line: 'SystemAccount=true'
 - name: remove apt-config-file derived from preseeding
   ansible.builtin.file:
     path: /etc/apt/apt.conf
     state: absent
 - name: copy new apt-proxy config file to apt.conf.d-dir
-  ansible.builtin.template:
-    src: files/apt-proxy_01proxy.j2
+  ansible.builtin.copy:
     dest: /etc/apt/apt.conf.d/01proxy
+    content: |
+      Acquire::http { Proxy "http://{{ aptproxy }}:3142"; };
+      Acquire::https { Proxy "https://"; };
+- name: prepare ubuntu-DNS for working in local network
+  file:
+    src: /run/systemd/resolve/resolv.conf
+    dest: /etc/resolv.conf
+    state: link
+    force: yes
+  when: ansible_facts['distribution'] == 'Ubuntu'
 - name: Update and upgrade apt packages
   apt:
-    update_cache: yes
-    upgrade: yes
+    update_cache: true
+    upgrade: true
+    autoremove: true
 - name: install core-packages
   apt:
     pkg:
     - htop
-    - glances
+#    - glances
     - inxi
     - bmon
+    - vim
+    - mtr-tiny
+    - tmux
+- name: configure apt-unattended-upgrades part one
+  ansible.builtin.copy:
+    dest: /etc/apt/apt.conf.d/10periodic
+    content: |
+      APT::Periodic::Update-Package-Lists "1";
+      APT::Periodic::Unattended-Upgrade "1";
+      APT::Periodic::Download-Upgradeable-Packages "1";
+      APT::Periodic::AutocleanInterval "7";
+#- name: configure apt-unattended-upgrades part two
+#  ansible.builtin.lineinfile:
+# MÃ¼ssen wir noch an einem neuen GerÃ¤t nachvollziehen :-)
+#- name: stop automatic remote printer installation
+#  ansible.builtin.systemd:
+#    name: cups-browsed
+#    state: stopped
+#- name: disable automatic remote printer installation
+#  ansible.builtin.systemd:
+#    name: cups-browsed
+#    enabled: no
 ...