From a37164d01a0f07bb6e10c2dd5ce2e9c37d12d11f Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andreas.mundt@steinbeisschule-reutlingen.de>
Date: Fri, 11 Dec 2020 11:58:23 +0100
Subject: [PATCH] Split role in desktop and infrastructure parts.

---
 fvs_mkhome.yml => fvs-client.yml              |  3 +-
 fvs-mkhome.yml                                | 25 ++++++++
 roles/fvs-client-mkhome/handlers/main.yml     | 18 ------
 roles/fvs-client/handlers/main.yml            | 10 ++++
 roles/fvs-client/tasks/main.yml               | 59 +++++++++++++++++++
 .../defaults/main.yml                         |  0
 roles/fvs-mkhome/handlers/main.yml            |  3 +
 .../tasks/main.yml                            | 54 -----------------
 .../templates/sssd.conf.j2                    |  0
 9 files changed, 99 insertions(+), 73 deletions(-)
 rename fvs_mkhome.yml => fvs-client.yml (95%)
 create mode 100644 fvs-mkhome.yml
 delete mode 100644 roles/fvs-client-mkhome/handlers/main.yml
 create mode 100644 roles/fvs-client/handlers/main.yml
 create mode 100644 roles/fvs-client/tasks/main.yml
 rename roles/{fvs-client-mkhome => fvs-mkhome}/defaults/main.yml (100%)
 create mode 100644 roles/fvs-mkhome/handlers/main.yml
 rename roles/{fvs-client-mkhome => fvs-mkhome}/tasks/main.yml (57%)
 rename roles/{fvs-client-mkhome => fvs-mkhome}/templates/sssd.conf.j2 (100%)

diff --git a/fvs_mkhome.yml b/fvs-client.yml
similarity index 95%
rename from fvs_mkhome.yml
rename to fvs-client.yml
index 9b1ddeb..e01b871 100644
--- a/fvs_mkhome.yml
+++ b/fvs-client.yml
@@ -36,4 +36,5 @@
     ## Choose either gnome or KDE:
     - gnome
     #- kde
-    - fvs-client-mkhome
+    - fvs-mkhome
+    - fvs-client
diff --git a/fvs-mkhome.yml b/fvs-mkhome.yml
new file mode 100644
index 0000000..e4528d6
--- /dev/null
+++ b/fvs-mkhome.yml
@@ -0,0 +1,25 @@
+---
+# This playbook deploys a kiosk-computer
+
+- name: apply configuration to the machines
+  hosts: all
+  remote_user: ansible
+  become: yes
+  vars:
+    extra_pkgs:
+      - vim
+      - git
+      - mc
+      - tmux
+      - nmap
+      - netcat-openbsd
+      - net-tools
+      - tree
+      - console-setup
+      - virt-manager
+    extra_pkgs_bpo: [ linux-image-amd64 ]  # [ libreoffice ]
+
+  roles:
+    - up2date-debian
+    ## Choose either gnome or KDE:
+    - fvs-mkhome
diff --git a/roles/fvs-client-mkhome/handlers/main.yml b/roles/fvs-client-mkhome/handlers/main.yml
deleted file mode 100644
index f334f3a..0000000
--- a/roles/fvs-client-mkhome/handlers/main.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-- name: restart sssd
-  service: name=sssd state=restarted enabled=yes
-  listen: "restart sssd"
-
-- name: reload systemd
-  systemd:
-    daemon_reload: yes
-  listen: "reload systemd"
-
-- name: run update-grub
-  command: update-grub
-  listen: update grub
-
-- name: enable tmp.mount
-  systemd:
-    daemon_reload: yes
-    name: tmp.mount
-    enabled: yes
diff --git a/roles/fvs-client/handlers/main.yml b/roles/fvs-client/handlers/main.yml
new file mode 100644
index 0000000..6a3b3d5
--- /dev/null
+++ b/roles/fvs-client/handlers/main.yml
@@ -0,0 +1,10 @@
+- name: run update-grub
+  command: update-grub
+  listen: update grub
+
+- name: enable tmp.mount
+  systemd:
+    daemon_reload: yes
+    name: tmp.mount
+    enabled: yes
+  listen: enable tmp.mount
diff --git a/roles/fvs-client/tasks/main.yml b/roles/fvs-client/tasks/main.yml
new file mode 100644
index 0000000..2473b81
--- /dev/null
+++ b/roles/fvs-client/tasks/main.yml
@@ -0,0 +1,59 @@
+---
+- name: set homepage
+  lineinfile:
+    dest: /etc/firefox-esr/firefox-esr.js
+    line: pref("browser.startup.homepage", "https://www.startpage.com");
+
+    #- name: enable pam_umask
+    #  lineinfile:
+    #    dest: /etc/pam.d/common-session
+    #    line: "session optional	pam_umask.so usergroups"
+
+- name: set capabilities (wireshark)
+  capabilities:
+    path: /usr/bin/dumpcap
+    capability: cap_net_raw,cap_net_admin+eip
+    state: present
+
+
+############## extra data partition ###############
+- name: mount data partition
+  mount:
+    src: "UUID={{ hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']['%s1'|format(item)]['uuid'] }}"
+    path: /home/data
+    fstype: ext4
+    state: mounted
+  register: data_mounted
+  when: item + '1' in hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']
+  loop:
+    - sdb
+    - sde
+
+- name: set sticky bit on data directory
+  file:
+    path: /home/data
+    state: directory
+    mode: '1777'
+  when: data_mounted.changed
+
+################# from kiosk.yml ##################
+- name: grub timeout
+  lineinfile:
+    dest: /etc/default/grub
+    regexp: '^(GRUB_TIMEOUT=).*'
+    line: '\g<1>1'
+    backrefs: yes
+  notify: update grub
+
+- name: keyboard compose key
+  lineinfile:
+    dest: /etc/default/keyboard
+    regexp: '^(XKBOPTIONS=).*'
+    line: '\1"compose:caps"'
+    backrefs: yes
+
+- name: tmp on tmpfs
+  shell: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
+  args:
+    creates: /etc/systemd/system/tmp.mount
+  notify: enable tmp.mount
diff --git a/roles/fvs-client-mkhome/defaults/main.yml b/roles/fvs-mkhome/defaults/main.yml
similarity index 100%
rename from roles/fvs-client-mkhome/defaults/main.yml
rename to roles/fvs-mkhome/defaults/main.yml
diff --git a/roles/fvs-mkhome/handlers/main.yml b/roles/fvs-mkhome/handlers/main.yml
new file mode 100644
index 0000000..c7c508b
--- /dev/null
+++ b/roles/fvs-mkhome/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: restart sssd
+  service: name=sssd state=restarted enabled=yes
+  listen: "restart sssd"
diff --git a/roles/fvs-client-mkhome/tasks/main.yml b/roles/fvs-mkhome/tasks/main.yml
similarity index 57%
rename from roles/fvs-client-mkhome/tasks/main.yml
rename to roles/fvs-mkhome/tasks/main.yml
index 2b1bf91..b83436c 100644
--- a/roles/fvs-client-mkhome/tasks/main.yml
+++ b/roles/fvs-mkhome/tasks/main.yml
@@ -24,11 +24,6 @@
     dest: /etc/ldap/ldap.conf
     line: "LDAPTLS_REQCERT      never"
 
-- name: set homepage
-  lineinfile:
-    dest: /etc/firefox-esr/firefox-esr.js
-    line: pref("browser.startup.homepage", "https://www.startpage.com");
-
     #- name: enable pam_umask
     #  lineinfile:
     #    dest: /etc/pam.d/common-session
@@ -80,52 +75,3 @@
 - name: reset boot order
   command: efibootmgr --delete-bootorder
   when: run_in_installer|default(false)|bool
-
-- name: set capabilities (wireshark)
-  capabilities:
-    path: /usr/bin/dumpcap
-    capability: cap_net_raw,cap_net_admin+eip
-    state: present
-
-
-############## extra data partition ###############
-- name: mount data partition
-  mount:
-    src: "UUID={{ hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']['%s1'|format(item)]['uuid'] }}"
-    path: /home/data
-    fstype: ext4
-    state: mounted
-  register: data_mounted
-  when: item + '1' in hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']
-  loop:
-    - sdb
-    - sde
-
-- name: set sticky bit on data directory
-  file:
-    path: /home/data
-    state: directory
-    mode: '1777'
-  when: data_mounted.changed
-
-################# from kiosk.yml ##################
-- name: grub timeout
-  lineinfile:
-    dest: /etc/default/grub
-    regexp: '^(GRUB_TIMEOUT=).*'
-    line: '\g<1>1'
-    backrefs: yes
-  notify: update grub
-
-- name: keyboard compose key
-  lineinfile:
-    dest: /etc/default/keyboard
-    regexp: '^(XKBOPTIONS=).*'
-    line: '\1"compose:caps"'
-    backrefs: yes
-
-- name: tmp on tmpfs
-  shell: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
-  args:
-    creates: /etc/systemd/system/tmp.mount
-  notify: enable tmp.mount
diff --git a/roles/fvs-client-mkhome/templates/sssd.conf.j2 b/roles/fvs-mkhome/templates/sssd.conf.j2
similarity index 100%
rename from roles/fvs-client-mkhome/templates/sssd.conf.j2
rename to roles/fvs-mkhome/templates/sssd.conf.j2