it-team/lmn-client
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
179 commits 2 branches 0 tags 7.2 MiB
Commit graph

159 commits

Author SHA1 Message Date
Andreas B. Mundt
0ed4230794 Split container package list. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
327f2eefac Username variable. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
0c48d933e7 Add more packages to the container. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
245c08c125 Improve container management tasks. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
ae0c26b117 Fix too many open files error with more containers. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
90d340a1d5 Make sure stuff exists when needed. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
85836e311e Move container restart task to handlers. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
baba55e05a Optional non-empty passwords for the container user. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
1b5f7ea0b5 Minor fixes and improvements. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
e058def667 Run in reverse order to remove the initial container last. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
cb5ade4c84 Provide 'sources.list' from the host and upgrade initial container. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
7bbfd817f8 Switch to persistent overlays. 
With tmpfs the containers' disk space is too limited.  Better keep
changes on the disk.
 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
fed5f71357 Instead of cloning the image, link to the rootfs. Provide more individual files. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
b920bdf52b Provide playbook and role to deploy containers. 
The containers are deployed for educational purposes with
user 'ansible' in the sudo group and an empty password.
SSH login is available via ports 10000 upwards on the host.
Port 80 is forwarded as well (ssh port + 100).
The container's rootfs is read only with an overlay:  After
restart of the container, modifications are lost.
 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
ede02d4761 Run DB tasks only on nextcloud upgrade. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
1e44ff34c3 Move nextcloud upgrade to separate role. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
89ff43e126 Fix some '.well-known/' redirects. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
708f6df86c Updates/fixes for bullseye and nextcloud 21. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
08cc1889fc Fixes and shellcheck-cleanup. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
89545ab4a7 Make sure gnome-keyring-daemon is not started, it fails with sshfs. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
13993ef45e Minor fixes for the DHCP and DNS setup. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
013c250e50 Fix/improve git-repo service. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
657185cd46 Deploy server's ssh pubkey to clients. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
4b5818b883 Add daily installer to menu for testing. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
4fab918db9 Work around missing domain name. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
16ac6d7169 Fixes for DHCP, DDNS. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
a6b408d866 Fix git-daemon service complaints. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
d8366d2ca2 Implement DNS (bind9) and DHCP (isc-dhcp-server) and TFTP (tftpd-hpa). 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
ebcfd88ef4 Restructuring/renaming DNS, DHCP, TFTP and netboot installer. 
Idea: The role 'dnsmasq' and a new role 'dns-dhcp-tftp' are
drop-in replacements and interchangeable. 'netboot-installer'
works indepently of the role chosen for DNS, DHCP and TFTP.
 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
e55997a01c Draft implementation of sambox-client. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
e5ae626936 Implement LAN server sharing home directories via smb or sshfs. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
c976c69bed Move LDAP install/setup tasks into extra file. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
51f01858c1 Implement self signed certificate for slapd. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
318672dabc Modifications need to be applied immediately. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
6bdd207f1e Fix (not) reloading systemd service during installation. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
1b2707b474 Services are socket activated. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
d8ab7bc73e Add data base maintenance command. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
c06aa6e519 Fix ending up with no link on WAN interface. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
3059ba0cd6 Make sure ansible is installed. 2023-02-07 19:15:50 +01:00
Andreas B. Mundt
d1bc338ef9 Web server playbook. 2021-10-20 17:11:06 +02:00
Andreas B. Mundt
42d3fa4c25 Desktop fine tuning (compare netboot image). 2021-10-14 11:41:11 +02:00
Andreas B. Mundt
db1ed7ff30 Make sure gnome keyring-daemon is not started on sshfs. 2021-07-27 11:58:19 +02:00
Andreas B. Mundt
bc012494df SSSD is socket activated by now. 2021-07-05 14:11:56 +02:00
Andreas B. Mundt
156d932bf4 PAM-mount fails with this option set. 2021-07-05 10:55:10 +02:00
Andreas B. Mundt
6be0eefcaa Avoid mounting attempts when switching to 'root'. 2021-04-13 09:40:57 +02:00
Andreas B. Mundt
449b4ff653 Disable extra drive for now. 2021-02-08 10:59:01 +01:00
Andreas B. Mundt
25dd1161e4 Nicer ordering. 2021-02-08 10:57:43 +01:00
Andreas B. Mundt
de52a1eb33 Provide ssh hostkey. 2020-12-18 09:28:26 +01:00
Andreas B. Mundt
7238875d0c Further split roles. Mount user home on the clients (sshfs). 
The following roles are available:
 fvs-sssd
   Configures LDAP as ID and AUTH provider using sssd.
 fvs-mount
   Provides all private user directories on login with pam_mount.

Machines provided so far are:
  The server providing the home directory: fvs-home.yml
  A standard client: fvs-client.yml
 2020-12-18 09:28:26 +01:00
Andreas B. Mundt
77c8c26e38 Exclude local user from mounts. 2020-12-17 10:28:24 +01:00