--- - name: Preseed wireshark to allow users sniffing packets ansible.builtin.debconf: name: wireshark-common question: wireshark-common/install-setuid value: 'true' vtype: boolean - name: Preseed ttf-mscorefonts-installer ansible.builtin.debconf: name: ttf-mscorefonts-installer question: msttcorefonts/dlurl value: "{{ mirror_msfonts }}" vtype: string when: mirror_msfonts is defined and mirror_msfonts | length > 0 - name: Install desktop EDU packages and some more apt: name: - atftp - calligraplan - cmake ## for kdevelop - codelite - codelite-plugins - curl - elpa-color-theme-modern - elpa-magit - emacs - filezilla - freeplane - git - gitg - gitk - htop - jupyter - kdevelop - kdevelop-php - kdevelop-python - krita - libnotify-bin ## needed for pwroff script - links2 - minder - neovim - net-tools - netcat-openbsd - nmap - pdf-presenter-console - php-cli - pipx - planner - pulseview - python3-websockets - qpdfview - shellcheck - sigrok - sigrok-cli - texlive-latex-recommended - tmux - tree - ttf-mscorefonts-installer - twinkle - unison-gtk - w3m - wireshark - zulucrypt-gui autoremove: true state: latest environment: http_proxy: '' # this is needed to avoid ttf-mscorefonts-installer picking up aptcacher - name: Remove update notifications from plasma-discover apt: name: - plasma-discover autoremove: true state: absent - name: Make sure wireshark works for all users after installation and upgrades ansible.builtin.copy: dest: /etc/apt/apt.conf.d/92wireshark4all content: | ## Modify permissions after installation/upgrade to allow all ## users dumping packages on network interfaces for wireshark DPkg::Post-Invoke {"/usr/bin/chmod o+x /usr/bin/dumpcap || true"; }; - name: Create firefox policies directory ansible.builtin.file: path: /etc/firefox-esr/policies state: directory mode: '0755' - name: Create a symbolic link firefox to firefox-esr ansible.builtin.file: src: /etc/firefox-esr dest: /etc/firefox state: link - name: Copy firefox policy ansible.builtin.copy: src: policies.json dest: /etc/firefox-esr/policies/ - name: Copy some scripts copy: src: "{{ item }}" dest: /usr/local/sbin/ mode: 0755 loop: - pwroff - bootorder.sh - reporter - name: Provide services and timers for some scripts copy: src: "{{ item }}" dest: "/etc/systemd/system/{{ item }}" mode: 0644 loop: - pwroff.service - pwroff.timer - reporter.service - reporter.timer - name: Enable pwroff.timer systemd: name: "{{ item }}" enabled: true loop: - pwroff.timer - reporter.timer - name: PXE first boot order command: /usr/local/sbin/bootorder.sh register: cmd_result changed_when: cmd_result.stdout is not search('Nothing to do.') when: inventory_hostname in groups["PCroom"] - name: Copy dolphin config scripts ansible.builtin.copy: src: "{{ item }}" dest: /usr/local/bin/ mode: 0755 loop: - lmn-reset-dolphin.sh - lmn-patch-dolphin.sh - name: Configure KDE dolphin menu ansible.builtin.copy: src: lmn-dolphin.sh dest: /etc/profile.d/ - name: Copy fvs-config.js to configure plasma ansible.builtin.copy: src: fvs-config.js dest: /usr/share/plasma/shells/org.kde.plasma.desktop/contents/updates/fvs-config.js mode: 0644 - name: Configure some KDE aspects blockinfile: path: /etc/xdg/kdeglobals create: true block: | [KDE] SingleClick=false [KDE Action Restrictions][$i] action/start_new_session=false #action/switch_user=false #action/lock_screen=false - name: Shut down when idle for too long ansible.builtin.copy: dest: /etc/xdg/powermanagementprofilesrc content: | [AC][SuspendSession][$i] idleTime=7200000 suspendType=8 - name: Start with empty session by default ansible.builtin.copy: dest: /etc/xdg/ksmserverrc content: | [General] loginMode=emptySession - name: Fix primary screen for class room PCs with projector block: - name: Switch projector off for login lineinfile: dest: /usr/share/sddm/scripts/Xsetup line: 'xrandr --output {{ dual_screen[0] }} --off' - name: Deploy fix-screen script ansible.builtin.template: src: lmn-fix-screen.j2 dest: /usr/local/bin/lmn-fix-screen mode: '0755' - name: Deploy fix-screen autostarter ansible.builtin.copy: dest: /etc/xdg/autostart/lmn-fix-screen.desktop content: | [Desktop Entry] Name=fix-screen Exec=lmn-fix-screen Type=Application NoDisplay=true when: dual_screen is defined #- name: Avoid starting kscreen (confusing autodetection) # ansible.builtin.copy: # dest: /etc/xdg/kded5rc # content: | # [Module-kscreen] # autoload=false # #- name: Disable automatic lock screen and user specific modifications # ansible.builtin.copy: # path: /etc/xdg/kscreenlockerrc # content: | # [Daemon][$i] # Autolock=false # LockOnResume=false # - name: Download libdvdcss from mirror ansible.builtin.get_url: url: "{{ mirror_dvdcss }}/libdvdcss.so.2.2.0" dest: /usr/lib/x86_64-linux-gnu/libdvdcss.so.2.2.0 use_proxy: False when: mirror_dvdcss is defined and mirror_dvdcss | length > 0 - name: Link library so name ansible.builtin.file: src: libdvdcss.so.2.2.0 dest: /usr/lib/x86_64-linux-gnu/libdvdcss.so.2 state: link when: mirror_dvdcss is defined and mirror_dvdcss | length > 0 - name: Patch sddm login screen to show hostname blockinfile: path: /usr/share/sddm/themes/debian-breeze/Main.qml marker: // {mark} ANSIBLE MANAGED BLOCK insertbefore: '\s+//Footer' block: | Text { id: hostname anchors.top: parent.top anchors.right: parent.right anchors.topMargin: 10 anchors.rightMargin: 15 color: "#ffffff" text: sddm.hostName + " | <{{ ansible_date_time['date'] }}>" font.pointSize: config.fontSize }