7238875d0c
The following roles are available: fvs-sssd Configures LDAP as ID and AUTH provider using sssd. fvs-mount Provides all private user directories on login with pam_mount. Machines provided so far are: The server providing the home directory: fvs-home.yml A standard client: fvs-client.yml
54 lines
1.4 KiB
YAML
54 lines
1.4 KiB
YAML
---
|
|
- name: set homepage
|
|
lineinfile:
|
|
dest: /etc/firefox-esr/firefox-esr.js
|
|
line: pref("browser.startup.homepage", "https://www.startpage.com");
|
|
|
|
- name: set capabilities (wireshark)
|
|
capabilities:
|
|
path: /usr/bin/dumpcap
|
|
capability: cap_net_raw,cap_net_admin+eip
|
|
state: present
|
|
|
|
|
|
############## extra data partition ###############
|
|
- name: mount data partition
|
|
mount:
|
|
src: "UUID={{ hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']['%s1'|format(item)]['uuid'] }}"
|
|
path: /home/data
|
|
fstype: ext4
|
|
state: mounted
|
|
register: data_mounted
|
|
when: item + '1' in hostvars[inventory_hostname]['ansible_devices']['%s'|format(item)]['partitions']
|
|
loop:
|
|
- sdb
|
|
- sde
|
|
|
|
- name: set sticky bit on data directory
|
|
file:
|
|
path: /home/data
|
|
state: directory
|
|
mode: '1777'
|
|
when: data_mounted.changed
|
|
|
|
################# from kiosk.yml ##################
|
|
- name: grub timeout
|
|
lineinfile:
|
|
dest: /etc/default/grub
|
|
regexp: '^(GRUB_TIMEOUT=).*'
|
|
line: '\g<1>1'
|
|
backrefs: yes
|
|
notify: update grub
|
|
|
|
- name: keyboard compose key
|
|
lineinfile:
|
|
dest: /etc/default/keyboard
|
|
regexp: '^(XKBOPTIONS=).*'
|
|
line: '\1"compose:caps"'
|
|
backrefs: yes
|
|
|
|
- name: tmp on tmpfs
|
|
shell: cp /usr/share/systemd/tmp.mount /etc/systemd/system/
|
|
args:
|
|
creates: /etc/systemd/system/tmp.mount
|
|
notify: enable tmp.mount
|