223 lines
5.3 KiB
YAML
223 lines
5.3 KiB
YAML
---
|
|
- name: Preseed wireshark to allow users sniffing packets
|
|
ansible.builtin.debconf:
|
|
name: wireshark-common
|
|
question: wireshark-common/install-setuid
|
|
value: 'true'
|
|
vtype: boolean
|
|
|
|
- name: Preseed ttf-mscorefonts-installer
|
|
ansible.builtin.debconf:
|
|
name: ttf-mscorefonts-installer
|
|
question: msttcorefonts/dlurl
|
|
value: "{{ mirror_msfonts }}"
|
|
vtype: string
|
|
when: mirror_msfonts is defined and mirror_msfonts | length > 0
|
|
|
|
|
|
- name: Install desktop EDU packages and some more
|
|
apt:
|
|
name:
|
|
- atftp
|
|
- calligraplan
|
|
- cmake ## for kdevelop
|
|
- codelite
|
|
- codelite-plugins
|
|
- curl
|
|
- elpa-color-theme-modern
|
|
- elpa-magit
|
|
- emacs
|
|
- filezilla
|
|
- freeplane
|
|
- git
|
|
- gitg
|
|
- gitk
|
|
- htop
|
|
- jupyter
|
|
- kdevelop
|
|
- kdevelop-php
|
|
- kdevelop-python
|
|
- krita
|
|
- libnotify-bin ## needed for pwroff script
|
|
- links2
|
|
- minder
|
|
- neovim
|
|
- net-tools
|
|
- netcat-openbsd
|
|
- nmap
|
|
- php-cli
|
|
- planner
|
|
- pulseview
|
|
- python3-websockets
|
|
- qpdfview
|
|
- sigrok
|
|
- sigrok-cli
|
|
- tmux
|
|
- tree
|
|
- ttf-mscorefonts-installer
|
|
- unison-gtk
|
|
- w3m
|
|
- wireshark
|
|
- zulucrypt-gui
|
|
autoremove: true
|
|
state: latest
|
|
environment:
|
|
http_proxy: '' # this is needed to avoid ttf-mscorefonts-installer picking up aptcacher
|
|
|
|
|
|
- name: Make sure wireshark works for all users after installation and upgrades
|
|
ansible.builtin.copy:
|
|
dest: /etc/apt/apt.conf.d/92wireshark4all
|
|
content: |
|
|
## Modify permissions after installation/upgrade to allow all
|
|
## users dumping packages on network interfaces for wireshark
|
|
DPkg::Post-Invoke {"/usr/bin/chmod o+x /usr/bin/dumpcap || true"; };
|
|
|
|
|
|
- name: Create firefox policies directory
|
|
ansible.builtin.file:
|
|
path: /etc/firefox-esr/policies
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create a symbolic link firefox to firefox-esr
|
|
ansible.builtin.file:
|
|
src: /etc/firefox-esr
|
|
dest: /etc/firefox
|
|
state: link
|
|
|
|
- name: Copy firefox policy
|
|
ansible.builtin.copy:
|
|
src: policies.json
|
|
dest: /etc/firefox-esr/policies/
|
|
|
|
- name: Update all packages unattended
|
|
ansible.builtin.replace:
|
|
path: /etc/apt/apt.conf.d/50unattended-upgrades
|
|
regexp: '^//(\s+"origin=.+-updates";)$'
|
|
replace: ' \1'
|
|
|
|
- name: Copy some scripts
|
|
copy:
|
|
src: "{{ item }}"
|
|
dest: /usr/local/sbin/
|
|
mode: 0755
|
|
loop:
|
|
- pwroff
|
|
- bootorder.sh
|
|
- reporter
|
|
|
|
- name: Provide services and timers for some scripts
|
|
copy:
|
|
src: "{{ item }}"
|
|
dest: "/etc/systemd/system/{{ item }}"
|
|
mode: 0644
|
|
loop:
|
|
- pwroff.service
|
|
- pwroff.timer
|
|
- reporter.service
|
|
- reporter.timer
|
|
|
|
- name: Enable pwroff.timer
|
|
systemd:
|
|
name: "{{ item }}"
|
|
enabled: true
|
|
loop:
|
|
- pwroff.timer
|
|
- reporter.timer
|
|
|
|
- name: PXE first boot order
|
|
command: /usr/local/sbin/bootorder.sh
|
|
register: cmd_result
|
|
changed_when: cmd_result.stdout is not search('Nothing to do.')
|
|
when: boot_pxe | default(False)
|
|
|
|
- name: Copy dolphin config scripts
|
|
ansible.builtin.copy:
|
|
src: "{{ item }}"
|
|
dest: /usr/local/bin/
|
|
mode: 0755
|
|
loop:
|
|
- lmn-reset-dolphin.sh
|
|
- lmn-patch-dolphin.sh
|
|
|
|
- name: Configure KDE dolphin menu
|
|
ansible.builtin.copy:
|
|
src: lmn-dolphin.sh
|
|
dest: /etc/profile.d/
|
|
|
|
|
|
- name: Copy fvs-config.js to configure plasma
|
|
ansible.builtin.copy:
|
|
src: fvs-config.js
|
|
dest: /usr/share/plasma/shells/org.kde.plasma.desktop/contents/updates/fvs-config.js
|
|
mode: 0644
|
|
|
|
|
|
- name: Configure some KDE aspects
|
|
blockinfile:
|
|
path: /etc/xdg/kdeglobals
|
|
create: true
|
|
block: |
|
|
[KDE]
|
|
SingleClick=false
|
|
|
|
[KDE Action Restrictions][$i]
|
|
action/start_new_session=false
|
|
#action/switch_user=false
|
|
#action/lock_screen=false
|
|
|
|
- name: Shut down when idle for too long
|
|
ansible.builtin.copy:
|
|
dest: /etc/xdg/powermanagementprofilesrc
|
|
content: |
|
|
[AC][SuspendSession][$i]
|
|
idleTime=7200000
|
|
suspendType=8
|
|
|
|
- name: Start with empty session by default
|
|
ansible.builtin.copy:
|
|
dest: /etc/xdg/ksmserverrc
|
|
content: |
|
|
[General]
|
|
loginMode=emptySession
|
|
|
|
#- name: Disable automatic lock screen and user specific modifications
|
|
# ansible.builtin.copy:
|
|
# path: /etc/xdg/kscreenlockerrc
|
|
# content: |
|
|
# [Daemon][$i]
|
|
# Autolock=false
|
|
# LockOnResume=false
|
|
#
|
|
|
|
- name: Download libdvdcss from mirror
|
|
ansible.builtin.get_url:
|
|
url: "{{ mirror_dvdcss }}/libdvdcss.so.2.2.0"
|
|
dest: /usr/lib/x86_64-linux-gnu/libdvdcss.so.2.2.0
|
|
use_proxy: False
|
|
when: mirror_dvdcss is defined and mirror_dvdcss | length > 0
|
|
|
|
- name: Link library so name
|
|
ansible.builtin.file:
|
|
src: libdvdcss.so.2.2.0
|
|
dest: /usr/lib/x86_64-linux-gnu/libdvdcss.so.2
|
|
state: link
|
|
when: mirror_dvdcss is defined and mirror_dvdcss | length > 0
|
|
|
|
- name: Patch sddm login screen to show hostname
|
|
blockinfile:
|
|
path: /usr/share/sddm/themes/debian-breeze/Main.qml
|
|
marker: // {mark} ANSIBLE MANAGED BLOCK
|
|
insertbefore: '\s+//Footer'
|
|
block: |
|
|
Text {
|
|
id: hostname
|
|
anchors.top: parent.top
|
|
anchors.right: parent.right
|
|
anchors.topMargin: 10
|
|
anchors.rightMargin: 15
|
|
color: "#ffffff"
|
|
text: sddm.hostName + " | <{{ ansible_date_time['date'] }}>"
|
|
font.pointSize: config.fontSize
|
|
}
|