created roles for office terminal install, tested up to auth
This commit is contained in:
parent
912a93ea55
commit
1cb9bd08ba
|
@ -0,0 +1,2 @@
|
|||
#!/bin/sh
|
||||
sudo apt-get update && sudo apt-get install python python-apt aptitude
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
- hosts: new-office
|
||||
become: yes
|
||||
become_method: sudo
|
||||
roles:
|
||||
- common
|
||||
- core
|
||||
- hardware
|
||||
- devel
|
||||
- generate-hosts
|
||||
- auth
|
||||
- nfs
|
||||
- csc-packages
|
|
@ -0,0 +1,66 @@
|
|||
[libdefaults]
|
||||
default_realm = CSCLUB.UWATERLOO.CA
|
||||
forwardable = true
|
||||
proxiable = true
|
||||
dns_lookup_kdc = false
|
||||
dns_lookup_realm = false
|
||||
|
||||
[realms]
|
||||
CSCLUB.UWATERLOO.CA = {
|
||||
kdc = kdc1.csclub.uwaterloo.ca
|
||||
kdc = kdc2.csclub.uwaterloo.ca
|
||||
admin_server = kadmin.csclub.uwaterloo.ca
|
||||
}
|
||||
|
||||
STUDENT.CS.UWATERLOO.CA = {
|
||||
kdc = eponina.student.cs.uwaterloo.ca:88
|
||||
kdc = canadenis.student.cs.uwaterloo.ca:88
|
||||
admin_server = canadenis.student.cs.uwaterloo.ca:464
|
||||
}
|
||||
|
||||
CS.UWATERLOO.CA = {
|
||||
kdc = intacta.cs.uwaterloo.ca:88
|
||||
kdc = serverus.cs.uwaterloo.ca:88
|
||||
admin_server = intacta.cs.uwaterloo.ca:464
|
||||
}
|
||||
|
||||
ADS.UWATERLOO.CA = {
|
||||
kdc = ads.uwaterloo.ca:88
|
||||
admin_server = ads.uwaterloo.ca:464
|
||||
default_domain = ads.uwaterloo.ca
|
||||
}
|
||||
|
||||
NEXUS.UWATERLOO.CA = {
|
||||
kdc = nexus.uwaterloo.ca:88
|
||||
kdc = nexus.uwaterloo.ca
|
||||
admin_server = nexus.uwaterloo.ca:464
|
||||
}
|
||||
|
||||
[domain_realm]
|
||||
.uwaterloo.ca = ADS.UWATERLOO.CA
|
||||
uwaterloo.ca = ADS.UWATERLOO.CA
|
||||
.csclub.uwaterloo.ca = CSCLUB.UWATERLOO.CA
|
||||
csclub.uwaterloo.ca = CSCLUB.UWATERLOO.CA
|
||||
.nexus.uwaterloo.ca = NEXUS.UWATERLOO.CA
|
||||
nexus.uwaterloo.ca = NEXUS.UWATERLOO.CA
|
||||
.cs.uwaterloo.ca = CS.UWATERLOO.CA
|
||||
cs.uwaterloo.ca = CS.UWATERLOO.CA
|
||||
.student.cs.uwaterloo.ca = STUDENT.CS.UWATERLOO.CA
|
||||
student.cs.uwaterloo.ca = STUDENT.CS.UWATERLOO.CA
|
||||
|
||||
[logging]
|
||||
kdc = FILE:/var/log/krb5kdc.log
|
||||
admin_server = FILE:/var/log/kadmin.log
|
||||
default = FILE:/var/log/krb5.log
|
||||
|
||||
|
||||
#[dbmodules]
|
||||
# openldap_ldapconf = {
|
||||
# db_library = kldap
|
||||
# ldap_kerberos_container_dn = "cn=kerberos,dc=csclub,dc=uwaterloo,dc=ca"
|
||||
# ldap_kdc_dn = "cn=kerberos-kdc,dc=csclub,dc=uwaterloo,dc=ca"
|
||||
# ldap_kadmind_dn = "cn=kerberos-admin,dc=csclub,dc=uwaterloo,dc=ca"
|
||||
# ldap_service_password_file = /etc/krb5kdc/service.keyfile
|
||||
# ldap_servers = ldapi:///
|
||||
# }
|
||||
|
|
@ -0,0 +1,16 @@
|
|||
# $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v 1.9 2000/09/04 19:57:01 kurt Exp $
|
||||
#
|
||||
# LDAP Defaults
|
||||
#
|
||||
|
||||
# See ldap.conf(5) for details
|
||||
# This file should be world readable but not world writable.
|
||||
|
||||
BASE dc=csclub, dc=uwaterloo, dc=ca
|
||||
URI ldap://ldap1.csclub.uwaterloo.ca ldap://ldap2.csclub.uwaterloo.ca
|
||||
|
||||
SIZELIMIT 0
|
||||
|
||||
TLS_CACERT /etc/ssl/certs/GlobalSign_Intermediate_Root_SHA256_G2.pem
|
||||
TLS_CACERTFILE /etc/ssl/certs/GlobalSign_Intermediate_Root_SHA256_G2.pem
|
||||
|
|
@ -0,0 +1,25 @@
|
|||
# This is the ssh client system-wide configuration file. See
|
||||
# ssh_config(5) for more information. This file provides defaults for
|
||||
# users, and the values can be changed in per-user configuration files
|
||||
# or on the command line.
|
||||
|
||||
# Configuration data is parsed as follows:
|
||||
# 1. command line options
|
||||
# 2. user-specific file
|
||||
# 3. system-wide file
|
||||
# Any configuration value is only changed the first time it is set.
|
||||
# Thus, host-specific definitions should be at the beginning of the
|
||||
# configuration file, and defaults at the end.
|
||||
|
||||
# Site-wide defaults for some commonly used options. For a comprehensive
|
||||
# list of available options, their meanings and defaults, please see the
|
||||
# ssh_config(5) man page.
|
||||
|
||||
Host *
|
||||
SendEnv LANG LC_*
|
||||
GSSAPITrustDns yes
|
||||
GSSAPIKeyExchange yes
|
||||
|
||||
GSSAPIAuthentication yes
|
||||
GSSAPIDelegateCredentials yes
|
||||
UseRoaming no
|
|
@ -0,0 +1,64 @@
|
|||
# Package generated configuration file
|
||||
# See the sshd(8) manpage for details
|
||||
|
||||
# What ports, IPs and protocols we listen for
|
||||
Port 22
|
||||
|
||||
# Use only protocol version 2
|
||||
Protocol 2
|
||||
|
||||
# HostKeys for protocol version 2
|
||||
HostKey /etc/ssh/ssh_host_ed25519_key
|
||||
HostKey /etc/ssh/ssh_host_rsa_key
|
||||
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
|
||||
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
|
||||
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
|
||||
|
||||
# Privilege Separation is turned on for security
|
||||
UsePrivilegeSeparation yes
|
||||
|
||||
# Logging
|
||||
SyslogFacility AUTH
|
||||
LogLevel INFO
|
||||
|
||||
# Authentication
|
||||
UsePAM yes
|
||||
StrictModes yes
|
||||
PermitRootLogin yes
|
||||
LoginGraceTime 120
|
||||
MaxStartups 25:30:100
|
||||
|
||||
# password authentication via PAM (single sign-on initial case)
|
||||
PasswordAuthentication yes
|
||||
PermitEmptyPasswords no
|
||||
|
||||
# keyboard-interactive authentication (like password, works with +needchange)
|
||||
ChallengeResponseAuthentication yes
|
||||
|
||||
# kerberos (single sign-on already authenticated case)
|
||||
GSSAPIAuthentication yes
|
||||
GSSAPIKeyExchange yes
|
||||
GSSAPICleanupCredentials yes
|
||||
|
||||
# public key authentication with authorized_keys
|
||||
PubkeyAuthentication yes
|
||||
|
||||
# no single sign-on via hosts.equiv; we use kerberos
|
||||
HostbasedAuthentication no
|
||||
IgnoreRhosts yes
|
||||
|
||||
# no builtin kerberos auth with password, we do the same via pam_krb5
|
||||
KerberosAuthentication no
|
||||
|
||||
# allow X forwarding
|
||||
X11Forwarding yes
|
||||
X11DisplayOffset 10
|
||||
|
||||
# PAM prints these already
|
||||
PrintMotd no
|
||||
PrintLastLog no
|
||||
|
||||
# Allow client to pass locale environment variables
|
||||
AcceptEnv LANG LC_*
|
||||
|
||||
Subsystem sftp /usr/lib/openssh/sftp-server
|
|
@ -0,0 +1,28 @@
|
|||
[sssd]
|
||||
config_file_version = 2
|
||||
services = nss, pam, sudo
|
||||
domains = csclub.uwaterloo.ca
|
||||
|
||||
[domain/csclub.uwaterloo.ca]
|
||||
cache_credentials = true
|
||||
enumerate = true
|
||||
|
||||
id_provider = ldap
|
||||
auth_provider = krb5
|
||||
sudo_provider = ldap
|
||||
entry_cache_timeout = 600
|
||||
|
||||
ldap_uri = ldaps://ldap1.csclub.uwaterloo.ca,ldaps://ldap2.csclub.uwaterloo.ca
|
||||
ldap_tls_cacert = /etc/ssl/certs/GlobalSign_Intermediate_Root_SHA256_G2.pem
|
||||
ldap_tls_reqcert = demand
|
||||
ldap_search_base = dc=csclub,dc=uwaterloo,dc=ca
|
||||
ldap_schema = rfc2307bis
|
||||
ldap_group_member = uniqueMember
|
||||
|
||||
ldap_user_search_base = ou=People,dc=csclub,dc=uwaterloo,dc=ca
|
||||
ldap_group_search_base = ou=Group,dc=csclub,dc=uwaterloo,dc=ca
|
||||
ldap_sudo_search_base = ou=SUDOers,dc=csclub,dc=uwaterloo,dc=ca
|
||||
|
||||
krb5_realm = CSCLUB.UWATERLOO.CA
|
||||
krb5_server = kdc1.csclub.uwaterloo.ca,kdc2.csclub.uwaterloo.ca
|
||||
krb5_kpasswd = kadmin.csclub.uwaterloo.ca
|
|
@ -0,0 +1,54 @@
|
|||
---
|
||||
|
||||
- name: install libpam-csc
|
||||
apt: name=libpam-csc state=latest
|
||||
|
||||
- name: install required aptitude packages
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- krb5-user
|
||||
- ldap-utils
|
||||
- sssd
|
||||
- sssd-tools
|
||||
|
||||
- name: install ubuntu sss pam and nss
|
||||
apt: name={{ item }} state=latest
|
||||
when: ansible_distribution == 'Ubuntu'
|
||||
with_items:
|
||||
- libnss-sss
|
||||
- libpam-sss
|
||||
|
||||
- name: copy over configs
|
||||
template: src={{ item.src }} dest={{ item.dest }}
|
||||
with_items:
|
||||
- { src: 'krb5.conf', dest: '/etc/krb5.conf' }
|
||||
- { src: 'ldap.conf', dest: '/etc/ldap/ldap.conf' }
|
||||
- { src: 'sssd.conf', dest: '/etc/sssd/sssd.conf' }
|
||||
- { src: 'sshd_config', dest: '/etc/ssh/sshd_config' }
|
||||
- { src: 'ssh_config', dest: '/etc/ssh/ssh_config' }
|
||||
|
||||
- name: configure PAM for syscom machine
|
||||
when: syscom
|
||||
blockinfile:
|
||||
dest: /etc/pam.d/common-account
|
||||
block: |
|
||||
# make sure user is up to date, except system accounts and syscom
|
||||
account [success=2 default=ignore] pam_succeed_if.so quiet uid < 10000
|
||||
account [success=1 default=ignore] pam_succeed_if.so quiet user ingroup syscom
|
||||
account required pam_deny.so
|
||||
|
||||
- name: configure PAM for regular machine
|
||||
when: not syscom
|
||||
blockinfile:
|
||||
dest: /etc/pam.d/common-account
|
||||
block: |
|
||||
# make sure user is up to date, except system accounts and syscom
|
||||
account [success=2 default=ignore] pam_succeed_if.so quiet uid < 10000
|
||||
account [success=1 default=ignore] pam_succeed_if.so quiet user ingroup syscom
|
||||
account required pam_csc.so
|
||||
|
||||
- name: restart services
|
||||
service: name={{ item }} state=restarted
|
||||
with_items:
|
||||
- sssd
|
||||
- ssh
|
|
@ -0,0 +1,29 @@
|
|||
---
|
||||
|
||||
- name: Install git
|
||||
apt: name=git state=latest
|
||||
|
||||
- name: install etckeeper
|
||||
apt: name=etckeeper state=present
|
||||
register: etckeeper
|
||||
|
||||
- name: update etckeeper VCS
|
||||
lineinfile: dest=/etc/etckeeper/etckeeper.conf
|
||||
state=present
|
||||
backrefs=yes
|
||||
regexp={{ item.regex }}
|
||||
line={{ item.line }}
|
||||
with_items:
|
||||
- { regex: '^(VCS=.*)$', line: '#\1' }
|
||||
- { regex: '^#(VCS=\"git\")$', line: '\1' }
|
||||
when: etckeeper.changed == true
|
||||
|
||||
- name: re-initialize etckeeper with git
|
||||
command: "{{ item }}"
|
||||
with_items:
|
||||
- 'etckeeper uninit -f'
|
||||
- 'etckeeper init'
|
||||
- 'etckeeper commit "Initial commit"'
|
||||
args:
|
||||
chdir: /etc
|
||||
when: etckeeper.changed == true
|
|
@ -0,0 +1,27 @@
|
|||
---
|
||||
|
||||
- name: Add debian.csclub.uwaterloo.ca GPG key
|
||||
apt_key: url=http://debian.csclub.uwaterloo.ca/csclub.asc state=present
|
||||
|
||||
- name: Add debian.csclub.uwaterloo.ca repository
|
||||
apt_repository: repo="{{ item }}" state=present
|
||||
with_items:
|
||||
- "deb http://debian.csclub.uwaterloo.ca/ {{ ansible_distribution_release }} main"
|
||||
- "deb-src http://debian.csclub.uwaterloo.ca/ {{ ansible_distribution_release }} main"
|
||||
|
||||
- name: Update apt and packages (if just installed unlikely)
|
||||
package: update_cache=yes upgrade=safe
|
||||
|
||||
- name: ensure directories exist
|
||||
file: path={{ item }} state=directory
|
||||
with_items:
|
||||
- /etc/opt/chrome/policies/managed/
|
||||
- /etc/firefox
|
||||
|
||||
- name: copy chrome managed policy
|
||||
copy: src={{ item.src }} dest={{ item.dest }} backup=no
|
||||
with_items:
|
||||
- { src: 'files/web-kerberos/chrome.json', dest: '/etc/opt/chrome/policies/managed/csc-kerberos.json' }
|
||||
- { src: 'files/web-kerberos/firefox.js', dest: '/etc/firefox/syspref.js' }
|
||||
|
||||
- include: etckeeper.yml
|
|
@ -0,0 +1,120 @@
|
|||
---
|
||||
|
||||
- name: Install Shells
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- bash
|
||||
- zsh
|
||||
- zsh-doc
|
||||
- dash
|
||||
- ksh
|
||||
- tcsh
|
||||
- csh
|
||||
- rc
|
||||
- bash-doc
|
||||
- bash-completion
|
||||
- bashdb
|
||||
|
||||
- name: Install Editors
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- vim-nox
|
||||
- ed
|
||||
- nano
|
||||
|
||||
- name: Install words
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- wamerican-insane
|
||||
|
||||
- name: Install utils
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- acl
|
||||
- tmux
|
||||
- screen
|
||||
- less
|
||||
- lsof
|
||||
- bc
|
||||
- dc
|
||||
- psmisc
|
||||
- procps
|
||||
- htop
|
||||
- schedtool
|
||||
- pciutils
|
||||
- rsync
|
||||
|
||||
- name: Install compression
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- bzip2
|
||||
- gzip
|
||||
- pax
|
||||
- lzma
|
||||
- xz-utils
|
||||
- cpio
|
||||
|
||||
- name: Install ncurses
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- ncurses-bin
|
||||
- ncurses-term
|
||||
|
||||
- name: Install network
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- iputils-ping
|
||||
- iputils-arping
|
||||
- traceroute
|
||||
- telnet
|
||||
- iproute2
|
||||
- ethtool
|
||||
- dnsutils
|
||||
- whois
|
||||
- wget
|
||||
- curl
|
||||
- netcat-traditional
|
||||
- netcat-openbsd
|
||||
- vlan
|
||||
- bridge-utils
|
||||
- tcpdump
|
||||
- tshark
|
||||
- ftp
|
||||
- tftp
|
||||
|
||||
- name: Install ntp
|
||||
apt: name=ntp state=latest
|
||||
|
||||
- name: Install debian package management
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- aptitude
|
||||
- dselect
|
||||
|
||||
- name: Install gpg
|
||||
apt: name=gnupg state=latest
|
||||
|
||||
- name: Install fail2ban
|
||||
apt: name=fail2ban state=latest
|
||||
|
||||
- name: Install man pages
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- manpages
|
||||
- info
|
||||
|
||||
- name: Install rsyslog
|
||||
apt: name=rsyslog state=latest
|
||||
|
||||
- name: Install molly-guard
|
||||
apt: name=molly-guard state=latest
|
||||
|
||||
- name: Install ssmtp
|
||||
apt: name=ssmtp state=latest
|
||||
|
||||
- name: Configure ssmtp
|
||||
lineinfile: dest=/etc/ssmtp/ssmtp.conf
|
||||
state=present
|
||||
backrefs=yes
|
||||
regexp='^#(FromLineOverride=YES)$'
|
||||
line='\\1'
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
|
||||
- name: Install CSC packages
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- ceo-python
|
||||
- library
|
|
@ -0,0 +1,378 @@
|
|||
---
|
||||
|
||||
- name: Install build essentials
|
||||
apt: name=build-essential state=latest
|
||||
|
||||
- name: Install debian dev stuff
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- dpkg-dev
|
||||
- devscripts
|
||||
- debootstrap
|
||||
- dupload
|
||||
- fakeroot
|
||||
- debhelper
|
||||
- dh-make
|
||||
- dh-make-perl
|
||||
- dh-buildinfo
|
||||
- cdbs
|
||||
- dpatch
|
||||
- kernel-package
|
||||
- lintian
|
||||
- alien
|
||||
- po-debconf
|
||||
- pbuilder
|
||||
- dpkg-repack
|
||||
|
||||
- name: Install build helpers
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- make
|
||||
- make-doc
|
||||
- autoconf
|
||||
- autoconf-doc
|
||||
- automake
|
||||
- cmake
|
||||
- ccache
|
||||
- ant
|
||||
- ant-optional
|
||||
- scons
|
||||
- qt5-qmake
|
||||
- qt4-qmake
|
||||
- autogen
|
||||
- autotools-dev
|
||||
- autoproject
|
||||
- kbuild
|
||||
|
||||
- name: Install OpenJDK
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- openjdk-8-jdk
|
||||
|
||||
- name: Install Debuggers
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- strace
|
||||
- gdb
|
||||
- elfutils
|
||||
- valgrind
|
||||
- libc6-dbg
|
||||
|
||||
- name: Install interpreters
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- python3
|
||||
- python
|
||||
- perl
|
||||
- ruby
|
||||
|
||||
- name: Install dev docs
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- manpages-dev
|
||||
- gcc-doc
|
||||
- cpp-doc
|
||||
- binutils-doc
|
||||
- manpages-posix-dev
|
||||
- glibc-doc
|
||||
- glibc-doc-reference
|
||||
- gdb-doc
|
||||
- stl-manual
|
||||
- perl-doc
|
||||
|
||||
- name: Install x86 assembly tools
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- bin86
|
||||
- nasm
|
||||
- yasm
|
||||
|
||||
- name: Install scanning and parsing utils
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- flex
|
||||
- flex-doc
|
||||
- bison
|
||||
- bison-doc
|
||||
- ragel
|
||||
- byacc
|
||||
- re2c
|
||||
|
||||
- name: Install VCS
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- git
|
||||
- git-email
|
||||
- git-cvs
|
||||
- git-svn
|
||||
- git-arch
|
||||
- git-doc
|
||||
- git-buildpackage
|
||||
- mercurial
|
||||
- subversion
|
||||
- subversion-tools
|
||||
- darcs
|
||||
- bzr
|
||||
- bzrtools
|
||||
- cvs
|
||||
- cvsps
|
||||
- wdiff
|
||||
- colordiff
|
||||
- patch
|
||||
- patchutils
|
||||
- quilt
|
||||
- gitk
|
||||
- git-gui
|
||||
- diffutils
|
||||
- tkdiff
|
||||
|
||||
- name: Install mono
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- mono-complete
|
||||
- mono-devel
|
||||
- mono-profiler
|
||||
- mono-tools-devel
|
||||
- mono-tools-gui
|
||||
- mono-vbnc
|
||||
|
||||
- name: Install haskell
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- ghc
|
||||
- ghc-doc
|
||||
- haskell-platform
|
||||
|
||||
- name: Install ocaml
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- ocaml
|
||||
- camlp4
|
||||
|
||||
- name: Install python and libs
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- python3-virtualenv
|
||||
- python3-pip
|
||||
- python3-all-dev
|
||||
- python-pip
|
||||
- python-virtualenv
|
||||
- drpython
|
||||
- ipython
|
||||
- pylint
|
||||
- pychecker
|
||||
- pyflakes
|
||||
- python-all-dev
|
||||
- python-m2crypto
|
||||
- python-mysqldb
|
||||
- python-imaging
|
||||
- python-libxml2
|
||||
- python-libxslt1
|
||||
- python-numpy
|
||||
- python-numpy-doc
|
||||
- python-twisted
|
||||
- python-openssl
|
||||
- python-pexpect
|
||||
- python-pyasn1
|
||||
- python-pysnmp4
|
||||
- python-sqlobject
|
||||
- python-subversion
|
||||
- python-urwid
|
||||
- python-xmpp
|
||||
- python-beautifulsoup
|
||||
- python-chardet
|
||||
- python-kerberos
|
||||
- python-mako
|
||||
- python-pyme
|
||||
- python-rpm
|
||||
- python-selinux
|
||||
- python-setuptools
|
||||
- python-simplejson
|
||||
- python-sqlite
|
||||
- python-sqlitecachec
|
||||
- python-urlgrabber
|
||||
- python-cups
|
||||
- python-notify
|
||||
- python-tk
|
||||
- jython
|
||||
- jython-doc
|
||||
|
||||
- name: Install ruby
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- ruby-dev
|
||||
- rake
|
||||
|
||||
- name: Install llvm
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- clang
|
||||
- llvm
|
||||
- llvm-dev
|
||||
|
||||
- name: Install scheme/racket
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- racket
|
||||
- racket-doc
|
||||
- scheme2c
|
||||
- guile-1.8
|
||||
- guile-1.8-dev
|
||||
- tinyscheme
|
||||
- chicken-bin
|
||||
- mit-scheme-doc
|
||||
- scheme9
|
||||
- stalin
|
||||
|
||||
- name: Install tcl/tk
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- tcl
|
||||
- tcl-dev
|
||||
- tcl8.5
|
||||
- tk
|
||||
- tk-dev
|
||||
|
||||
- name: Install lua
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- lua5.3
|
||||
- liblua5.3-dev
|
||||
|
||||
- name: Install misc scripting
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- swig
|
||||
- gawk
|
||||
- mawk
|
||||
- m4
|
||||
|
||||
- name: Install misc languages
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- gfortran
|
||||
- erlang
|
||||
- erlang-dev
|
||||
- beef
|
||||
- intercal
|
||||
- php-cli
|
||||
- rhino
|
||||
- sbcl
|
||||
|
||||
- name: Install AVR tools
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- gcc-avr
|
||||
- binutils-avr
|
||||
- gdb-avr
|
||||
- avrdude
|
||||
- avrdude-doc
|
||||
- simulavr
|
||||
- avarice
|
||||
- avr-libc
|
||||
- avra
|
||||
- avrp
|
||||
- uisp
|
||||
- usbprog
|
||||
|
||||
- name: Install misc libs
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- libpam2-dev
|
||||
- libpam0g-dev
|
||||
- comerr-dev
|
||||
- e2fslibs-dev
|
||||
- libcap-dev
|
||||
- libattr1-dev
|
||||
- libacl1-dev
|
||||
- libselinux1-dev
|
||||
- libpcre3-dev
|
||||
- libapt-pkg-dev
|
||||
- linux-libc-dev
|
||||
- libkrb5-dev
|
||||
- libgnutls-dev
|
||||
- libreadline-dev
|
||||
- libncurses5-dev
|
||||
- libncursesw5-dev
|
||||
- libghc-mtl-dev
|
||||
- libghc-mtl-prof
|
||||
- libghc-mtl-doc
|
||||
- libghc-network-dev
|
||||
- libghc-parsec3-dev
|
||||
- libboost-dev
|
||||
- zlib1g-dev
|
||||
- libbz2-dev
|
||||
- libcurl4-gnutls-dev
|
||||
- libexpat1-dev
|
||||
- libglib2.0-dev
|
||||
- libgmp3-dev
|
||||
- libsasl2-dev
|
||||
- libsctp-dev
|
||||
- libsqlite3-dev
|
||||
- libssl-dev
|
||||
- libxml2-dev
|
||||
- libxslt1-dev
|
||||
- ss-dev
|
||||
- mesa-common-dev
|
||||
- uuid-dev
|
||||
- libprotobuf-c-dev
|
||||
- libprotobuf-dev
|
||||
- libffi-dev
|
||||
- libidl-dev
|
||||
- libelf-dev
|
||||
- libdw-dev
|
||||
- libaudit-dev
|
||||
- libgmp-dev
|
||||
- libmpfr-dev
|
||||
- libmpc-dev
|
||||
- libfplll-dev
|
||||
|
||||
- name: Install x11 libs
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- xorg-dev
|
||||
- libgtk2.0-dev
|
||||
- libqt4-dev
|
||||
- libsdl1.2-dev
|
||||
- freeglut3-dev
|
||||
- libgl1-mesa-dev
|
||||
- libglu1-mesa-dev
|
||||
- libghc-x11-dev
|
||||
- libghc-x11-doc
|
||||
- libghc-x11-prof
|
||||
- libgtkmm-2.4-dev
|
||||
- glade
|
||||
- xutils-dev
|
||||
|
||||
- name: Install IDEs
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- eclipse
|
||||
- monodevelop
|
||||
|
||||
- name: Install cross toolchains
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- gcc-5-arm-linux-gnueabi
|
||||
- gcc-5-mips-linux-gnu
|
||||
- gcc-5-mipsel-linux-gnu
|
||||
- gcc-5-powerpc-linux-gnu
|
||||
- gcc-5-sparc64-linux-gnu
|
||||
- gcc-5-s390x-linux-gnu
|
||||
|
||||
- name: Install misc dev tools
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- gperf
|
||||
- gettext
|
||||
- check
|
||||
- dejagnu
|
||||
- doxygen
|
||||
- exuberant-ctags
|
||||
- indent
|
||||
- cutils
|
||||
- chrpath
|
||||
- openmpi-bin
|
||||
- openmpi-doc
|
||||
- protobuf-compiler
|
||||
- protobuf-c-compiler
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
- name: update hosts
|
||||
connection: local
|
||||
become: no
|
||||
git: repo=~git/public/hosts.git dest=generate-hosts
|
||||
|
||||
- name: generate hosts file
|
||||
connection: local
|
||||
become: no
|
||||
shell: generate-hosts/generate-hosts.py < generate-hosts/hosts.in > generate-hosts/hosts
|
||||
|
||||
- name: copy hosts file
|
||||
copy: src=generate-hosts/hosts dest=/etc/hosts backup=yes
|
|
@ -0,0 +1,18 @@
|
|||
---
|
||||
|
||||
- name: Install hardware probing tools
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- lm-sensors
|
||||
- smartmontools
|
||||
- hwinfo
|
||||
- lshw
|
||||
- acpi
|
||||
|
||||
- name: Install framebuffer stuff
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- vbetool
|
||||
- fbset
|
||||
- read-edid
|
||||
|
|
@ -0,0 +1,30 @@
|
|||
---
|
||||
|
||||
- name: Install nfs-common
|
||||
apt: name=nfs-common state=latest
|
||||
|
||||
- name: change NEED_GSSD to NEED_GSSD=1
|
||||
lineinfile: dest=/etc/default/nfs-common
|
||||
state=present
|
||||
backrefs=yes
|
||||
regexp='^NEED_GSSD=$'
|
||||
line='NEED_GSSD=1'
|
||||
|
||||
- name: restart and enable rpc-gssd
|
||||
service: name=rpc-gssd state=started enabled=yes
|
||||
|
||||
- name: ensure mountpoints exist
|
||||
file: path={{ item }} state=directory
|
||||
with_items:
|
||||
- /users
|
||||
- /music
|
||||
- /scratch
|
||||
|
||||
- name: Add fstab entry for users
|
||||
mount: src="aspartame:/users" name=/users fstype=nfs opts="bg,vers=3,sec=krb5,nosuid,nodev" dump=0 passno=0 state=mounted
|
||||
|
||||
- name: Add fstab entry for music
|
||||
mount: src="aspartame:/music" name=/music fstype=nfs opts="bg,vers=3,sec=sys,nolock,noatime,nosuid,nodev" dump=0 passno=0 state=mounted
|
||||
|
||||
- name: Add fstab entry for scratch
|
||||
mount: src="corn-syrup:/scratch" name=/scratch fstype=nfs opts="bg,vers=3,sec=sys,noatime,nosuid,nodev" dump=0 passno=0 state=mounted
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
|
||||
- name: Install Ubuntu desktop metapackages
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- ubuntu-desktop
|
||||
- kubuntu-desktop
|
||||
- edubuntu-desktop
|
||||
- lubuntu-desktop
|
||||
- mate-desktop-environment
|
||||
- cinnamon-desktop-environment
|
||||
- ubuntustudio-desktop
|
||||
- xubuntu-desktop
|
Loading…
Reference in New Issue