From 3e909302d95d2663157da1cb338e390c97c746c2 Mon Sep 17 00:00:00 2001
From: Lars Beckers <lars.beckers@rwth-aachen.de>
Date: Tue, 26 Sep 2017 22:41:09 +0200
Subject: [PATCH] refactor role, fix #1
---
client/defaults/main.yml | 5 +
client/files/icedove/defaults/pref/asta.js | 35 +++
client/files/icedove/defaults/pref/vendor.js | 6 +
.../iceweasel/defaults/pref/local-settings.js | 2 +
client/files/iceweasel/mozilla.cfg | 14 ++
client/tasks/configuration.yml | 81 +-----
client/tasks/kde.yml | 20 ++
client/tasks/main.yml | 3 +
client/tasks/proprietary.yml | 14 ++
client/tasks/software.yml | 230 ++++++++++--------
10 files changed, 241 insertions(+), 169 deletions(-)
create mode 100644 client/defaults/main.yml
create mode 100644 client/files/icedove/defaults/pref/asta.js
create mode 100644 client/files/icedove/defaults/pref/vendor.js
create mode 100644 client/files/iceweasel/defaults/pref/local-settings.js
create mode 100644 client/files/iceweasel/mozilla.cfg
create mode 100644 client/tasks/proprietary.yml
diff --git a/client/defaults/main.yml b/client/defaults/main.yml
new file mode 100644
index 0000000..b102a09
--- /dev/null
+++ b/client/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+
+client_use_proprietary_google_apps: False
+client_do_rsyslog: True
+client_provision_mozilla: True
diff --git a/client/files/icedove/defaults/pref/asta.js b/client/files/icedove/defaults/pref/asta.js
new file mode 100644
index 0000000..7a7395f
--- /dev/null
+++ b/client/files/icedove/defaults/pref/asta.js
@@ -0,0 +1,35 @@
+// Disable offline folder
+lockPref("mail.server.default.autosync_offline_stores", false);
+lockPref("mail.server.default.offline_download", false);
+
+// for newly generated profiles HTML mail is disabled by default, however the user can change it
+pref("mail.identity.default.compose_html", false);
+
+// disable playing sound on incoming mail
+pref("mail.biff.play_sound", false);
+
+// disable cloud files for large attachments
+lockPref("mail.cloud_files.enabled", false);
+
+// send HTML mails also in plaintext
+lockPref("mail.default_html_action", 3);
+
+// always show quota
+pref("mail.quota.mainwindow_threshold.show", 0);
+
+// warning at 80%
+pref("mail.quota.mainwindow_threshold.warning", 80);
+
+// critical at 95%
+pref("mail.quota.mainwindow_threshold.critical", 95);
+
+
+// find out how this works...
+// // define asta mail account
+// pref("mail.accountmanager.appendaccounts", "AStA");
+// pref("mail.accountmanager.defaultaccount", "AStA");
+// pref("mail.account.account0.server", "mail.asta.rwth-aachen.de");
+
+
+
+
diff --git a/client/files/icedove/defaults/pref/vendor.js b/client/files/icedove/defaults/pref/vendor.js
new file mode 100644
index 0000000..13e0793
--- /dev/null
+++ b/client/files/icedove/defaults/pref/vendor.js
@@ -0,0 +1,6 @@
+// Forbid application updates
+lockPref("app.update.enabled", false);
+
+// Pointing the "Help -> What's new" menu entry to mozilla.debian.net
+// pref("mailnews.start_page.override_url", "http://wiki.debian.org/Icedove/WhatsNew45");
+
diff --git a/client/files/iceweasel/defaults/pref/local-settings.js b/client/files/iceweasel/defaults/pref/local-settings.js
new file mode 100644
index 0000000..e677e61
--- /dev/null
+++ b/client/files/iceweasel/defaults/pref/local-settings.js
@@ -0,0 +1,2 @@
+pref("general.config.obscure_value", 0); // the mozilla.cfg is not ROT13 "encrypted"
+pref("general.config.filename", "mozilla.cfg");
diff --git a/client/files/iceweasel/mozilla.cfg b/client/files/iceweasel/mozilla.cfg
new file mode 100644
index 0000000..8d1e5a2
--- /dev/null
+++ b/client/files/iceweasel/mozilla.cfg
@@ -0,0 +1,14 @@
+//
+lockPref("browser.cache.disk.enable", false);
+lockPref("browser.cache.memory.enable", true);
+// since our system are multi seated systems lower the ram use, our internet connection is fast enough
+lockPref("browser.cache.memory.capacity", 65536);
+// disable proxy autodiscovery
+lockPref("network.enablePad", false);
+// disable proxy
+// 0 --> direct connection no proxy
+// 1 --> manual proxy, e.g. via network.proxy.*
+// 2 --> autoconfiguration via network.proxy.autoconfig_url
+// 3 --> same as 0
+// 4 --> auto detect proxy settings
+lockPref("network.proxy.type", 0);
diff --git a/client/tasks/configuration.yml b/client/tasks/configuration.yml
index 25cd16d..ffabc84 100644
--- a/client/tasks/configuration.yml
+++ b/client/tasks/configuration.yml
@@ -3,92 +3,33 @@
- name: ensure correct hosts file
template: src=hosts.j2 dest=/etc/hosts
- tags:
- - client
- - config
- name: ensure i3 is able to lock the screen
copy: src=i3lock dest=/usr/local/bin/i3lock owner=root group=root mode=0755
- tags:
- - desktop
- - config
-
-- name: ensure kde nepomuk is disabled
- file: path=/usr/share/autostart/nepomukserver.desktop state=absent
- tags:
- - config
- - desktop
- - clean
- name: ensure a sane default web browser
alternatives: name=x-www-browser path=/usr/bin/firefox
- tags:
- - config
- - desktop
-
-- name: ensure a rotten default session manager
- alternatives: name=x-session-manager path=/usr/bin/startkde
- tags:
- - config
- - desktop
-
-- name: ensure a rotten default display manager
- copy: src=displayManager dest=/etc/X11/default-display-manager owner=root group=root mode=0644
- tags:
- - config
- - desktop
-
-#- name: ensure we got a properly configured kdm
-# copy: src=kdm/kdmrc dest=/etc/kde4/kdm/kdmrc owner=root group=root mode=0644
-# tags:
-# - config
-# - desktop
-# - fsmpi
-#
-#- name: ensure deployment of a nice kdm theme
-# copy: src=kdm/fsmpi_theme/ dest=/usr/share/kde4/apps/kdm/themes/fsmpi owner=root group=root mode=0644
-# tags:
-# - config
-# - desktop
-# - fsmpi
-#
-#- name: ensure kdm is enabled
-# service: name=kdm state=running
-# tags:
-# - service
-# - desktop
-#
-#- name: ensure deployment of kde provisioning
-# copy: src=kde/ dest=/etc/kde4 owner=root group=root mode=0644
-# tags:
-# - config
-# - desktop
-# - fsmpi
- name: ensure we have the correct printer
template: src=lpoptions.j2 dest=/etc/cups/lpoptions owner=root group=root mode=0644
- tags:
- - desktop
- - fsmpi
- - config
+ when: smb_domain == 'FSMPI' # not ported yet
-# granting all users access to sound card
- name: grant user access to soundcard
copy: src=udev_audio-perm.rules dest=/etc/udev/rules.d/50-audio-perm.rules owner=root group=root mode=0644
- tags:
- - config
- - desktop
-- name: "copy fonts"
+- name: ensure RWTH fonts are available
copy: src={{ item }} dest=/usr/local/share/fonts/ owner=root group=root mode=0644
with_fileglob:
- fonts/*
- tags:
- - fonts
- - desktop
- name: configure logrotate for rsyslog files to fit the client needs
copy: src=logrotate/rsyslog dest=/etc/logrotate.d/rsyslog owner=root group=root mode=0644
- tags:
- - client
- - logrotate
+ when: client_do_rsyslog
+
+#- name: ensure iceweasel default profile stuff is installed
+# copy: src=iceweasel/ dest=/usr/lib/firefox-esr/ owner=root group=root mode=0644
+# when: client_provision_mozilla
+#
+#- name: ensure icedove default profile stuff is installed
+# copy: src=icedove/ dest=/usr/lib/icedove/ owner=root group=root mode=0644
+# when: client_provision_mozilla
diff --git a/client/tasks/kde.yml b/client/tasks/kde.yml
index c37d76b..a793018 100644
--- a/client/tasks/kde.yml
+++ b/client/tasks/kde.yml
@@ -76,4 +76,24 @@
- kde
- desktop
+- name: ensure kde nepomuk is disabled
+ file: path=/usr/share/autostart/nepomukserver.desktop state=absent
+
+- name: ensure a rotten default session manager
+ alternatives: name=x-session-manager path=/usr/bin/startkde
+
+- name: ensure a rotten default display manager
+ copy: src=displayManager dest=/etc/X11/default-display-manager owner=root group=root mode=0644
+
+#- name: ensure we got a properly configured kdm
+# copy: src=kdm/kdmrc dest=/etc/kde4/kdm/kdmrc owner=root group=root mode=0644
+#
+#- name: ensure deployment of a nice kdm theme
+# copy: src=kdm/fsmpi_theme/ dest=/usr/share/kde4/apps/kdm/themes/fsmpi owner=root group=root mode=0644
+#
+#- name: ensure kdm is enabled
+# service: name=kdm state=running
+#
+#- name: ensure deployment of kde provisioning
+# copy: src=kde/ dest=/etc/kde4 owner=root group=root mode=0644
diff --git a/client/tasks/main.yml b/client/tasks/main.yml
index f77c217..ac7c66a 100644
--- a/client/tasks/main.yml
+++ b/client/tasks/main.yml
@@ -7,5 +7,8 @@
- meta: flush_handlers
- include: software.yml
- meta: flush_handlers
+- include: proprietary.yml
+ when: client_use_proprietary_google_apps
+- meta: flush_handlers
- include: configuration.yml
- meta: flush_handlers
diff --git a/client/tasks/proprietary.yml b/client/tasks/proprietary.yml
new file mode 100644
index 0000000..d5aad4a
--- /dev/null
+++ b/client/tasks/proprietary.yml
@@ -0,0 +1,14 @@
+---
+
+- name: ensure apt got the key to verify the google repo
+ apt_key: data="{{ lookup('file', 'google.gpg') }}" state=present
+ notify:
+ - update apt cache
+
+- name: ensure apt knows about the google repo
+ apt_repository: repo='deb http://dl.google.com/linux/chrome/deb/ stable main' state=present
+ notify:
+ - update apt cache
+
+- name: ensure proprietary google applications are installed
+ apt: name=google-chrome-stable state=installed
diff --git a/client/tasks/software.yml b/client/tasks/software.yml
index 55ac1d8..7b78e49 100644
--- a/client/tasks/software.yml
+++ b/client/tasks/software.yml
@@ -5,158 +5,206 @@
apt: name={{ item }} state=installed
with_items:
- libreoffice # this is a meta-package
+ - libreoffice-help-de
+ - libreoffice-l10n-de
+ - texstudio
+
+- name: ensure artistic applications are installed
+ apt: name={{ item }} state=installed
+ with_items:
+ - inkscape
- gimp
- gimp-dcraw
- gimp-texturize
- - gnucash
- scribus
- scribus-doc
- scribus-template
- - gv
- - inkscape
- - ttf-mscorefonts-installer
- - ttf-opensymbol
- - pdftk
+ - dia
+ - gnuplot
+
+- name: ensure pdf applications are installed
+ apt: name={{ item }} state=installed
+ with_items:
- evince
- - okular
+ - gv
- pdfgrep
- pdfjam
- - meld
- - gnuplot
- - texstudio
- - kwrite
+ - pdfmod
+ - pdftk
+ - xournal
+
+- name: ensure finance applications are installed
+ apt: name={{ item }} state=installed
+ with_items:
+ - gnucash
- kmymoney
- tags:
- - packages
- - office
-- name: ensure development applications are installed
+- name: ensure python packages are installed
apt: name={{ item }} state=installed
with_items:
- - dia
- - subversion
- - emacs
- - joe
- - python-openssl
+ - python-matplotlib
- python-numpy
+ - python-opencv
+ - python-openssl
+ - python-pip
+ - python-prettytable
+ - python-pysnmp4
- python-scipy
- - python-matplotlib
+ - python-virtualenv
+ - python3
+ - python3-matplotlib
+ - python3-pip
+ - python3-pyqt5
+ - python3-scipy
+ - python3-virtualenv
+ - virtualenv
- ipython
+ - ipython3
+
+- name: ensure haskell packages are installed
+ apt: name={{ item }} state=installed
+ with_items:
+ - pandoc
- ghc
- c2hs
- libghc-hakyll-dev
- cabal-install
- alex
- happy
- - python3
- - ipython3
- - virtualenv
- - python3-virtualenv
- - python3-matplotlib
- - python3-pip
- - default-jdk
- - python-opencv
- - python-pip
- - python-virtualenv
- #- root-system
- - octave
- #- libroot-bindings-python5.34
- - mysql-client
+
+- name: ensure x11 development packages are installed
+ apt: name={{ item }} state=installed
+ with_items:
- libasound2-dev
- libx11-dev
- - libxinerama-dev
- libxext-dev
- libxft-dev
+ - libxinerama-dev
- libxrandr-dev
+
+- name: ensure other development environments are installed
+ apt: name={{ item }} state=installed
+ with_items:
+ - default-jdk
+ - octave
+# - root-system
+# - libroot-bindings-python5.34
+
+- name: ensure development applications are installed
+ apt: name={{ item }} state=installed
+ with_items:
- cmake
- - gitk
+ - meld
+ - subversion
- git-svn
- tags:
- - packages
- - development
+ - gitk
+ - mysql-client
+ - gdb
-- name: ensure internet applications are installed
+- name: ensure mozilla applications are installed
apt: name={{ item }} state=installed
with_items:
- thunderbird
+ - thunderbird-l10n-de
- firefox-esr
+ - firefox-esr-l10n-de
- lightning
- - xul-ext-quotecolors
+ - lightning-l10n-de
- enigmail
+ - xul-ext-quotecolors
+# - xul-ext-ublock-origin
+# - xul-ext-https-everywhere
+# - xul-ext-sieve
+# - xul-ext-noscript
+# - xul-ext-kwallet5
+
+- name: ensure google applications are installed
+ apt: name={{ item }} state=installed
+ with_items:
- chromium
- chromium-l10n
+
+- name: ensure chat applications are installed
+ apt: name={{ item }} state=installed
+ with_items:
- pidgin
- pidgin-otr
- pidgin-themes
- pidgin-plugin-pack
- irssi
- weechat
- - filezilla
- - keepassx
+
+- name: ensure remote session applications are installed
+ apt: name={{ item }} state=installed
+ with_items:
- rdesktop
- - imapfilter
- - mutt
- - w3m
- x2goclient
- tags:
- - packages
- - internet
+ - remmina
+ - remmina-plugin-rdp
+ - remmina-plugin-vnc
+ - freerdp-x11
+ - x11vnc
+ - filezilla
-- name: ensure multimedia applications are installed
+- name: ensure audio environment is installed
apt: name={{ item }} state=installed
with_items:
- - vlc
- - smplayer
+ - alsa-utils
- pulseaudio
+ - pulseaudio-utils
- pavucontrol
+
+- name: ensure multimedia applications are installed
+ apt: name={{ item }} state=installed
+ with_items:
+ - vlc
- mplayer
- - pulseaudio-utils
- - alsa-utils
- - arandr
- tags:
- - packages
- - multimedia
+ - smplayer
+ - ffmpeg
-- name: ensure desktop environments are installed
+- name: ensure password managers are installed
apt: name={{ item }} state=installed
with_items:
- - inkscape
- - i3
- - i3-wm
- - i3status
- - suckless-tools
- - dunst
- tags:
- - packages
- - desktop
+ - pass
+ - keepassx
-- name: ensure console applications are installed
+- name: ensure non-desktop-environment applications are installed
apt: name={{ item }} state=installed
with_items:
- - konsole
+ - i3-wm
+ - i3status
+ - dunst
+ - suckless-tools
+ - arandr
- rxvt-unicode
- tags:
- - packages
- - console
+ - mutt
+ - imapfilter
+ - offlineimap
+ - tnef
+ - w3m
+ - away
-- name: ensure localisation is installed
+- name: ensure dictionaries and spell checkers are installed
apt: name={{ item }} state=installed
with_items:
- aspell-de
- - aspell-de-alt
- manpages-de
- ingerman
- wngerman
- hunspell-de-de
- hyphen-de
- - iceweasel-l10n-de
- - libreoffice-help-de
- - libreoffice-l10n-de
- mythes-de
- - kde-l10n-de
- tags:
- - packages
- - locale
+
+- name: ensure additional fonts are installed
+ apt: name={{ item }} state=installed
+ with_items:
+ - ttf-mscorefonts-installer
+ - ttf-opensymbol
+ - fonts-unfonts-core
+ - fonts-ipafont-gothic
+ - fonts-ipafont-mincho
+ - fonts-arphic-ukai
+ - fonts-arphic-uming
- name: ensure unwanted applications are uninstalled
apt: name={{ item }} state=absent
@@ -166,19 +214,3 @@
- update-manager-gnome
- popularity-contest
- konqueror
- tags:
- - packages
- - clean
-
-- name: ensure korean letters are more than squares
- apt: name="{{item}}" state=installed
- with_items:
- - fonts-unfonts-core
- - fonts-ipafont-gothic
- - fonts-ipafont-mincho
- - fonts-arphic-ukai
- - fonts-arphic-uming
- tags:
- - locale
- - font
- - packages
--
GitLab