refactor role, fix #1

3e909302 · Lars Beckers · Thomas Schneider · 037d748b · 3e909302 · 3e909302
Commit 3e909302 authored 7 years ago by Lars Beckers Committed by Thomas Schneider 4 years ago
--- a/client/defaults/main.yml
+++ b/client/defaults/main.yml
+---
+client_use_proprietary_google_apps: False
+client_do_rsyslog: True
+client_provision_mozilla: True
--- a/client/files/icedove/defaults/pref/asta.js
+++ b/client/files/icedove/defaults/pref/asta.js
+// Disable offline folder
+lockPref("mail.server.default.autosync_offline_stores", false);
+lockPref("mail.server.default.offline_download", false);
+// for newly generated profiles HTML mail is disabled by default, however the user can change it
+pref("mail.identity.default.compose_html", false);
+// disable playing sound on incoming mail
+pref("mail.biff.play_sound", false);
+// disable cloud files for large attachments
+lockPref("mail.cloud_files.enabled", false);
+// send HTML mails also in plaintext
+lockPref("mail.default_html_action", 3);
+// always show quota
+pref("mail.quota.mainwindow_threshold.show", 0);
+// warning at 80%
+pref("mail.quota.mainwindow_threshold.warning", 80);
+// critical at 95%
+pref("mail.quota.mainwindow_threshold.critical", 95);
+// find out how this works...
+// // define asta mail account
+// pref("mail.accountmanager.appendaccounts", "AStA");
+// pref("mail.accountmanager.defaultaccount", "AStA");
+// pref("mail.account.account0.server", "mail.asta.rwth-aachen.de");
--- a/client/files/icedove/defaults/pref/vendor.js
+++ b/client/files/icedove/defaults/pref/vendor.js
+// Forbid application updates
+lockPref("app.update.enabled", false);
+// Pointing the "Help -> What's new" menu entry to mozilla.debian.net
+// pref("mailnews.start_page.override_url", "http://wiki.debian.org/Icedove/WhatsNew45");
--- a/client/files/iceweasel/defaults/pref/local-settings.js
+++ b/client/files/iceweasel/defaults/pref/local-settings.js
+pref("general.config.obscure_value", 0); // the mozilla.cfg is not ROT13 "encrypted"
+pref("general.config.filename", "mozilla.cfg");
--- a/client/files/iceweasel/mozilla.cfg
+++ b/client/files/iceweasel/mozilla.cfg
+//
+lockPref("browser.cache.disk.enable", false);
+lockPref("browser.cache.memory.enable", true);
+// since our system are multi seated systems lower the ram use, our internet connection is fast enough
+lockPref("browser.cache.memory.capacity", 65536);
+// disable proxy autodiscovery
+lockPref("network.enablePad", false);
+// disable proxy
+// 0 --> direct connection no proxy
+// 1 --> manual proxy, e.g. via network.proxy.*
+// 2 --> autoconfiguration via network.proxy.autoconfig_url
+// 3 --> same as 0
+// 4 --> auto detect proxy settings
+lockPref("network.proxy.type", 0);
--- a/client/tasks/configuration.yml
+++ b/client/tasks/configuration.yml
@@ -3,92 +3,33 @@
 - name: ensure correct hosts file
  template: src=hosts.j2 dest=/etc/hosts
-  tags:
-    - client
-    - config
 - name: ensure i3 is able to lock the screen
  copy: src=i3lock dest=/usr/local/bin/i3lock owner=root group=root mode=0755
-  tags:
-    - desktop
-    - config
- name: ensure kde nepomuk is disabled
-  file: path=/usr/share/autostart/nepomukserver.desktop state=absent
-  tags:
-    - config
-    - desktop
-    - clean
 - name: ensure a sane default web browser
  alternatives: name=x-www-browser path=/usr/bin/firefox
-  tags:
-    - config
-    - desktop
- name: ensure a rotten default session manager
-  alternatives: name=x-session-manager path=/usr/bin/startkde
-  tags:
-    - config
-    - desktop
- name: ensure a rotten default display manager
-  copy: src=displayManager dest=/etc/X11/default-display-manager owner=root group=root mode=0644
-  tags:
-    - config
-    - desktop
-#- name: ensure we got a properly configured kdm
-#  copy: src=kdm/kdmrc dest=/etc/kde4/kdm/kdmrc owner=root group=root mode=0644
-#  tags:
-#    - config
-#    - desktop
-#    - fsmpi
-#
-#- name: ensure deployment of a nice kdm theme
-#  copy: src=kdm/fsmpi_theme/ dest=/usr/share/kde4/apps/kdm/themes/fsmpi owner=root group=root mode=0644
-#  tags:
-#    - config
-#    - desktop
-#    - fsmpi
-#
-#- name: ensure kdm is enabled
-#  service: name=kdm state=running
-#  tags:
-#    - service
-#    - desktop
-#
-#- name: ensure deployment of kde provisioning
-#  copy: src=kde/ dest=/etc/kde4 owner=root group=root mode=0644
-#  tags:
-#    - config
-#    - desktop
-#    - fsmpi
 - name: ensure we have the correct printer
  template: src=lpoptions.j2 dest=/etc/cups/lpoptions owner=root group=root mode=0644
-  tags:
+  when: smb_domain == 'FSMPI' # not ported yet
-    - desktop
-    - fsmpi
-    - config
-# granting all users access to sound card
 - name: grant user access to soundcard
  copy: src=udev_audio-perm.rules dest=/etc/udev/rules.d/50-audio-perm.rules owner=root group=root mode=0644
-  tags:
-    - config
-    - desktop
- name: "copy fonts"
+- name: ensure RWTH fonts are available
  copy: src={{ item }} dest=/usr/local/share/fonts/ owner=root group=root mode=0644
  with_fileglob:
    - fonts/*
-  tags:
-    - fonts
-    - desktop
 - name: configure logrotate for rsyslog files to fit the client needs
  copy: src=logrotate/rsyslog dest=/etc/logrotate.d/rsyslog owner=root group=root mode=0644
-  tags:
+  when: client_do_rsyslog
-    - client
-    - logrotate
+#- name: ensure iceweasel default profile stuff is installed
+#  copy: src=iceweasel/ dest=/usr/lib/firefox-esr/ owner=root group=root mode=0644
+#  when: client_provision_mozilla
+#
+#- name: ensure icedove default profile stuff is installed
+#  copy: src=icedove/ dest=/usr/lib/icedove/ owner=root group=root mode=0644
+#  when: client_provision_mozilla
--- a/client/tasks/kde.yml
+++ b/client/tasks/kde.yml
@@ -76,4 +76,24 @@
    - kde
    - desktop
+- name: ensure kde nepomuk is disabled
+  file: path=/usr/share/autostart/nepomukserver.desktop state=absent
+- name: ensure a rotten default session manager
+  alternatives: name=x-session-manager path=/usr/bin/startkde
+- name: ensure a rotten default display manager
+  copy: src=displayManager dest=/etc/X11/default-display-manager owner=root group=root mode=0644
+#- name: ensure we got a properly configured kdm
+#  copy: src=kdm/kdmrc dest=/etc/kde4/kdm/kdmrc owner=root group=root mode=0644
+#
+#- name: ensure deployment of a nice kdm theme
+#  copy: src=kdm/fsmpi_theme/ dest=/usr/share/kde4/apps/kdm/themes/fsmpi owner=root group=root mode=0644
+#
+#- name: ensure kdm is enabled
+#  service: name=kdm state=running
+#
+#- name: ensure deployment of kde provisioning
+#  copy: src=kde/ dest=/etc/kde4 owner=root group=root mode=0644
--- a/client/tasks/main.yml
+++ b/client/tasks/main.yml
@@ -7,5 +7,8 @@
 - meta: flush_handlers
 - include: software.yml
 - meta: flush_handlers
+- include: proprietary.yml
+  when: client_use_proprietary_google_apps
+- meta: flush_handlers
 - include: configuration.yml
 - meta: flush_handlers
--- a/client/tasks/proprietary.yml
+++ b/client/tasks/proprietary.yml
+---
+- name: ensure apt got the key to verify the google repo
+  apt_key: data="{{ lookup('file', 'google.gpg') }}" state=present
+  notify:
+    - update apt cache
+- name: ensure apt knows about the google repo
+  apt_repository: repo='deb http://dl.google.com/linux/chrome/deb/ stable main' state=present
+  notify:
+    - update apt cache
+- name: ensure proprietary google applications are installed
+  apt: name=google-chrome-stable state=installed
--- a/client/tasks/software.yml
+++ b/client/tasks/software.yml
@@ -5,158 +5,206 @@
  apt: name={{ item }} state=installed
  with_items:
    - libreoffice # this is a meta-package
+    - libreoffice-help-de
+    - libreoffice-l10n-de
+    - texstudio
+- name: ensure artistic applications are installed
+  apt: name={{ item }} state=installed
+  with_items:
+    - inkscape
    - gimp
    - gimp-dcraw
    - gimp-texturize
-    - gnucash
    - scribus
    - scribus-doc
    - scribus-template
-    - gv
+    - dia
-    - inkscape
+    - gnuplot
-    - ttf-mscorefonts-installer
-    - ttf-opensymbol
+- name: ensure pdf applications are installed
-    - pdftk
+  apt: name={{ item }} state=installed
+  with_items:
    - evince
-    - okular
+    - gv
    - pdfgrep
    - pdfjam
-    - meld
+    - pdfmod
-    - gnuplot
+    - pdftk
-    - texstudio
+    - xournal
-    - kwrite
+- name: ensure finance applications are installed
+  apt: name={{ item }} state=installed
+  with_items:
+    - gnucash
    - kmymoney
-  tags:
-    - packages
-    - office
- name: ensure development applications are installed
+- name: ensure python packages are installed
  apt: name={{ item }} state=installed
  with_items:
-    - dia
+    - python-matplotlib
-    - subversion
-    - emacs
-    - joe
-    - python-openssl
    - python-numpy
+    - python-opencv
+    - python-openssl
+    - python-pip
+    - python-prettytable
+    - python-pysnmp4
    - python-scipy
-    - python-matplotlib
+    - python-virtualenv
+    - python3
+    - python3-matplotlib
+    - python3-pip
+    - python3-pyqt5
+    - python3-scipy
+    - python3-virtualenv
+    - virtualenv
    - ipython
+    - ipython3
+- name: ensure haskell packages are installed
+  apt: name={{ item }} state=installed
+  with_items:
+    - pandoc
    - ghc
    - c2hs
    - libghc-hakyll-dev
    - cabal-install
    - alex
    - happy
-    - python3
-    - ipython3
+- name: ensure x11 development packages are installed
-    - virtualenv
+  apt: name={{ item }} state=installed
-    - python3-virtualenv
+  with_items:
-    - python3-matplotlib
-    - python3-pip
-    - default-jdk
-    - python-opencv
-    - python-pip
-    - python-virtualenv
-    #- root-system
-    - octave
-    #- libroot-bindings-python5.34
-    - mysql-client
    - libasound2-dev
    - libx11-dev
-    - libxinerama-dev
    - libxext-dev
    - libxft-dev
+    - libxinerama-dev
    - libxrandr-dev
+- name: ensure other development environments are installed
+  apt: name={{ item }} state=installed
+  with_items:
+    - default-jdk
+    - octave
+#    - root-system
+#    - libroot-bindings-python5.34
+- name: ensure development applications are installed
+  apt: name={{ item }} state=installed
+  with_items:
    - cmake
-    - gitk
+    - meld
+    - subversion
    - git-svn
-  tags:
+    - gitk
-    - packages
+    - mysql-client
-    - development
+    - gdb
- name: ensure internet applications are installed
+- name: ensure mozilla applications are installed
  apt: name={{ item }} state=installed
  with_items:
    - thunderbird
+    - thunderbird-l10n-de
    - firefox-esr
+    - firefox-esr-l10n-de
    - lightning
-    - xul-ext-quotecolors
+    - lightning-l10n-de
    - enigmail
+    - xul-ext-quotecolors
+#    - xul-ext-ublock-origin
+#    - xul-ext-https-everywhere
+#    - xul-ext-sieve
+#    - xul-ext-noscript
+#    - xul-ext-kwallet5
+- name: ensure google applications are installed
+  apt: name={{ item }} state=installed
+  with_items:
    - chromium
    - chromium-l10n
+- name: ensure chat applications are installed
+  apt: name={{ item }} state=installed
+  with_items:
    - pidgin
    - pidgin-otr
    - pidgin-themes
    - pidgin-plugin-pack
    - irssi
    - weechat
-    - filezilla
-    - keepassx
+- name: ensure remote session applications are installed
+  apt: name={{ item }} state=installed
+  with_items:
    - rdesktop
-    - imapfilter
-    - mutt
-    - w3m
    - x2goclient
-  tags:
+    - remmina
-    - packages
+    - remmina-plugin-rdp
-    - internet
+    - remmina-plugin-vnc
+    - freerdp-x11
+    - x11vnc
+    - filezilla
- name: ensure multimedia applications are installed
+- name: ensure audio environment is installed
  apt: name={{ item }} state=installed
  with_items:
-    - vlc
+    - alsa-utils
-    - smplayer
    - pulseaudio
+    - pulseaudio-utils
    - pavucontrol
+- name: ensure multimedia applications are installed
+  apt: name={{ item }} state=installed
+  with_items:
+    - vlc
    - mplayer
-    - pulseaudio-utils
+    - smplayer
-    - alsa-utils
+    - ffmpeg
-    - arandr
-  tags:
-    - packages
-    - multimedia
- name: ensure desktop environments are installed
+- name: ensure password managers are installed
  apt: name={{ item }} state=installed
  with_items:
-    - inkscape
+    - pass
-    - i3
+    - keepassx
-    - i3-wm
-    - i3status
-    - suckless-tools
-    - dunst
-  tags:
-    - packages
-    - desktop
- name: ensure console applications are installed
+- name: ensure non-desktop-environment applications are installed
  apt: name={{ item }} state=installed
  with_items:
-    - konsole
+    - i3-wm
+    - i3status
+    - dunst
+    - suckless-tools
+    - arandr
    - rxvt-unicode
-  tags:
+    - mutt
-    - packages
+    - imapfilter
-    - console
+    - offlineimap
+    - tnef
+    - w3m
+    - away
- name: ensure localisation is installed
+- name: ensure dictionaries and spell checkers are installed
  apt: name={{ item }} state=installed
  with_items:
    - aspell-de
-    - aspell-de-alt
    - manpages-de
    - ingerman
    - wngerman
    - hunspell-de-de
    - hyphen-de
-    - iceweasel-l10n-de
-    - libreoffice-help-de
-    - libreoffice-l10n-de
    - mythes-de
-    - kde-l10n-de
-  tags:
+- name: ensure additional fonts are installed
-    - packages
+  apt: name={{ item }} state=installed
-    - locale
+  with_items:
+    - ttf-mscorefonts-installer
+    - ttf-opensymbol
+    - fonts-unfonts-core
+    - fonts-ipafont-gothic
+    - fonts-ipafont-mincho
+    - fonts-arphic-ukai
+    - fonts-arphic-uming
 - name: ensure unwanted applications are uninstalled
  apt: name={{ item }} state=absent
@@ -166,19 +214,3 @@
    - update-manager-gnome
    - popularity-contest
    - konqueror
-  tags:
-    - packages
-    - clean
- name: ensure korean letters are more than squares
-  apt: name="{{item}}" state=installed
-  with_items:
-    - fonts-unfonts-core
-    - fonts-ipafont-gothic
-    - fonts-ipafont-mincho
-    - fonts-arphic-ukai
-    - fonts-arphic-uming
-  tags:
-    - locale
-    - font
-    - packages