From 00e9aaf59be6a365785f37f7483c2adc9042a6ef Mon Sep 17 00:00:00 2001
From: Freezed <2160318-free_zed@users.noreply.gitlab.com>
Date: Fri, 25 Feb 2022 00:10:16 +0100
Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20Add=20system=20configuration?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
- root dot files, shell & font
- my_user shell
- openNTP deamon
---
Makefile | 5 +--
README.md | 3 +-
tasks/system_cfg/main.yml | 16 ++++++++
tasks/system_cfg/my_user.yml | 8 ++++
tasks/system_cfg/ntp.yml | 24 ++++++++++++
tasks/system_cfg/root.yml | 49 +++++++++++++++++++++++++
tasks/system_cfg/templates/ntpd.conf.j2 | 15 ++++++++
tasks/system_cfg/vars.yml | 6 +++
8 files changed, 122 insertions(+), 4 deletions(-)
create mode 100644 tasks/system_cfg/main.yml
create mode 100644 tasks/system_cfg/my_user.yml
create mode 100644 tasks/system_cfg/ntp.yml
create mode 100644 tasks/system_cfg/root.yml
create mode 100644 tasks/system_cfg/templates/ntpd.conf.j2
create mode 100644 tasks/system_cfg/vars.yml
diff --git a/Makefile b/Makefile
index da6aea8..009c415 100644
--- a/Makefile
+++ b/Makefile
@@ -9,10 +9,9 @@ open_all:
${EDITOR} .gitignore inventory Makefile README.md
${EDITOR} tasks/*.yml
${EDITOR} tasks/files/sshd_config
- ${EDITOR} tasks/files/sshd_config
- ${EDITOR} tasks/user_cfg/*.yml
+ ${EDITOR} tasks/system_cfg/*.yml
+ ${EDITOR} tasks/system_cfg/templates/*.j2
${EDITOR} tasks/user_cfg/*.yml
- ${EDITOR} tasks/user_cfg/files/sshd_config
${EDITOR} tasks/user_cfg/files/dotfiles/*
${EDITOR} tasks/user_cfg/templates/*.j2
${EDITOR} tasks/user_cfg/vars/*.yml
diff --git a/README.md b/README.md
index 1c76121..b472758 100644
--- a/README.md
+++ b/README.md
@@ -18,7 +18,8 @@ Suitable for server and workstation.
| [`become_user_cfg.yml`](tasks/become_user_cfg.yml) | Set `sudo` without password for `become_user` access |
| [`host_info.yml`](tasks/host_info.yml) | Return message with distribution full name & version |
| [`shutdown.yml`](tasks/shutdown.yml) | Shutdown target in 10 min |
-| [`user_cfg`](tasks/user_cfg/main.yml) | Configure `{{ my_user }}` & `root` users |
+| [`system_cfg`](tasks/system_cfg/main.yml) | Configure `root` users , NTP & `{{ my_users }}` shell |
+| [`user_cfg`](tasks/user_cfg/main.yml) | Configure `{{ my_user }}` |
| [`whoami.yml`](tasks/whoami.yml) | Return message with `ansible_user` & `become_user` (`sudo` method) |
diff --git a/tasks/system_cfg/main.yml b/tasks/system_cfg/main.yml
new file mode 100644
index 0000000..991e47b
--- /dev/null
+++ b/tasks/system_cfg/main.yml
@@ -0,0 +1,16 @@
+---
+- hosts: "{{ host_list }}"
+ become_user: "{{ my_user }}"
+ become_method: su
+ remote_user: root
+
+ tasks:
+
+ - name: "IMPORT_TASKS | root"
+ ansible.builtin.import_tasks: root.yml
+
+ - name: "IMPORT_TASKS | ntp"
+ ansible.builtin.import_tasks: ntp.yml
+
+ - name: "IMPORT_TASKS | {{ my_user }}"
+ ansible.builtin.import_tasks: my_user.yml
diff --git a/tasks/system_cfg/my_user.yml b/tasks/system_cfg/my_user.yml
new file mode 100644
index 0000000..35b0a13
--- /dev/null
+++ b/tasks/system_cfg/my_user.yml
@@ -0,0 +1,8 @@
+---
+
+- name: MY USER | set zsh for shell
+ become: no
+ ansible.builtin.user:
+ name: "{{ my_user }}"
+ shell: /bin/zsh
+ state: present
diff --git a/tasks/system_cfg/ntp.yml b/tasks/system_cfg/ntp.yml
new file mode 100644
index 0000000..fad4dc7
--- /dev/null
+++ b/tasks/system_cfg/ntp.yml
@@ -0,0 +1,24 @@
+---
+
+- name: NTP | INCLUDE_VARS
+ ansible.builtin.include_vars: "vars.yml"
+
+- name: NTP | install NTP daemon
+ ansible.builtin.apt:
+ pkg: openntpd
+ state: present
+
+- name: NTP | deploy OpenNTPd configuration file
+ ansible.builtin.template:
+ src: templates/ntpd.conf.j2
+ dest: /etc/openntpd/ntpd.conf
+ mode: 0644
+ owner: root
+ group: root
+ register: openntpd_cfg
+
+- name: restart openntpd
+ when: openntpd_cfg.changed
+ ansible.builtin.service:
+ name: openntpd
+ state: restarted
diff --git a/tasks/system_cfg/root.yml b/tasks/system_cfg/root.yml
new file mode 100644
index 0000000..1b1e80e
--- /dev/null
+++ b/tasks/system_cfg/root.yml
@@ -0,0 +1,49 @@
+---
+
+- name: ROOT | dotfiles presence
+ become: no
+ ansible.builtin.copy:
+ src: "{{ item }}"
+ dest: "/root/.{{ item | basename }}"
+ mode: 0640
+ owner: root
+ group: root
+ with_fileglob:
+ ../user_cfg/files/dotfiles/*
+ loop_control:
+ label: "{{ item | basename }}"
+
+- name: ROOT | ZSH files absence
+ become: no
+ ansible.builtin.file:
+ path: "/etc/zsh/zlogin"
+ state: absent
+
+- name: ROOT | Set ZSH for shell
+ become: no
+ ansible.builtin.user:
+ name: root
+ shell: /bin/zsh
+ state: present
+
+- name: ROOT | TEMP-FIX font dir absence
+ become: no
+ ansible.builtin.file:
+ path: "/usr/local/share/fonts/fonts/"
+ state: absent
+
+- name: ROOT | JetBrainsMono presence
+ become: no
+ ansible.builtin.find:
+ path: "/usr/local/share/fonts/"
+ patterns: "JetBrainsMono*"
+ recurse: yes
+ register: font_presence
+
+- name: ROOT | install JetBrainsMono font
+ become: no
+ when: font_presence.matched < 50
+ ansible.builtin.unarchive:
+ dest: "/usr/local/share/"
+ remote_src: yes
+ src: https://download.jetbrains.com/fonts/JetBrainsMono-2.242.zip
diff --git a/tasks/system_cfg/templates/ntpd.conf.j2 b/tasks/system_cfg/templates/ntpd.conf.j2
new file mode 100644
index 0000000..f9c6a26
--- /dev/null
+++ b/tasks/system_cfg/templates/ntpd.conf.j2
@@ -0,0 +1,15 @@
+# ############################################# #
+# openNTP config file #
+# /etc/ntp/ntpd.conf #
+# #
+# This file is managed by Ansible #
+# Manual edition will be overridden #
+# #
+# https://lab.frogg.it/fcode/ansible/debian #
+# #
+# ############################################# #
+
+# See http://support.ntp.org/bin/view/Servers/NTPPoolServers
+{% for host in ntp_hosts %}
+servers {{ host }}
+{% endfor %}
diff --git a/tasks/system_cfg/vars.yml b/tasks/system_cfg/vars.yml
new file mode 100644
index 0000000..9d7cc89
--- /dev/null
+++ b/tasks/system_cfg/vars.yml
@@ -0,0 +1,6 @@
+---
+ntp_hosts:
+ - '0.europe.pool.ntp.org'
+ - '1.europe.pool.ntp.org'
+ - '2.europe.pool.ntp.org'
+ - '3.europe.pool.ntp.org'
--
GitLab