Skip to content

GitLab

P
plan-b
Verified Commit 4aacfcac authored by Todor Kondic's avatar Todor Kondic
Browse files
Options

Update to ECI members

parent 415c75a9
Hide whitespace changes
Inline Side-by-side
Showing with 77 additions and 13 deletions
ansibleit
View file @ 4aacfcac
...@@ -2,4 +2,4 @@ ...@@ -2,4 +2,4 @@
ansible-playbook -i hosts.txt main.yml\ ansible-playbook -i hosts.txt main.yml\
--vault-password-file meta/zubizareta\ --vault-password-file meta/zubizareta\
-u root "$@" -u adamsmith -K "$@"
files/etc/gdm3/greeter.dconf-defaults
View file @ 4aacfcac
...@@ -31,7 +31,7 @@ disable-user-list=false ...@@ -31,7 +31,7 @@ disable-user-list=false
disable-restart-buttons=false disable-restart-buttons=false
# - Show a login welcome message # - Show a login welcome message
banner-message-enable=true banner-message-enable=true
banner-message-text="Welcome to Alien One, ISB401 students." banner-message-text="Hello ECI."
# Automatic suspend # Automatic suspend
# ================= # =================
......
files/etc/gencert 0 → 100755
View file @ 4aacfcac
#!/bin/sh
hname=$1
hip=$2
openssl req -x509 -newkey rsa -days 365 -nodes -keyout vnc.priv.pem -out vnc.pub.pem -subj "/CN=$hip" -addext "subjectAltName=IP:$hip"
chown nobody *.pem
files/etc/installguix.sh
View file @ 4aacfcac
...@@ -295,13 +295,13 @@ sys_create_store() ...@@ -295,13 +295,13 @@ sys_create_store()
--file "$pkg" && --file "$pkg" &&
_msg "${PAS}unpacked archive" _msg "${PAS}unpacked archive"
if [[ -e "/var/guix" || -e "/gnu" ]]; then if [[ -e "/var/guix" || -e "/gnu/store" ]]; then
_err "${ERR}A previous Guix installation was found. Refusing to overwrite." _err "${ERR}A previous Guix installation was found. Refusing to overwrite."
exit 1 exit 1
else else
_msg "${INF}Installing /var/guix and /gnu..." _msg "${INF}Installing /var/guix and /gnu..."
mv "${tmp_path}/var/guix" /var/ mv "${tmp_path}/var/guix" /var/
mv "${tmp_path}/gnu" / mv "${tmp_path}/gnu"/* /gnu
fi fi
_msg "${INF}Linking the root user's profile" _msg "${INF}Linking the root user's profile"
......
files/etc/xinetd.d/vncserver
View file @ 4aacfcac
...@@ -8,5 +8,5 @@ protocol = tcp ...@@ -8,5 +8,5 @@ protocol = tcp
wait = no wait = no
user = nobody user = nobody
server = /usr/bin/Xvnc server = /usr/bin/Xvnc
server_args = -inetd -once -query localhost -fp /usr/share/X11/fonts/misc -securitytypes=X509None -X509Key=/etc/custom-vnc/key.vnc.pem -X509Cert=/etc/custom-vnc/cert.vnc.pem server_args = -inetd -once -query localhost -fp /usr/share/X11/fonts/misc -securitytypes=X509None -X509Key=/etc/custom-vnc/vnc.priv.pem -X509Cert=/etc/custom-vnc/vnc.pub.pem
} }
main.yml
View file @ 4aacfcac
...@@ -9,10 +9,10 @@ ...@@ -9,10 +9,10 @@
changed_when: False changed_when: False
tasks: tasks:
- name: Set hostname. # - name: Set hostname.
ansible.builtin.hostname: # ansible.builtin.hostname:
name: "{{ inventory_hostname }}" # name: "{{ inventory_hostname }}"
tags: hostname # tags: hostname
- include: tasks/users.yml - include: tasks/users.yml
tags: users tags: users
- name: Copy profiles. - name: Copy profiles.
...@@ -30,8 +30,8 @@ ...@@ -30,8 +30,8 @@
tags: ufw tags: ufw
- include: tasks/vnc.yml - include: tasks/vnc.yml
tags: vnc tags: vnc
- include: tasks/spaces.yml # - include: tasks/spaces.yml
tags: spaces # tags: spaces
- include: tasks/visual-appeal.yml - include: tasks/visual-appeal.yml
tags: visual tags: visual
- include: tasks/guix.yml - include: tasks/guix.yml
...@@ -42,6 +42,8 @@ ...@@ -42,6 +42,8 @@
tags: emacs tags: emacs
- include: tasks/r-setup.yml - include: tasks/r-setup.yml
tags: r-setup tags: r-setup
- include: tasks/metfrag.yml
tags: metfrag
......
pb-auth.yml 0 → 100644
View file @ 4aacfcac
- hosts: planb
become: True
vars_files:
- vars/users.yml
- vars/passwords.yml
tasks:
- name: Create /etc/custom-vnc
file:
path: "/etc/custom-vnc"
state: directory
mode: 0711
- name: Get private ip.
shell: "hostname -I"
register: hip
- name: Get hostname.
shell: "hostname"
register: hname
- name: Generate keys.
script:
chdir: "/etc/custom-vnc"
cmd: "files/etc/gencert {{ hname.stdout }} {{ hip.stdout }}"
- name: Get keys.
fetch:
flat: yes
src: "/etc/custom-vnc/vnc.pub.pem"
dest: "pubkeys/{{ hname.stdout }}.vnc.pub.pem"
notify:
- Restart xinetd.
handlers:
- name: Restart xinetd.
command: systemctl restart xinetd
tasks/metfrag.yml 0 → 100644
View file @ 4aacfcac
- name: Get MetFrag jar.
get_url:
url: http://msbi.ipb-halle.de/~cruttkie/metfrag/MetFrag2.4.5-CL.jar
dest: /usr/local/bin/metfrag-current.jar
group: eci
mode: '0754'
tasks/users.yml
View file @ 4aacfcac
...@@ -3,11 +3,16 @@ ...@@ -3,11 +3,16 @@
name: scratch name: scratch
state: present state: present
- name: Make ECI group.
group:
name: eci
state: present
- name: Add normal users. - name: Add normal users.
user: user:
name: "{{ item.login }}" name: "{{ item.login }}"
comment: "{{ item.name }}" comment: "{{ item.name }}"
groups: adm , cdrom , dip , plugdev , scratch groups: adm, cdrom, dip, plugdev, scratch, eci
generate_ssh_key: yes generate_ssh_key: yes
shell: /bin/bash shell: /bin/bash
password: "{{ passwords[item.login] | password_hash('sha512') }}" password: "{{ passwords[item.login] | password_hash('sha512') }}"
...@@ -20,7 +25,7 @@ ...@@ -20,7 +25,7 @@
name: "{{ item.login }}" name: "{{ item.login }}"
comment: "{{ item.name }}" comment: "{{ item.name }}"
generate_ssh_key: yes generate_ssh_key: yes
groups: sudo , adm , cdrom , dip , plugdev , scratch groups: sudo, adm, cdrom, dip, plugdev, scratch, eci
shell: /bin/bash shell: /bin/bash
password: "{{ passwords[item.login] | password_hash('sha512') }}" password: "{{ passwords[item.login] | password_hash('sha512') }}"
update_password: on_create update_password: on_create
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment