Verified Commit 4aacfcac authored by Todor Kondic's avatar Todor Kondic
Browse files

Update to ECI members

parent 415c75a9
......@@ -2,4 +2,4 @@
ansible-playbook -i hosts.txt main.yml\
--vault-password-file meta/zubizareta\
-u root "$@"
-u adamsmith -K "$@"
......@@ -31,7 +31,7 @@ disable-user-list=false
disable-restart-buttons=false
# - Show a login welcome message
banner-message-enable=true
banner-message-text="Welcome to Alien One, ISB401 students."
banner-message-text="Hello ECI."
# Automatic suspend
# =================
......
#!/bin/sh
hname=$1
hip=$2
openssl req -x509 -newkey rsa -days 365 -nodes -keyout vnc.priv.pem -out vnc.pub.pem -subj "/CN=$hip" -addext "subjectAltName=IP:$hip"
chown nobody *.pem
......@@ -295,13 +295,13 @@ sys_create_store()
--file "$pkg" &&
_msg "${PAS}unpacked archive"
if [[ -e "/var/guix" || -e "/gnu" ]]; then
if [[ -e "/var/guix" || -e "/gnu/store" ]]; then
_err "${ERR}A previous Guix installation was found. Refusing to overwrite."
exit 1
else
_msg "${INF}Installing /var/guix and /gnu..."
mv "${tmp_path}/var/guix" /var/
mv "${tmp_path}/gnu" /
mv "${tmp_path}/gnu"/* /gnu
fi
_msg "${INF}Linking the root user's profile"
......
......@@ -8,5 +8,5 @@ protocol = tcp
wait = no
user = nobody
server = /usr/bin/Xvnc
server_args = -inetd -once -query localhost -fp /usr/share/X11/fonts/misc -securitytypes=X509None -X509Key=/etc/custom-vnc/key.vnc.pem -X509Cert=/etc/custom-vnc/cert.vnc.pem
server_args = -inetd -once -query localhost -fp /usr/share/X11/fonts/misc -securitytypes=X509None -X509Key=/etc/custom-vnc/vnc.priv.pem -X509Cert=/etc/custom-vnc/vnc.pub.pem
}
......@@ -9,10 +9,10 @@
changed_when: False
tasks:
- name: Set hostname.
ansible.builtin.hostname:
name: "{{ inventory_hostname }}"
tags: hostname
# - name: Set hostname.
# ansible.builtin.hostname:
# name: "{{ inventory_hostname }}"
# tags: hostname
- include: tasks/users.yml
tags: users
- name: Copy profiles.
......@@ -30,8 +30,8 @@
tags: ufw
- include: tasks/vnc.yml
tags: vnc
- include: tasks/spaces.yml
tags: spaces
# - include: tasks/spaces.yml
# tags: spaces
- include: tasks/visual-appeal.yml
tags: visual
- include: tasks/guix.yml
......@@ -42,6 +42,8 @@
tags: emacs
- include: tasks/r-setup.yml
tags: r-setup
- include: tasks/metfrag.yml
tags: metfrag
......
- hosts: planb
become: True
vars_files:
- vars/users.yml
- vars/passwords.yml
tasks:
- name: Create /etc/custom-vnc
file:
path: "/etc/custom-vnc"
state: directory
mode: 0711
- name: Get private ip.
shell: "hostname -I"
register: hip
- name: Get hostname.
shell: "hostname"
register: hname
- name: Generate keys.
script:
chdir: "/etc/custom-vnc"
cmd: "files/etc/gencert {{ hname.stdout }} {{ hip.stdout }}"
- name: Get keys.
fetch:
flat: yes
src: "/etc/custom-vnc/vnc.pub.pem"
dest: "pubkeys/{{ hname.stdout }}.vnc.pub.pem"
notify:
- Restart xinetd.
handlers:
- name: Restart xinetd.
command: systemctl restart xinetd
- name: Get MetFrag jar.
get_url:
url: http://msbi.ipb-halle.de/~cruttkie/metfrag/MetFrag2.4.5-CL.jar
dest: /usr/local/bin/metfrag-current.jar
group: eci
mode: '0754'
......@@ -3,11 +3,16 @@
name: scratch
state: present
- name: Make ECI group.
group:
name: eci
state: present
- name: Add normal users.
user:
name: "{{ item.login }}"
comment: "{{ item.name }}"
groups: adm , cdrom , dip , plugdev , scratch
groups: adm, cdrom, dip, plugdev, scratch, eci
generate_ssh_key: yes
shell: /bin/bash
password: "{{ passwords[item.login] | password_hash('sha512') }}"
......@@ -20,7 +25,7 @@
name: "{{ item.login }}"
comment: "{{ item.name }}"
generate_ssh_key: yes
groups: sudo , adm , cdrom , dip , plugdev , scratch
groups: sudo, adm, cdrom, dip, plugdev, scratch, eci
shell: /bin/bash
password: "{{ passwords[item.login] | password_hash('sha512') }}"
update_password: on_create
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment