Add openSUSE playbooks
This commit is contained in:
parent
7ca03c1b4e
commit
0aef41951f
9 changed files with 135 additions and 0 deletions
|
|
@ -14,6 +14,9 @@
|
||||||
- include_role:
|
- include_role:
|
||||||
name: fedora
|
name: fedora
|
||||||
when: ansible_distribution == 'Fedora'
|
when: ansible_distribution == 'Fedora'
|
||||||
|
- include_role:
|
||||||
|
name: opensuse-leap
|
||||||
|
when: ansible_distribution == 'openSUSE Leap'
|
||||||
- include_role:
|
- include_role:
|
||||||
name: freebsd
|
name: freebsd
|
||||||
when: ansible_distribution == 'FreeBSD'
|
when: ansible_distribution == 'FreeBSD'
|
||||||
|
|
|
||||||
|
|
@ -14,6 +14,9 @@
|
||||||
- include_role:
|
- include_role:
|
||||||
name: fedora
|
name: fedora
|
||||||
when: ansible_distribution == 'Fedora'
|
when: ansible_distribution == 'Fedora'
|
||||||
|
- include_role:
|
||||||
|
name: opensuse-leap
|
||||||
|
when: ansible_distribution == 'openSUSE Leap'
|
||||||
- include_role:
|
- include_role:
|
||||||
name: freebsd
|
name: freebsd
|
||||||
when: ansible_distribution == 'FreeBSD'
|
when: ansible_distribution == 'FreeBSD'
|
||||||
|
|
|
||||||
19
roles/opensuse-leap/files/70-solokeys-access.rules
Normal file
19
roles/opensuse-leap/files/70-solokeys-access.rules
Normal file
|
|
@ -0,0 +1,19 @@
|
||||||
|
# Notify ModemManager this device should be ignored
|
||||||
|
ACTION!="add|change|move", GOTO="mm_usb_device_blacklist_end"
|
||||||
|
SUBSYSTEM!="usb", GOTO="mm_usb_device_blacklist_end"
|
||||||
|
ENV{DEVTYPE}!="usb_device", GOTO="mm_usb_device_blacklist_end"
|
||||||
|
|
||||||
|
ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", ENV{ID_MM_DEVICE_IGNORE}="1"
|
||||||
|
|
||||||
|
LABEL="mm_usb_device_blacklist_end"
|
||||||
|
|
||||||
|
|
||||||
|
# Solo bootloader + firmware access
|
||||||
|
SUBSYSTEM=="hidraw", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", TAG+="uaccess"
|
||||||
|
SUBSYSTEM=="tty", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", TAG+="uaccess"
|
||||||
|
|
||||||
|
# ST DFU access
|
||||||
|
SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", TAG+="uaccess"
|
||||||
|
|
||||||
|
# U2F Zero
|
||||||
|
SUBSYSTEM=="hidraw", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="8acf", TAG+="uaccess"
|
||||||
7
roles/opensuse-leap/tasks/main.yml
Normal file
7
roles/opensuse-leap/tasks/main.yml
Normal file
|
|
@ -0,0 +1,7 @@
|
||||||
|
---
|
||||||
|
- include: packages-cli.yml
|
||||||
|
- include: packages-gui.yml
|
||||||
|
when: gui == true
|
||||||
|
- include: modules.yml
|
||||||
|
- include: ssh.yml
|
||||||
|
- include: solokeys.yml
|
||||||
13
roles/opensuse-leap/tasks/modules.yml
Normal file
13
roles/opensuse-leap/tasks/modules.yml
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
- name: Blacklist pcspkr module
|
||||||
|
become: true
|
||||||
|
lineinfile:
|
||||||
|
path: /etc/modprobe.d/blacklist.conf
|
||||||
|
line: blacklist pcspkr
|
||||||
|
create: yes
|
||||||
|
- name: Blacklist dvb_usb_rtl28xxu module
|
||||||
|
become: true
|
||||||
|
lineinfile:
|
||||||
|
path: /etc/modprobe.d/blacklist.conf
|
||||||
|
line: blacklist dvb_usb_rtl28xxu
|
||||||
|
create: yes
|
||||||
31
roles/opensuse-leap/tasks/packages-cli.yml
Normal file
31
roles/opensuse-leap/tasks/packages-cli.yml
Normal file
|
|
@ -0,0 +1,31 @@
|
||||||
|
---
|
||||||
|
# The zypper module requires python-xml on openSUSE.
|
||||||
|
- name: Install CLI packages
|
||||||
|
become: true
|
||||||
|
zypper:
|
||||||
|
name: '{{ packages }}'
|
||||||
|
state: present
|
||||||
|
vars:
|
||||||
|
packages:
|
||||||
|
- ansible
|
||||||
|
- aspell-en
|
||||||
|
- bc
|
||||||
|
- bind-utils
|
||||||
|
- clang
|
||||||
|
- git
|
||||||
|
- gpg2
|
||||||
|
- lldb
|
||||||
|
- mc
|
||||||
|
- nmap
|
||||||
|
- nodejs10
|
||||||
|
- onedrive
|
||||||
|
- openssh
|
||||||
|
- python-xml
|
||||||
|
- python3
|
||||||
|
- python3-psutil
|
||||||
|
- ruby2.5-rubygem-asciidoctor
|
||||||
|
- sqlite3
|
||||||
|
- sudo
|
||||||
|
- tmux
|
||||||
|
- vim
|
||||||
|
- zsh
|
||||||
15
roles/opensuse-leap/tasks/packages-gui.yml
Normal file
15
roles/opensuse-leap/tasks/packages-gui.yml
Normal file
|
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
# The zypper module requires python-xml on openSUSE.
|
||||||
|
- name: Install GUI packages
|
||||||
|
become: true
|
||||||
|
zypper:
|
||||||
|
name: '{{ packages }}'
|
||||||
|
state: present
|
||||||
|
vars:
|
||||||
|
packages:
|
||||||
|
- emacs-x11
|
||||||
|
- galculator
|
||||||
|
- git-gui
|
||||||
|
- gvim
|
||||||
|
- liberation-fonts
|
||||||
|
- remmina
|
||||||
15
roles/opensuse-leap/tasks/solokeys.yml
Normal file
15
roles/opensuse-leap/tasks/solokeys.yml
Normal file
|
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
- name: Install solokeys udev rule
|
||||||
|
become: true
|
||||||
|
copy:
|
||||||
|
src: 70-solokeys-access.rules
|
||||||
|
dest: /etc/udev/rules.d/70-solokeys-access.rules
|
||||||
|
register: solokeys_copy
|
||||||
|
- name: Reload udevadm rules
|
||||||
|
become: true
|
||||||
|
command: udevadm control --reload-rules
|
||||||
|
when: solokeys_copy.changed
|
||||||
|
- name: Trigger udevadm
|
||||||
|
become: true
|
||||||
|
command: udevadm trigger
|
||||||
|
when: solokeys_copy.changed
|
||||||
29
roles/opensuse-leap/tasks/ssh.yml
Normal file
29
roles/opensuse-leap/tasks/ssh.yml
Normal file
|
|
@ -0,0 +1,29 @@
|
||||||
|
---
|
||||||
|
- name: Disable SSH passwords
|
||||||
|
become: true
|
||||||
|
lineinfile:
|
||||||
|
path: /etc/ssh/sshd_config
|
||||||
|
regexp: '^#?\w*PasswordAuthentication (yes|no)'
|
||||||
|
line: 'PasswordAuthentication no'
|
||||||
|
register: changed_ssh_config
|
||||||
|
- name: Enable SSH
|
||||||
|
become: true
|
||||||
|
systemd:
|
||||||
|
name: sshd.service
|
||||||
|
enabled: yes
|
||||||
|
state: started
|
||||||
|
- name: Restart SSH
|
||||||
|
become: true
|
||||||
|
systemd:
|
||||||
|
name: sshd.service
|
||||||
|
state: restarted
|
||||||
|
when: changed_ssh_config.changed == true
|
||||||
|
- name: Allow SSH through firewall
|
||||||
|
become: true
|
||||||
|
firewalld:
|
||||||
|
service: ssh
|
||||||
|
permanent: yes
|
||||||
|
state: enabled
|
||||||
|
immediate: yes
|
||||||
|
vars:
|
||||||
|
ansible_python_interpreter: /usr/bin/python3
|
||||||
Loading…
Reference in a new issue