Add openSUSE Tumbleweed, based on openSUSE Leap

This commit is contained in:
Anthony Rose 2020-12-27 19:27:52 +00:00
parent 65b76aa6e5
commit 2db0c0346c
9 changed files with 151 additions and 0 deletions

View file

@ -21,6 +21,9 @@
- include_role: - include_role:
name: opensuse-leap name: opensuse-leap
when: ansible_distribution == 'openSUSE Leap' when: ansible_distribution == 'openSUSE Leap'
- include_role:
name: opensuse-tumbleweed
when: ansible_distribution == 'openSUSE Tumbleweed'
- include_role: - include_role:
name: freebsd name: freebsd
when: ansible_distribution == 'FreeBSD' when: ansible_distribution == 'FreeBSD'

View file

@ -20,6 +20,9 @@
- include_role: - include_role:
name: opensuse-leap name: opensuse-leap
when: ansible_distribution == 'openSUSE Leap' when: ansible_distribution == 'openSUSE Leap'
- include_role:
name: opensuse-tumbleweed
when: ansible_distribution == 'openSUSE Tumbleweed'
- include_role: - include_role:
name: freebsd name: freebsd
when: ansible_distribution == 'FreeBSD' when: ansible_distribution == 'FreeBSD'

View file

@ -0,0 +1,19 @@
# Notify ModemManager this device should be ignored
ACTION!="add|change|move", GOTO="mm_usb_device_blacklist_end"
SUBSYSTEM!="usb", GOTO="mm_usb_device_blacklist_end"
ENV{DEVTYPE}!="usb_device", GOTO="mm_usb_device_blacklist_end"
ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", ENV{ID_MM_DEVICE_IGNORE}="1"
LABEL="mm_usb_device_blacklist_end"
# Solo bootloader + firmware access
SUBSYSTEM=="hidraw", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", TAG+="uaccess"
SUBSYSTEM=="tty", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", TAG+="uaccess"
# ST DFU access
SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", TAG+="uaccess"
# U2F Zero
SUBSYSTEM=="hidraw", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="8acf", TAG+="uaccess"

View file

@ -0,0 +1,9 @@
---
- include: packages-cli.yml
- include: packages-gui.yml
when: gui == true
- include: modules.yml
- include: ssh.yml
when: wsl_distro is not defined
- include: solokeys.yml
when: wsl_distro is not defined

View file

@ -0,0 +1,13 @@
---
- name: Blacklist pcspkr module
become: true
lineinfile:
path: /etc/modprobe.d/blacklist.conf
line: blacklist pcspkr
create: yes
- name: Blacklist dvb_usb_rtl28xxu module
become: true
lineinfile:
path: /etc/modprobe.d/blacklist.conf
line: blacklist dvb_usb_rtl28xxu
create: yes

View file

@ -0,0 +1,44 @@
---
# The zypper module requires python-xml on openSUSE.
- name: Install CLI patterns
become: true
zypper:
name: '{{ patterns }}'
state: present
type: pattern
vars:
patterns:
- devel_C_C++
- devel_rpm_build
- name: Install CLI packages
become: true
zypper:
name: '{{ packages }}'
state: present
type: package
vars:
packages:
- ansible
- aspell-en
- bc
- bind-utils
- clang
- gcc-c++
- git
- gpg2
- libstdc++-devel
- lldb
- mc
- nmap
- nodejs10
- onedrive
- openssh
- python-xml
- python3
- python3-psutil
- ruby2.5-rubygem-asciidoctor
- sqlite3
- sudo
- tmux
- vim
- zsh

View file

@ -0,0 +1,16 @@
---
# The zypper module requires python-xml on openSUSE.
- name: Install GUI packages
become: true
zypper:
name: '{{ packages }}'
state: present
type: package
vars:
packages:
- emacs-x11
- galculator
- git-gui
- gvim
- liberation-fonts
- remmina

View file

@ -0,0 +1,15 @@
---
- name: Install solokeys udev rule
become: true
copy:
src: 70-solokeys-access.rules
dest: /etc/udev/rules.d/70-solokeys-access.rules
register: solokeys_copy
- name: Reload udevadm rules
become: true
command: udevadm control --reload-rules
when: solokeys_copy.changed
- name: Trigger udevadm
become: true
command: udevadm trigger
when: solokeys_copy.changed

View file

@ -0,0 +1,29 @@
---
- name: Disable SSH passwords
become: true
lineinfile:
path: /etc/ssh/sshd_config
regexp: '^#?\w*PasswordAuthentication (yes|no)'
line: 'PasswordAuthentication no'
register: changed_ssh_config
- name: Enable SSH
become: true
systemd:
name: sshd.service
enabled: yes
state: started
- name: Restart SSH
become: true
systemd:
name: sshd.service
state: restarted
when: changed_ssh_config.changed == true
- name: Allow SSH through firewall
become: true
firewalld:
service: ssh
permanent: yes
state: enabled
immediate: yes
vars:
ansible_python_interpreter: /usr/bin/python3