ansible/nis
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: ansible:8a4da8c61517b9252233b760f19670dcaa3d9202
Branches Tags
ansible:master
...
compare: ansible:master
Branches Tags
ansible:master

4 Commits
8a4da8c615 ... master

Author SHA1 Message Date
Christoph
4d8631cead update.. 2025-11-25 00:24:32 +01:00
Christoph
4ef2921bf9 Add script 'ansible-dependencies-trixie.yml'. 2025-11-09 16:04:42 +01:00
Christoph
61a1056abe update.. 2025-10-28 17:01:03 +01:00
Christoph
aba9aa6112 update... 2025-10-28 16:58:27 +01:00
21 changed files with 796 additions and 239 deletions
Expand all files Collapse all files

10
ansible-dependencies-trixie.yml
View File

@@ -1,15 +1,7 @@
--- ---
- hosts: initial_setup - hosts: all
remote_user: root
become: false
gather_facts: false gather_facts: false
vars_prompt:
- name: ansible_ssh_pass
prompt: "Give root's password here"
roles: roles:
- ansible_dependencies-trixie - ansible_dependencies-trixie
- ansible_user_debian

36
files/akb.netz/homedirs/DEFAULT/_profile
View File

@@ -1,36 +0,0 @@
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi
# this is for the midnight-commander
# to become the last directory the midnight commander was in
# as the current directory when leaving the midnight commander
#
if [[ -f /usr/share/mc/bin/mc.sh ]]; then
source /usr/share/mc/bin/mc.sh
fi

7
files/akb.netz/homedirs/DEFAULT/_profile.j2
View File

@@ -48,9 +48,12 @@ export LANG="de_DE.utf8"
# #
[[ "$(hostname --long)" = "{{ samba_server }}" ]] && return [[ "$(hostname --long)" = "{{ samba_server }}" ]] && return
# Don't try to mount samba shares if local mount base directory does not exist
[[ -d "/mnt/{{ user.name }}" ]] || return
SERVER="{{ samba_server }}" SERVER="{{ samba_server }}"
USER="{{ item.item.name }}" USER="{{ user.name }}"
PASSWORD='{{ item.item.password }}' PASSWORD='{{ user.password }}'
#VERSION="1.0" #VERSION="1.0"
# Use NTLMv2 password hashing and force packet signing # Use NTLMv2 password hashing and force packet signing

133
files/akb.netz/homedirs/DEFAULT/_profile.j2.00 Normal file
View File

@@ -0,0 +1,133 @@
# {{ ansible_managed }}
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi
# this is for the midnight-commander
# to become the last directory the midnight commander was in
# as the current directory when leaving the midnight commander
#
if [ -f "/usr/share/mc/bin/mc.sh" ]; then
source /usr/share/mc/bin/mc.sh
elif [ -f "/usr/lib/mc/bin/mc.sh" ] ; then
source /usr/lib/mc/bin/mc.sh
fi
export LANG="de_DE.utf8"
# ---
# Mmount samba shares
# ---
# Don't try to mount samba shares if login at samba server
#
[[ "$(hostname --long)" = "{{ samba_server }}" ]] && return
SERVER="{{ samba_server }}"
USER="{{ item.item.name }}"
PASSWORD='{{ item.item.password }}'
#VERSION="1.0"
# Use NTLMv2 password hashing and force packet signing
#
# SEC="ntlmv2i"
#
# Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing
#
# SEC="ntlmsspi"
#
SEC="ntlmsspi"
# - uid/guid of the user at fielserver
# -
_UID="$(id -u)"
_GID="$(id -g)"
# Logfile to see what happened..
#
_logfile=/tmp/profile_${USER}.log
echo "" > $_logfile
echo "$(date +"%Y-%m-%d-%H%M")" >> $_logfile
# Network present
#
_network=false
if [ "X$_addr" = "X" ] ; then
echo "no inet address assigned yet.." >> $_logfile
declare -i count=1
while ! $_network && [[ $count -lt 5 ]] ; do
echo "sleeping 2 seconds.." >> $_logfile
sleep 2
_addr="$(hostname --ip-address)"
if [ "X$_addr" != "X" ] ; then
_network=true
echo "inet address present: $_addr" >> $_logfile
fi
((count++))
done
fi
for dir in $(ls /mnt/$USER) ; do
MOUNT_POINT=/mnt/$USER/$dir
SHARE=$dir
[ ! -d $MOUNT_POINT ] && continue
if ! mount | grep $MOUNT_POINT > /dev/null ; then
echo "Going to mount share '${SHARE}' .." >> $_logfile
if [ -x /usr/bin/smb4k_mount ]; then
## - Ubuntu <= 12.04
if [[ "$VERSION" = "1.0" ]]; then
sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,vers=1.0 \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
else
#sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$_UID,gid=$_GID,vers=$VERSION \
sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$_UID,gid=$_GID \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
fi
else
## - Ubuntu Version >= 14.04
if [[ "$VERSION" = "1.0" ]]; then
sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,cifsacl,vers=1.0 \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
else
#sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,cifsacl,uid=$USER,sec=${SEC},vers=$VERSION \
sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$USER,gid=$_GID \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
fi
fi
else
echo "mount point $MOUNT_POINT already exists. nothing left to do.." >> $_logfile
fi
done

32
files/anw-kb.netz/homedirs/DEFAULT/_profile
View File

@@ -1,32 +0,0 @@
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi
# this is for the midnight-commander
# to become the last directory the midnight commander was in
# as the current directory when leaving the midnight commander
#
if [ -f "/usr/share/mc/bin/mc.sh" ]; then
source /usr/share/mc/bin/mc.sh
elif [ -f "/usr/lib/mc/bin/mc.sh" ] ; then
source /usr/lib/mc/bin/mc.sh
fi

7
files/anw-kb.netz/homedirs/DEFAULT/_profile.j2
View File

@@ -48,9 +48,12 @@ export LANG="de_DE.utf8"
# #
[[ "$(hostname --long)" = "{{ samba_server }}" ]] && return [[ "$(hostname --long)" = "{{ samba_server }}" ]] && return
# Don't try to mount samba shares if local mount base directory does not exist
[[ -d "/mnt/{{ user.name }}" ]] || return
SERVER="{{ samba_server }}" SERVER="{{ samba_server }}"
USER="{{ item.item.name }}" USER="{{ user.name }}"
PASSWORD='{{ item.item.password }}' PASSWORD='{{ user.password }}'
#VERSION="1.0" #VERSION="1.0"
# Use NTLMv2 password hashing and force packet signing # Use NTLMv2 password hashing and force packet signing

36
files/flr.netz/homedirs/DEFAULT/_profile
View File

@@ -1,36 +0,0 @@
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi
# this is for the midnight-commander
# to become the last directory the midnight commander was in
# as the current directory when leaving the midnight commander
#
if [ -f "/usr/share/mc/bin/mc.sh" ]; then
source /usr/share/mc/bin/mc.sh
elif [ -f "/usr/lib/mc/bin/mc.sh" ] ; then
source /usr/lib/mc/bin/mc.sh
fi
if command -v mesg >/dev/null 2>&1; then
mesg n
fi

8
files/flr.netz/homedirs/DEFAULT/_profile.j2
View File

@@ -45,12 +45,14 @@ export LANG="de_DE.utf8"
# --- # ---
# Don't try to mount samba shares if login at samba server # Don't try to mount samba shares if login at samba server
#
[[ "$(hostname --long)" = "{{ samba_server }}" ]] && return [[ "$(hostname --long)" = "{{ samba_server }}" ]] && return
# Don't try to mount samba shares if local mount base directory does not exist
[[ -d "/mnt/{{ user.name }}" ]] || return
SERVER="{{ samba_server }}" SERVER="{{ samba_server }}"
USER="{{ item.item.name }}" USER="{{ user.name }}"
PASSWORD='{{ item.item.password }}' PASSWORD='{{ user.password }}'
#VERSION="1.0" #VERSION="1.0"
# Use NTLMv2 password hashing and force packet signing # Use NTLMv2 password hashing and force packet signing

133
files/flr.netz/homedirs/DEFAULT/_profile.j2.00 Normal file
View File

@@ -0,0 +1,133 @@
# {{ ansible_managed }}
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi
# this is for the midnight-commander
# to become the last directory the midnight commander was in
# as the current directory when leaving the midnight commander
#
if [ -f "/usr/share/mc/bin/mc.sh" ]; then
source /usr/share/mc/bin/mc.sh
elif [ -f "/usr/lib/mc/bin/mc.sh" ] ; then
source /usr/lib/mc/bin/mc.sh
fi
export LANG="de_DE.utf8"
# ---
# Mmount samba shares
# ---
# Don't try to mount samba shares if login at samba server
#
[[ "$(hostname --long)" = "{{ samba_server }}" ]] && return
SERVER="{{ samba_server }}"
USER="{{ item.item.name }}"
PASSWORD='{{ item.item.password }}'
#VERSION="1.0"
# Use NTLMv2 password hashing and force packet signing
#
# SEC="ntlmv2i"
#
# Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing
#
# SEC="ntlmsspi"
#
SEC="ntlmsspi"
# - uid/guid of the user at fielserver
# -
_UID="$(id -u)"
_GID="$(id -g)"
# Logfile to see what happened..
#
_logfile=/tmp/profile_${USER}.log
echo "" > $_logfile
echo "$(date +"%Y-%m-%d-%H%M")" >> $_logfile
# Network present
#
_network=false
if [ "X$_addr" = "X" ] ; then
echo "no inet address assigned yet.." >> $_logfile
declare -i count=1
while ! $_network && [[ $count -lt 5 ]] ; do
echo "sleeping 2 seconds.." >> $_logfile
sleep 2
_addr="$(hostname --ip-address)"
if [ "X$_addr" != "X" ] ; then
_network=true
echo "inet address present: $_addr" >> $_logfile
fi
((count++))
done
fi
for dir in $(ls /mnt/$USER) ; do
MOUNT_POINT=/mnt/$USER/$dir
SHARE=$dir
[ ! -d $MOUNT_POINT ] && continue
if ! mount | grep $MOUNT_POINT > /dev/null ; then
echo "Going to mount share '${SHARE}' .." >> $_logfile
if [ -x /usr/bin/smb4k_mount ]; then
## - Ubuntu <= 12.04
if [[ "$VERSION" = "1.0" ]]; then
sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,vers=1.0 \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
else
#sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$_UID,gid=$_GID,vers=$VERSION \
sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$_UID,gid=$_GID \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
fi
else
## - Ubuntu Version >= 14.04
if [[ "$VERSION" = "1.0" ]]; then
sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,cifsacl,vers=1.0 \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
else
#sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,cifsacl,uid=$USER,sec=${SEC},vers=$VERSION \
sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$USER,gid=$_GID \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
fi
fi
else
echo "mount point $MOUNT_POINT already exists. nothing left to do.." >> $_logfile
fi
done

38
files/mbr-bln.netz/homedirs/DEFAULT/_profile
View File

@@ -1,38 +0,0 @@
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi
# this is for the midnight-commander
# to become the last directory the midnight commander was in
# as the current directory when leaving the midnight commander
#
if [ -f "/usr/share/mc/bin/mc.sh" ]; then
source /usr/share/mc/bin/mc.sh
elif [ -f "/usr/lib/mc/bin/mc.sh" ] ; then
source /usr/lib/mc/bin/mc.sh
fi

6
files/mbr-bln.netz/homedirs/DEFAULT/_profile.j2
View File

@@ -51,11 +51,11 @@ export LANG="de_DE.utf8"
# Only try mounting samba shares, if local mount base directory exists. # Only try mounting samba shares, if local mount base directory exists.
# #
if [[ -d "/mnt/{{ item.item.name }}" ]]; then if [[ -d "/mnt/{{ user.name }}" ]]; then
SERVER="{{ samba_server }}" SERVER="{{ samba_server }}"
USER="{{ item.item.name }}" USER="{{ user.name }}"
PASSWORD='{{ item.item.password }}' PASSWORD='{{ user.password }}'
#VERSION="1.0" #VERSION="1.0"
# Use NTLMv2 password hashing and force packet signing # Use NTLMv2 password hashing and force packet signing

140
files/mbr-bln.netz/homedirs/DEFAULT/_profile.j2.00 Normal file
View File

@@ -0,0 +1,140 @@
# {{ ansible_managed }}
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi
# this is for the midnight-commander
# to become the last directory the midnight commander was in
# as the current directory when leaving the midnight commander
#
if [ -f "/usr/share/mc/bin/mc.sh" ]; then
source /usr/share/mc/bin/mc.sh
elif [ -f "/usr/lib/mc/bin/mc.sh" ] ; then
source /usr/lib/mc/bin/mc.sh
fi
export LANG="de_DE.utf8"
# ---
# Mmount samba shares
# ---
# Don't try to mount samba shares if login at samba server
#
[[ "$(hostname --long)" = "{{ samba_server }}" ]] && return
# Only try mounting samba shares, if local mount base directory exists.
#
if [[ -d "/mnt/{{ item.item.name }}" ]]; then
SERVER="{{ samba_server }}"
USER="{{ item.item.name }}"
PASSWORD='{{ item.item.password }}'
#VERSION="1.0"
# Use NTLMv2 password hashing and force packet signing
#
# SEC="ntlmv2i"
#
# Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing
#
# SEC="ntlmsspi"
#
SEC="ntlmsspi"
# - uid/guid of the user at fielserver
# -
_UID="$(id -u)"
_GID="$(id -g)"
# Logfile to see what happened..
#
_logfile=/tmp/profile_${USER}.log
echo "" > $_logfile
echo "$(date +"%Y-%m-%d-%H%M")" >> $_logfile
# Network present
#
_network=false
if [ "X$_addr" = "X" ] ; then
echo "no inet address assigned yet.." >> $_logfile
declare -i count=1
while ! $_network && [[ $count -lt 5 ]] ; do
echo "sleeping 2 seconds.." >> $_logfile
sleep 2
_addr="$(hostname --ip-address)"
if [ "X$_addr" != "X" ] ; then
_network=true
echo "inet address present: $_addr" >> $_logfile
fi
((count++))
done
fi
for dir in $(ls /mnt/$USER) ; do
MOUNT_POINT=/mnt/$USER/$dir
SHARE=$dir
[ ! -d $MOUNT_POINT ] && continue
if ! mount | grep $MOUNT_POINT > /dev/null ; then
echo "Going to mount share '${SHARE}' .." >> $_logfile
if [ -x /usr/bin/smb4k_mount ]; then
## - Ubuntu <= 12.04
if [[ "$VERSION" = "1.0" ]]; then
sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,vers=1.0 \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
else
#sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$_UID,gid=$_GID,vers=$VERSION \
sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$_UID,gid=$_GID \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
fi
else
## - Ubuntu Version >= 14.04
if [[ "$VERSION" = "1.0" ]]; then
sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,cifsacl,vers=1.0 \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
else
#sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,cifsacl,uid=$USER,sec=${SEC},vers=$VERSION \
sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$USER,gid=$_GID \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
fi
fi
else
echo "mount point $MOUNT_POINT already exists. nothing left to do.." >> $_logfile
fi
done
fi

37
files/sprachenatelier.netz/homedirs/DEFAULT/_profile
View File

@@ -1,37 +0,0 @@
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi
# this is for the midnight-commander
# to become the last directory the midnight commander was in
# as the current directory when leaving the midnight commander
#
if [ -f "/usr/share/mc/bin/mc.sh" ]; then
source /usr/share/mc/bin/mc.sh
elif [ -f "/usr/lib/mc/bin/mc.sh" ] ; then
source /usr/lib/mc/bin/mc.sh
fi

39
files/sprachenatelier.netz/homedirs/DEFAULT/_profile.j2
View File

@@ -14,7 +14,7 @@
if [ -n "$BASH_VERSION" ]; then if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists # include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc" . "$HOME/.bashrc"
fi fi
fi fi
@@ -31,7 +31,6 @@ fi
# this is for the midnight-commander # this is for the midnight-commander
# to become the last directory the midnight commander was in # to become the last directory the midnight commander was in
# as the current directory when leaving the midnight commander # as the current directory when leaving the midnight commander
#
if [ -f "/usr/share/mc/bin/mc.sh" ]; then if [ -f "/usr/share/mc/bin/mc.sh" ]; then
source /usr/share/mc/bin/mc.sh source /usr/share/mc/bin/mc.sh
elif [ -f "/usr/lib/mc/bin/mc.sh" ] ; then elif [ -f "/usr/lib/mc/bin/mc.sh" ] ; then
@@ -41,52 +40,35 @@ fi
export LANG="de_DE.utf8" export LANG="de_DE.utf8"
# --- # ---
# Mmount samba shares # Mount samba shares
# --- # ---
# Don't try to mount samba shares if login at samba server # Don't try to mount samba shares if login at samba server
#
[[ "$(hostname --long)" = "{{ samba_server }}" ]] && return [[ "$(hostname --long)" = "{{ samba_server }}" ]] && return
# Don't try to mount samba shares if local mount base directory does not exist # Don't try to mount samba shares if local mount base directory does not exist
# [[ -d "/mnt/{{ user.name }}" ]] || return
[[ -d "/mnt/{{ item.item.name }}" ]] || return
SERVER="{{ samba_server }}" SERVER="{{ samba_server }}"
USER="{{ item.item.name }}" USER="{{ user.name }}"
PASSWORD='{{ item.item.password }}' PASSWORD='{{ user.password }}'
#VERSION="1.0" #VERSION="1.0"
# Use NTLMv2 password hashing and force packet signing
#
# SEC="ntlmv2i"
#
# Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing # Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing
#
# SEC="ntlmsspi"
#
SEC="ntlmsspi" SEC="ntlmsspi"
# - uid/guid of the user at fielserver # - uid/gid of the user at fileserver
# -
_UID="$(id -u)" _UID="$(id -u)"
_GID="$(id -g)" _GID="$(id -g)"
# Logfile to see what happened.. # Logfile to see what happened..
#
_logfile=/tmp/profile_${USER}.log _logfile=/tmp/profile_${USER}.log
echo "" > $_logfile echo "" > $_logfile
echo "$(date +"%Y-%m-%d-%H%M")" >> $_logfile echo "$(date +"%Y-%m-%d-%H%M")" >> $_logfile
# Network present # Network present
#
_network=false _network=false
if [ "X$_addr" = "X" ] ; then if [ "X$_addr" = "X" ] ; then
echo "no inet address assigned yet.." >> $_logfile echo "no inet address assigned yet.." >> $_logfile
declare -i count=1 declare -i count=1
@@ -106,9 +88,9 @@ for dir in $(ls /mnt/$USER) ; do
MOUNT_POINT=/mnt/$USER/$dir MOUNT_POINT=/mnt/$USER/$dir
SHARE=$dir SHARE=$dir
[ ! -d $MOUNT_POINT ] && continue [ ! -d "$MOUNT_POINT" ] && continue
if ! mount | grep $MOUNT_POINT > /dev/null ; then if ! mount | grep "$MOUNT_POINT" > /dev/null ; then
echo "Going to mount share '${SHARE}' .." >> $_logfile echo "Going to mount share '${SHARE}' .." >> $_logfile
if [ -x /usr/bin/smb4k_mount ]; then if [ -x /usr/bin/smb4k_mount ]; then
## - Ubuntu <= 12.04 ## - Ubuntu <= 12.04
@@ -116,7 +98,6 @@ for dir in $(ls /mnt/$USER) ; do
sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,vers=1.0 \ sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,vers=1.0 \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1 -n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
else else
#sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$_UID,gid=$_GID,vers=$VERSION \
sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$_UID,gid=$_GID \ sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$_UID,gid=$_GID \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1 -n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
fi fi
@@ -126,14 +107,12 @@ for dir in $(ls /mnt/$USER) ; do
sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,cifsacl,vers=1.0 \ sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,cifsacl,vers=1.0 \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1 -n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
else else
#sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,cifsacl,uid=$USER,sec=${SEC},vers=$VERSION \ sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,cifsacl,uid=$USER,gid=$_GID \
sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$USER,gid=$_GID \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1 -n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
fi fi
fi fi
else else
echo "mount point $MOUNT_POINT already exists. nothing left to do.." >> $_logfile echo "mount point $MOUNT_POINT already exists. nothing left to do.." >> $_logfile
fi fi
done done

139
files/sprachenatelier.netz/homedirs/DEFAULT/_profile.j2.00 Normal file
View File

@@ -0,0 +1,139 @@
# {{ ansible_managed }}
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi
# this is for the midnight-commander
# to become the last directory the midnight commander was in
# as the current directory when leaving the midnight commander
#
if [ -f "/usr/share/mc/bin/mc.sh" ]; then
source /usr/share/mc/bin/mc.sh
elif [ -f "/usr/lib/mc/bin/mc.sh" ] ; then
source /usr/lib/mc/bin/mc.sh
fi
export LANG="de_DE.utf8"
# ---
# Mmount samba shares
# ---
# Don't try to mount samba shares if login at samba server
#
[[ "$(hostname --long)" = "{{ samba_server }}" ]] && return
# Don't try to mount samba shares if local mount base directory does not exist
#
[[ -d "/mnt/{{ item.item.name }}" ]] || return
SERVER="{{ samba_server }}"
USER="{{ item.item.name }}"
PASSWORD='{{ item.item.password }}'
#VERSION="1.0"
# Use NTLMv2 password hashing and force packet signing
#
# SEC="ntlmv2i"
#
# Use NTLMv2 password hashing encapsulated in Raw NTLMSSP message, and force packet signing
#
# SEC="ntlmsspi"
#
SEC="ntlmsspi"
# - uid/guid of the user at fielserver
# -
_UID="$(id -u)"
_GID="$(id -g)"
# Logfile to see what happened..
#
_logfile=/tmp/profile_${USER}.log
echo "" > $_logfile
echo "$(date +"%Y-%m-%d-%H%M")" >> $_logfile
# Network present
#
_network=false
if [ "X$_addr" = "X" ] ; then
echo "no inet address assigned yet.." >> $_logfile
declare -i count=1
while ! $_network && [[ $count -lt 5 ]] ; do
echo "sleeping 2 seconds.." >> $_logfile
sleep 2
_addr="$(hostname --ip-address)"
if [ "X$_addr" != "X" ] ; then
_network=true
echo "inet address present: $_addr" >> $_logfile
fi
((count++))
done
fi
for dir in $(ls /mnt/$USER) ; do
MOUNT_POINT=/mnt/$USER/$dir
SHARE=$dir
[ ! -d $MOUNT_POINT ] && continue
if ! mount | grep $MOUNT_POINT > /dev/null ; then
echo "Going to mount share '${SHARE}' .." >> $_logfile
if [ -x /usr/bin/smb4k_mount ]; then
## - Ubuntu <= 12.04
if [[ "$VERSION" = "1.0" ]]; then
sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,vers=1.0 \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
else
#sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$_UID,gid=$_GID,vers=$VERSION \
sudo /usr/bin/smb4k_mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$_UID,gid=$_GID \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
fi
else
## - Ubuntu Version >= 14.04
if [[ "$VERSION" = "1.0" ]]; then
sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,cifsacl,vers=1.0 \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
else
#sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,cifsacl,uid=$USER,sec=${SEC},vers=$VERSION \
sudo /bin/mount -o user=$USER,password=$PASSWORD,iocharset=utf8,uid=$USER,gid=$_GID \
-n -t cifs //$SERVER/$SHARE $MOUNT_POINT >> $_logfile 2>&1
fi
fi
else
echo "mount point $MOUNT_POINT already exists. nothing left to do.." >> $_logfile
fi
done

1
group_vars/mbr.yml
View File

@@ -615,6 +615,7 @@ nis_user:
- all-users - all-users
- buero-scan - buero-scan
- mbr-buero - mbr-buero
- technik
is_samba_user: true is_samba_user: true
password: 'i4/x3S-TJk.P' password: 'i4/x3S-TJk.P'

1
group_vars/sprachenatelier.yml
View File

@@ -134,6 +134,7 @@ nis_groups:
# - name: simone # - name: simone
nis_user: nis_user:
- name: chris - name: chris
groups: groups:
- intern - intern

68
roles/ansible_dependencies-trixie/tasks/main.yml Normal file
View File

@@ -0,0 +1,68 @@
---
- name: Ensure python3 and python3-apt are present (bootstrap)
ansible.builtin.raw: |
test -x /usr/bin/python3 && dpkg -s python3-apt >/dev/null 2>&1 \
|| (apt-get update -y && apt-get install -y python3 python3-apt)
changed_when: false
# Ab dem Zeitpunkt in dem Python auf dem Zielsystem vorhanden ist,
# kann Ansible wieder normale Module (wie apt, file, service, copy, usw.) benutzen.
#
# Aber:
# Da gather_facts: false gesetzt war, hat Ansible bis hierher keine Systeminformationen (Facts) wie:
#
# ansible_distribution
#
# ansible_fqdn
#
# ansible_memtotal_mb
#
# ansible_interfaces
#
# etc.
# eingesammelt.
#
# Rufe das 'setup'-Modul manuell auf mit:
#
# - name: Enable facts now that Python exists
# ansible.builtin.setup:
#
# Damit holt Ansible nachträglich die Facts, jetzt, wo Python verfügbar ist.
#
- name: Enable facts now that Python exists
ansible.builtin.setup:
- name: Ensure aptitude is present (optional)
ansible.builtin.raw: |
test -x /usr/bin/aptitude || (apt-get update -y && apt-get install -y aptitude)
changed_when: false
when: (aptitude_needed | default(false)) | bool
- name: Update apt cache
ansible.builtin.apt:
update_cache: true
cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}"
- name: Fix half-configured packages (dpkg --configure -a)
ansible.builtin.command: dpkg --configure -a
register: dpkg_config
changed_when: (dpkg_config.stdout | default('')) | length > 0
when: (apt_dpkg_configure | default(true)) | bool
tags: [ansible-dependencies]
- name: Upgrade packages
ansible.builtin.apt:
upgrade: "{{ apt_upgrade_type | default('safe') }}"
update_cache: true
dpkg_options: "{{ (apt_upgrade_dpkg_options | default(['force-confdef','force-confold'])) | join(',') }}"
when: (apt_upgrade | default(false)) | bool
tags: [ansible-dependencies]
- name: Install Ansible dependencies
ansible.builtin.apt:
name: "{{ apt_ansible_dependencies_trixie | default(['python3','python3-apt']) }}"
state: "{{ apt_install_state | default('present') }}"
tags: [ansible-dependencies]

68
roles/ansible_dependencies-trixie/tasks/main.yml.01 Normal file
View File

@@ -0,0 +1,68 @@
---
- name: Ensure python3 and python3-apt are present (bootstrap)
ansible.builtin.raw: |
test -x /usr/bin/python3 && dpkg -s python3-apt >/dev/null 2>&1 \
|| (apt-get update -y && apt-get install -y python3 python3-apt)
changed_when: false
# Ab dem Zeitpunkt in dem Python auf dem Zielsystem vorhanden ist,
# kann Ansible wieder normale Module (wie apt, file, service, copy, usw.) benutzen.
#
# Aber:
# Da gather_facts: false gesetzt war, hat Ansible bis hierher keine Systeminformationen (Facts) wie:
#
# ansible_distribution
#
# ansible_fqdn
#
# ansible_memtotal_mb
#
# ansible_interfaces
#
# etc.
# eingesammelt.
#
# Rufe das 'setup'-Modul manuell auf mit:
#
# - name: Enable facts now that Python exists
# ansible.builtin.setup:
#
# Damit holt Ansible nachträglich die Facts, jetzt, wo Python verfügbar ist.
#
- name: Enable facts now that Python exists
ansible.builtin.setup:
- name: Ensure aptitude is present (optional)
ansible.builtin.raw: |
test -x /usr/bin/aptitude || (apt-get update -y && apt-get install -y aptitude)
changed_when: false
when: (aptitude_needed | default(false)) | bool
- name: Update apt cache
ansible.builtin.apt:
update_cache: true
cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}"
- name: Fix half-configured packages (dpkg --configure -a)
ansible.builtin.command: dpkg --configure -a
register: dpkg_config
changed_when: (dpkg_config.stdout | default('')) | length > 0
when: (apt_dpkg_configure | default(true)) | bool
tags: [ansible-dependencies]
- name: Upgrade packages
ansible.builtin.apt:
upgrade: "{{ apt_upgrade_type | default('safe') }}"
update_cache: true
dpkg_options: "{{ (apt_upgrade_dpkg_options | default(['force-confdef','force-confold'])) | join(',') }}"
when: (apt_upgrade | default(false)) | bool
tags: [ansible-dependencies]
- name: Install Ansible dependencies
ansible.builtin.apt:
name: "{{ apt_ansible_dependencies_trixie | default(['python3','python3-apt']) }}"
state: "{{ apt_install_state | default('present') }}"
tags: [ansible-dependencies]

72
roles/ansible_dependencies-trixie/tasks/main.yml.02 Normal file
View File

@@ -0,0 +1,72 @@
---
# --- Nur fürs Bootstrap, damit Python für Ansible verfügbar ist ---
- name: Ensure python3 and python3-apt are present (bootstrap)
ansible.builtin.raw: |
test -x /usr/bin/python3 || (apt-get -y update && apt-get install -y python3)
test -x /usr/bin/python3 && (apt-get -y update && apt-get install -y python3-apt)
changed_when: false
# Ab dem Zeitpunkt in dem Python auf dem Zielsystem vorhanden ist,
# kann Ansible wieder normale Module (wie apt, file, service, copy, usw.) benutzen.
#
# Aber:
# Da gather_facts: false gesetzt war, hat Ansible bis hierher keine Systeminformationen (Facts) wie:
#
# ansible_distribution
#
# ansible_fqdn
#
# ansible_memtotal_mb
#
# ansible_interfaces
#
# etc.
# eingesammelt.
#
# Rufe das 'setup'-Modul manuell auf mit:
#
# - name: Enable facts now that Python exists
# ansible.builtin.setup:
#
# Damit holt Ansible nachträglich die Facts, jetzt, wo Python verfügbar ist.
#
- name: Enable facts now that Python exists
ansible.builtin.setup:
# --- Ab hier normale Module verwenden ---
- name: Update APT cache
ansible.builtin.apt:
update_cache: true
cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}"
tags: [ansible-dependencies]
- name: Ensure aptitude is present
ansible.builtin.apt:
name: aptitude
state: present
tags: [ansible-dependencies]
- name: dpkg --configure -a
ansible.builtin.command: dpkg --configure -a
register: dpkg_out
# "changed" nur, wenn es wirklich etwas ausgibt/konfiguriert
changed_when: dpkg_out.stdout is defined and dpkg_out.stdout | length > 0
when: apt_dpkg_configure | bool
tags: [ansible-dependencies]
- name: apt upgrade
ansible.builtin.apt:
upgrade: "{{ apt_upgrade_type }}"
update_cache: true
dpkg_options: "{{ apt_upgrade_dpkg_options | join(',') }}"
when: apt_upgrade | bool
tags: [ansible-dependencies]
- name: apt install ansible dependencies
ansible.builtin.apt:
name: "{{ apt_ansible_dependencies_trixie }}"
state: "{{ apt_install_state }}"
tags: [ansible-dependencies]

20
roles/common/tasks/nis-user-systemfiles.yml
View File

@@ -52,27 +52,27 @@
- profile - profile
# 1) Für jeden NIS-User prüfen, ob eine lokale _profile existiert # 1) Für jeden NIS-User prüfen, ob eine lokale _profile.j2 existiert
- name: (nis-user-systemfiles.yml) stat user _profile - name: (nis-user-systemfiles.yml) stat user _profile.j2
ansible.builtin.stat: ansible.builtin.stat:
path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ item.name }}/_profile" path: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/DEFAULT/_profile.j2"
delegate_to: localhost delegate_to: localhost
become: false become: false
loop: "{{ nis_user }}" loop: "{{ nis_user }}"
register: profile_stats register: profile_template_stats
loop_control: loop_control:
label: "{{ item.name }}" label: "{{ item.name }}"
# 2) Falls NIS-User _profile vorhanden, kopieren # 2) Falls _profile.j2 vorhanden, .profile aus Template rendern
- name: (nis-user-systemfiles.yml) copy .profile if it exists - name: (nis-user-systemfiles.yml) template .profile if _profile.j2 exists
ansible.builtin.copy: ansible.builtin.template:
src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/{{ user.name }}/_profile" src: "{{ inventory_dir }}/files/{{ nis_domain }}/homedirs/DEFAULT/_profile.j2"
dest: "~{{ user.name }}/.profile" dest: "~{{ user.name }}/.profile"
owner: "{{ user.name }}" owner: "{{ user.name }}"
group: "{{ user.name }}" group: "{{ user.name }}"
mode: "0644" mode: "0644"
become: true become: true
loop: "{{ nis_user | zip(profile_stats.results) | list }}" loop: "{{ nis_user | zip(profile_template_stats.results) | list }}"
loop_control: loop_control:
label: "{{ user.name }}" label: "{{ user.name }}"
when: when:
@@ -83,6 +83,8 @@
tags: [bash] tags: [bash]
# -- # --
# Copy .bashrc # Copy .bashrc
# --- # ---