commit 43434e8d701b70c9e13fdde9e5eb18d9303c67ad Author: Tim Hawes Date: Sat Jun 2 23:03:27 2018 +0100 Initial commit diff --git a/bootstrap.sh b/bootstrap.sh new file mode 100644 index 0000000..56c9bbb --- /dev/null +++ b/bootstrap.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games +export PATH + +apt-get update +apt-get install -y python-pip git +pip install ansible +ansible-pull -U https://gogs.ehlab.uk/tim/ansible-hacklab-desktop diff --git a/local.yml b/local.yml new file mode 100644 index 0000000..5df537a --- /dev/null +++ b/local.yml @@ -0,0 +1,11 @@ +- hosts: localhost + roles: + - upgrade + - pull_daily + - hardware + - desktop_ubuntu_bionic + - desktop_apps + - hacklab_printers + - desktop_auth + - google_chrome + - cura diff --git a/roles/cura/files/cura2.desktop b/roles/cura/files/cura2.desktop new file mode 100644 index 0000000..e414e64 --- /dev/null +++ b/roles/cura/files/cura2.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Version=1.0 +Name=Cura 2 +Comment=3D printing with Ultimaker +TryExec=Cura-2 +Exec=Cura-2 +Terminal=false +Type=Application diff --git a/roles/cura/files/cura3.desktop b/roles/cura/files/cura3.desktop new file mode 100644 index 0000000..633269f --- /dev/null +++ b/roles/cura/files/cura3.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Version=1.0 +Name=Cura 3 +Comment=3D printing with Ultimaker +TryExec=Cura-3 +Exec=Cura-3 +Terminal=false +Type=Application diff --git a/roles/cura/tasks/main.yml b/roles/cura/tasks/main.yml new file mode 100644 index 0000000..e37402a --- /dev/null +++ b/roles/cura/tasks/main.yml @@ -0,0 +1,34 @@ +- name: Download Cura 2 + get_url: + url: http://software.ultimaker.com/current/Cura-2.7.0.AppImage + dest: /usr/local/bin/Cura-2 + checksum: sha256:888fb2c926b3549059dd1cf16ec0790f4fb4e39f1f693416e686bad16b98610e + mode: 0755 + +- name: Desktop entry for Cura 2 + copy: + src: cura2.desktop + dest: /usr/share/applications/cura2.desktop + mode: 0644 + +- name: Download Cura 3 + get_url: + url: http://software.ultimaker.com/current/Cura-3.3.1.AppImage + dest: /usr/local/bin/Cura-3 + checksum: sha256:af8baedc8a93348f7d2416c147ea7c7b53b4b383342f9f08925bd64faa941aa5 + mode: 0755 + +- name: Desktop entry for Cura 3 + copy: + src: cura3.desktop + dest: /usr/share/applications/cura3.desktop + mode: 0644 + +- name: Remove old Cura files + file: + path: /usr/share/applications/{{ item }}.desktop + state: absent + with_items: + - /usr/local/bin/Cura + - /usr/share/applications/cura.desktop + - /usr/share/applications/cura-3.1.desktop diff --git a/roles/dconf/files/dconf.profile.user b/roles/dconf/files/dconf.profile.user new file mode 100644 index 0000000..9084494 --- /dev/null +++ b/roles/dconf/files/dconf.profile.user @@ -0,0 +1,2 @@ +user-db:user +system-db:site diff --git a/roles/dconf/handlers/main.yml b/roles/dconf/handlers/main.yml new file mode 100644 index 0000000..db9f7f8 --- /dev/null +++ b/roles/dconf/handlers/main.yml @@ -0,0 +1,2 @@ +- name: dconf update + command: dconf update diff --git a/roles/dconf/tasks/main.yml b/roles/dconf/tasks/main.yml new file mode 100644 index 0000000..cdcebee --- /dev/null +++ b/roles/dconf/tasks/main.yml @@ -0,0 +1,30 @@ +- name: dconf packages + apt: + pkg: "{{item}}" + state: present + with_items: + - dconf-cli + +- name: Setup dconf profile directory + file: + dest: /etc/dconf/profile + owner: root + group: root + mode: 0755 + state: directory + +- name: Setup dconf profile + copy: + src: dconf.profile.user + dest: /etc/dconf/profile/user + owner: root + group: root + mode: 0644 + +- name: Setup dconf db directory + file: + dest: /etc/dconf/db/site.d + owner: root + group: root + mode: 0755 + state: directory diff --git a/roles/desktop_apps/tasks/main.yml b/roles/desktop_apps/tasks/main.yml new file mode 100644 index 0000000..a38dace --- /dev/null +++ b/roles/desktop_apps/tasks/main.yml @@ -0,0 +1,12 @@ +- name: Install Hacklab Desktop packages + apt: + name: "{{ item }}" + state: present + with_items: + - firefox + - inkscape + - arduino + - librecad + - vlc + - ffmpeg + - gimp diff --git a/roles/desktop_auth/handlers/main.yml b/roles/desktop_auth/handlers/main.yml new file mode 100644 index 0000000..13635db --- /dev/null +++ b/roles/desktop_auth/handlers/main.yml @@ -0,0 +1,4 @@ +- name: restart sshd + service: + name: ssh + state: restarted diff --git a/roles/desktop_auth/tasks/main.yml b/roles/desktop_auth/tasks/main.yml new file mode 100644 index 0000000..65088d6 --- /dev/null +++ b/roles/desktop_auth/tasks/main.yml @@ -0,0 +1,72 @@ +- name: Install sudo + apt: + name: sudo + state: present + +- name: Install sshd + apt: + name: openssh-server + state: present + +- name: root password + user: + name: root + password: "$6$rounds=2000000$ssaaJvMG.V6ateJd$.3Ht.X1PlcakPTz3OYexs6h/jz6NR5Qy.9YWynZ.XDQlCqBYfrUdFhqM6kAQcKO/fxVHwo1uRrqcKxYvGNKz/0" + +- name: /root/.ssh + file: + path: /root/.ssh + state: directory + owner: root + group: root + mode: 0700 + +- name: /root/.ssh/authorized_keys + template: + src: authorized_keys.j2 + dest: /root/.ssh/authorized_keys + owner: root + group: root + mode: 0600 + +- name: Configure SSH for key-only root access + lineinfile: + path: /etc/ssh/sshd_config + regexp: "^\\s*PermitRootLogin\\s+" + line: "PermitRootLogin without-password" + notify: restart sshd + +- name: SSH PubkeyAuthentication=yes + lineinfile: + path: /etc/ssh/sshd_config + regexp: "^\\s*PubkeyAuthentication\\s+" + line: "PubkeyAuthentication yes" + notify: restart sshd + +- name: SSH PasswordAuthentication=no + lineinfile: + path: /etc/ssh/sshd_config + regexp: "^\\s*PasswordAuthentication\\s+" + line: "PasswordAuthentication no" + notify: restart sshd + +- name: Hacklab user + user: + name: hacklab + password: "$6$KE4g5K18$qeK6I7/j78Ob6cDqoJRt1IzvQ34PpOi1/HSQ2oEjAf3h/7XtkS6DJ6pEW.zm8szJ3wzA0cJ0vbSRHf2pWKJFo/" # "hacklab" + groups: cdrom,dip,plugdev,lpadmin,dialout,sudo + comment: Hacklab + shell: /bin/bash + +- name: Disable hacklab user authorized_keys + file: + path: /home/hacklab/.ssh/authorized_keys + state: absent + +#- name: Disable lightdm guest +# copy: +# content: "[Seat:*]\nallow-guest=false\n" +# dest: /etc/lightdm/lightdm.conf.d/50-no-guest.conf +# owner: root +# group: root +# mode: 0644 diff --git a/roles/desktop_auth/templates/authorized_keys.j2 b/roles/desktop_auth/templates/authorized_keys.j2 new file mode 100644 index 0000000..f4014c6 --- /dev/null +++ b/roles/desktop_auth/templates/authorized_keys.j2 @@ -0,0 +1,4 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1BgtrG0yy6DjBZj2T9lhXMjvMUFEJDtOU2Q1IIXqpww5d8KxZr/BqJnKxSm6SDSwkbbg+30hYHFPjG7IFXIc07ThqCu+LySfD5FoberijI8KdDYZsuETWExvUVlA6ma7pzAxuncor5UZtpH6K9Afwrk4e2EcB7ey3Xi0oqs8kzCzPVNEypKNbp2rNwkKpTReZ8Cvk7DlVKdjUH9nXSfT9AQTqIMRiFoDnC3PaXCsre1V6idoGWn6/3EykayiphBZR1XS9An0Ygyyy1buO09DrWsGmjlrJ9IdqZARCmhlEk2eFdnB36xXR/aIQH3C8gjDKLNyMXKfHQ99O540AGLHLQ== tim-hawes +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGuAKBQaUk+a99TDCdB/m+W2RKwOCC3nVFKXCcJHq8i0ZuxQGs01Eerhg0Z07xJcrYEmT/NwmbXUVv8iq9fekRanalkkx1/RBvLIxfgSYEO1whzFL5nR9ZpdqFonnX1J4Ho4VwknYqa/OFwrLTubImJsO0vpJ8TmbbPy4IYRj+p66QCoXb9CIVtlpPdvo3UzJqtTZMhbDSwgioddke4g5wcDJRXYmVV2b4HC2lI5rZTAcLePny41QZznsHIGDahmvBpgMgiho6fOVPdxYCdvyi9oiOvhBXvEdnffByqtyZ80pk7necoVXHKsVt9PAYaXAch8w7OIXYORw40p0TNKJJ timhawes-openpgp-20170512 +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCgDkInfQhmiQmF/SSC8wnGHZrrH0ftIAtmvV1ks1i+cC6uOLLtxoYfg1VXUvAJ7AEiYZDxWwLGePjZFv7SiQuJvpl20F0Lfh0NaqfQDvWVnH2pOIRLj0w8mZdCQARw2l/jKqmaFAgIU4FZsjxh/4u6C8t9b+V7D+VSS/XOf2+xsJrc4iSAqDM4mb59ujswfv7s4DxKEpWcOW69PK7Olir47vZBn2P06VtjmRoL2Eq3QxunttLdbQizI9Xplq5vOEvPISVkMePieWHoLYmk1fcuN998BFoZzIPKv7AO7Keqyv4wh9ywO3COc8TCAxjMRTWihV0tqdkX3Gq+MRHPf27f mike-walters +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDgM5Reh+b+62WZTfm9eWMC0IJ+RyL7V6+tzpUsm3PZafyOo5TmV4Gvab8bbnpTOA5nlrC0kNep6ZhcSUnnu7y9gAfjwGFtYlljsM98qNIKh6tyl1ihUMb6rghPxVuigEzra5VWcWny9FLm9QofwVTmDkGe5OpGk/iCFbL7NuObSVU7Hy5Ove1BctQas3108nLKDHghiSKV/Ahm1Vds90ZFwbhXBBbqGu9W3Sou20ehBpx0vCGF7+EE+JBOZzxUb9xZdcgWObtYFoqrziRiaK1D0I31ugH3aK76QUEjyb63TSs7KkNHIl8PYyL5JnLDtH4spoQv7rQZ9Gc5mZ/j14TD harry-reeder diff --git a/roles/desktop_ubuntu_bionic/files/idle-delay.dconf b/roles/desktop_ubuntu_bionic/files/idle-delay.dconf new file mode 100644 index 0000000..0669f4d --- /dev/null +++ b/roles/desktop_ubuntu_bionic/files/idle-delay.dconf @@ -0,0 +1,2 @@ +[org/gnome/desktop/session] +idle-delay=1800 diff --git a/roles/desktop_ubuntu_bionic/files/wallpaper.dconf b/roles/desktop_ubuntu_bionic/files/wallpaper.dconf new file mode 100644 index 0000000..77127ac --- /dev/null +++ b/roles/desktop_ubuntu_bionic/files/wallpaper.dconf @@ -0,0 +1,7 @@ +[org/gnome/desktop/background] +draw-background=true +picture-uri='file:///usr/share/backgrounds/hacklab/hacklab-wallpaper-dark-1.png' +color-shading-type='solid' +primary-color='#000000' +picture-options='zoom' +secondary-color='#000000' diff --git a/roles/desktop_ubuntu_bionic/meta/main.yml b/roles/desktop_ubuntu_bionic/meta/main.yml new file mode 100644 index 0000000..60f90ec --- /dev/null +++ b/roles/desktop_ubuntu_bionic/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - { role: dconf } diff --git a/roles/desktop_ubuntu_bionic/tasks/main.yml b/roles/desktop_ubuntu_bionic/tasks/main.yml new file mode 100644 index 0000000..5c4012d --- /dev/null +++ b/roles/desktop_ubuntu_bionic/tasks/main.yml @@ -0,0 +1,41 @@ +- name: Install Ubuntu Desktop + package: + name: ubuntu-desktop + state: present + +- name: Remove unwanted packages + apt: + name: "{{ item }}" + state: absent + with_items: + - gnome-initial-setup + - ubuntu-web-launchers + +- name: Hacklab desktop wallpaper folder + file: + name: /usr/share/backgrounds/hacklab + state: directory + +- name: Hacklab desktop wallpaper + get_url: + url: https://wiki.edinburghhacklab.com/_media/hacklab-wallpaper-dark-1.png + dest: /usr/share/backgrounds/hacklab/hacklab-wallpaper-dark-1.png + +- name: Configure desktop wallpaper + copy: + src: wallpaper.dconf + dest: /etc/dconf/db/site.d/wallpaper + mode: 0644 + notify: dconf update + +- name: Set idle delay + copy: + src: idle-delay.dconf + dest: /etc/dconf/db/site.d/idle-delay + mode: 0644 + notify: dconf update + +#- name: Remove Amazon icon from desktop +# file: +# path: /usr/share/applications/ubuntu-amazon-default.desktop +# state: absent diff --git a/roles/google_chrome/tasks/debian.yml b/roles/google_chrome/tasks/debian.yml new file mode 100644 index 0000000..31b1c1f --- /dev/null +++ b/roles/google_chrome/tasks/debian.yml @@ -0,0 +1,27 @@ +- name: Google APT key + apt_key: + id: D38B4796 + url: https://dl-ssl.google.com/linux/linux_signing_key.pub + state: present + +- name: Google Chrome APT repo + apt_repository: + filename: google-chrome + repo: deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main + state: present + +- name: Google Talk Plugin APT repo + apt_repository: + filename: google-talkplugin + repo: deb [arch=amd64] http://dl.google.com/linux/talkplugin/deb/ stable main + state: present + +- name: Install Google Chrome + apt: + name: google-chrome-stable + state: latest + +- name: Install Google Talk Plugin + apt: + name: google-talkplugin + state: latest diff --git a/roles/google_chrome/tasks/main.yml b/roles/google_chrome/tasks/main.yml new file mode 100644 index 0000000..521a113 --- /dev/null +++ b/roles/google_chrome/tasks/main.yml @@ -0,0 +1,2 @@ +- include_tasks: debian.yml + when: ansible_os_family == 'Debian' diff --git a/roles/hacklab_printers/files/Brother-HL-1430.ppd b/roles/hacklab_printers/files/Brother-HL-1430.ppd new file mode 100644 index 0000000..492d13b --- /dev/null +++ b/roles/hacklab_printers/files/Brother-HL-1430.ppd @@ -0,0 +1,301 @@ +*PPD-Adobe: "4.3" +*% +*% For information on using this, and to obtain the required backend +*% script, consult http://www.openprinting.org/ +*% +*% This file is published under the GNU General Public License +*% +*% PPD-O-MATIC (4.0.0 or newer) generated this PPD file. It is for use with +*% all programs and environments which use PPD files for dealing with +*% printer capability information. The printer must be configured with the +*% "foomatic-rip" backend filter script of Foomatic 4.0.0 or newer. This +*% file and "foomatic-rip" work together to support PPD-controlled printer +*% driver option access with all supported printer drivers and printing +*% spoolers. +*% +*% To save this file on your disk, wait until the download has completed +*% (the animation of the browser logo must stop) and then use the +*% "Save as..." command in the "File" menu of your browser or in the +*% pop-up manu when you click on this document with the right mouse button. +*% DO NOT cut and paste this file into an editor with your mouse. This can +*% introduce additional line breaks which lead to unexpected results. +*% +*% You may save this file as 'Brother-HL-1430-hl1250.ppd' +*% +*% +*FormatVersion: "4.3" +*FileVersion: "1.1" +*LanguageVersion: English +*LanguageEncoding: ISOLatin1 +*PCFileName: "HL1250.PPD" +*Manufacturer: "Brother" +*Product: "(HL-1430 series)" +*cupsVersion: 1.0 +*cupsManualCopies: True +*cupsModelNumber: 2 +*cupsFilter: "application/vnd.cups-postscript 100 foomatic-rip" +*cupsFilter: "application/vnd.cups-pdf 0 foomatic-rip" +*%pprRIP: foomatic-rip other +*ModelName: "Brother HL-1430" +*ShortNickName: "Brother HL-1430 hl1250" +*NickName: "Brother HL-1430 Foomatic/hl1250 (recommended)" +*PSVersion: "(3010.000) 550" +*PSVersion: "(3010.000) 651" +*PSVersion: "(3010.000) 652" +*PSVersion: "(3010.000) 653" +*PSVersion: "(3010.000) 704" +*PSVersion: "(3010.000) 705" +*PSVersion: "(3010.000) 800" +*PSVersion: "(3010.000) 815" +*PSVersion: "(3010.000) 850" +*PSVersion: "(3010.000) 860" +*PSVersion: "(3010.000) 861" +*PSVersion: "(3010.000) 862" +*PSVersion: "(3010.000) 863" +*PSVersion: "(3010.000) 864" +*PSVersion: "(3010.000) 870" +*LanguageLevel: "3" +*ColorDevice: False +*DefaultColorSpace: Gray +*FileSystem: False +*Throughput: "1" +*LandscapeOrientation: Plus90 +*TTRasterizer: Type42 +*1284DeviceID: "MFG:Brother;MDL:HL-1430 series;CMD:PJL;DRV:Dhl1250,R1,M0,TG;" + +*driverName hl1250: "" +*driverType G/Ghostscript built-in: "" +*driverUrl: "http://www.amelek.gda.pl/gs-hl1250/" +*driverObsolete: False +*driverManufacturerSupplied: False + + + + +*HWMargins: 18 36 18 36 +*VariablePaperSize: True +*MaxMediaWidth: 100000 +*MaxMediaHeight: 100000 +*NonUIOrderDependency: 100 AnySetup *CustomPageSize +*CustomPageSize True: "pop pop pop pop pop +%% FoomaticRIPOptionSetting: PageSize=Custom" +*End +*FoomaticRIPOptionSetting PageSize=Custom: " -dDEVICEWIDTHPOINTS=0 -dD&& +EVICEHEIGHTPOINTS=0" +*End +*ParamCustomPageSize Width: 1 points 36 100000 +*ParamCustomPageSize Height: 2 points 36 100000 +*ParamCustomPageSize Orientation: 3 int 0 0 +*ParamCustomPageSize WidthOffset: 4 points 0 0 +*ParamCustomPageSize HeightOffset: 5 points 0 0 + +*FoomaticIDs: Brother-HL-1430 hl1250 +*FoomaticRIPCommandLine: "gs -q -dBATCH -dPARANOIDSAFER -dNOPAUSE -dNO&& +MEDIAATTRS -dNOINTERPOLATE -sDEVICE=hl1250%A%Z -sOutputFile=-%C -f -" +*End + +*OpenGroup: General/General + +*OpenUI *PageSize/Page Size: PickOne +*FoomaticRIPOption PageSize: enum CmdLine A +*OrderDependency: 100 AnySetup *PageSize +*DefaultPageSize: A4 +*PageSize Letter/US Letter: "%% FoomaticRIPOptionSetting: PageSize=Letter" +*FoomaticRIPOptionSetting PageSize=Letter: " -dDEVICEWIDTHPOINTS=612 -&& +dDEVICEHEIGHTPOINTS=792" +*End +*PageSize A4/A4: "%% FoomaticRIPOptionSetting: PageSize=A4" +*FoomaticRIPOptionSetting PageSize=A4: " -dDEVICEWIDTHPOINTS=595 -dDEV&& +ICEHEIGHTPOINTS=842" +*End +*PageSize 11x17/11x17: "%% FoomaticRIPOptionSetting: PageSize=11x17" +*FoomaticRIPOptionSetting PageSize=11x17: " -dDEVICEWIDTHPOINTS=792 -d&& +DEVICEHEIGHTPOINTS=1224" +*End +*PageSize A3/A3: "%% FoomaticRIPOptionSetting: PageSize=A3" +*FoomaticRIPOptionSetting PageSize=A3: " -dDEVICEWIDTHPOINTS=842 -dDEV&& +ICEHEIGHTPOINTS=1191" +*End +*PageSize A5/A5: "%% FoomaticRIPOptionSetting: PageSize=A5" +*FoomaticRIPOptionSetting PageSize=A5: " -dDEVICEWIDTHPOINTS=421 -dDEV&& +ICEHEIGHTPOINTS=595" +*End +*PageSize B5/B5 (JIS): "%% FoomaticRIPOptionSetting: PageSize=B5" +*FoomaticRIPOptionSetting PageSize=B5: " -dDEVICEWIDTHPOINTS=516 -dDEV&& +ICEHEIGHTPOINTS=729" +*End +*PageSize Env10/Envelope #10: "%% FoomaticRIPOptionSetting: PageSize=Env10" +*FoomaticRIPOptionSetting PageSize=Env10: " -dDEVICEWIDTHPOINTS=297 -d&& +DEVICEHEIGHTPOINTS=684" +*End +*PageSize EnvC5/Envelope C5: "%% FoomaticRIPOptionSetting: PageSize=EnvC5" +*FoomaticRIPOptionSetting PageSize=EnvC5: " -dDEVICEWIDTHPOINTS=459 -d&& +DEVICEHEIGHTPOINTS=649" +*End +*PageSize EnvDL/Envelope DL: "%% FoomaticRIPOptionSetting: PageSize=EnvDL" +*FoomaticRIPOptionSetting PageSize=EnvDL: " -dDEVICEWIDTHPOINTS=312 -d&& +DEVICEHEIGHTPOINTS=624" +*End +*PageSize EnvISOB5/Envelope B5: "%% FoomaticRIPOptionSetting: PageSize=EnvISOB5" +*FoomaticRIPOptionSetting PageSize=EnvISOB5: " -dDEVICEWIDTHPOINTS=499&& + -dDEVICEHEIGHTPOINTS=709" +*End +*PageSize EnvMonarch/Envelope Monarch: "%% FoomaticRIPOptionSetting: PageSize=EnvMonarch" +*FoomaticRIPOptionSetting PageSize=EnvMonarch: " -dDEVICEWIDTHPOINTS=2&& +79 -dDEVICEHEIGHTPOINTS=540" +*End +*PageSize Executive/Executive: "%% FoomaticRIPOptionSetting: PageSize=Executive" +*FoomaticRIPOptionSetting PageSize=Executive: " -dDEVICEWIDTHPOINTS=52&& +2 -dDEVICEHEIGHTPOINTS=756" +*End +*PageSize Legal/US Legal: "%% FoomaticRIPOptionSetting: PageSize=Legal" +*FoomaticRIPOptionSetting PageSize=Legal: " -dDEVICEWIDTHPOINTS=612 -d&& +DEVICEHEIGHTPOINTS=1008" +*End +*CloseUI: *PageSize + +*OpenUI *PageRegion: PickOne +*OrderDependency: 100 AnySetup *PageRegion +*DefaultPageRegion: A4 +*PageRegion Letter/US Letter: "%% FoomaticRIPOptionSetting: PageSize=Letter" +*PageRegion A4/A4: "%% FoomaticRIPOptionSetting: PageSize=A4" +*PageRegion 11x17/11x17: "%% FoomaticRIPOptionSetting: PageSize=11x17" +*PageRegion A3/A3: "%% FoomaticRIPOptionSetting: PageSize=A3" +*PageRegion A5/A5: "%% FoomaticRIPOptionSetting: PageSize=A5" +*PageRegion B5/B5 (JIS): "%% FoomaticRIPOptionSetting: PageSize=B5" +*PageRegion Env10/Envelope #10: "%% FoomaticRIPOptionSetting: PageSize=Env10" +*PageRegion EnvC5/Envelope C5: "%% FoomaticRIPOptionSetting: PageSize=EnvC5" +*PageRegion EnvDL/Envelope DL: "%% FoomaticRIPOptionSetting: PageSize=EnvDL" +*PageRegion EnvISOB5/Envelope B5: "%% FoomaticRIPOptionSetting: PageSize=EnvISOB5" +*PageRegion EnvMonarch/Envelope Monarch: "%% FoomaticRIPOptionSetting: PageSize=EnvMonarch" +*PageRegion Executive/Executive: "%% FoomaticRIPOptionSetting: PageSize=Executive" +*PageRegion Legal/US Legal: "%% FoomaticRIPOptionSetting: PageSize=Legal" +*CloseUI: *PageRegion + +*DefaultImageableArea: A4 +*ImageableArea Letter/US Letter: "18 36 594 756" +*ImageableArea A4/A4: "18 36 577 806" +*ImageableArea 11x17/11x17: "18 36 774 1188" +*ImageableArea A3/A3: "18 36 824 1155" +*ImageableArea A5/A5: "18 36 403 559" +*ImageableArea B5/B5 (JIS): "18 36 498 693" +*ImageableArea Env10/Envelope #10: "18 36 279 648" +*ImageableArea EnvC5/Envelope C5: "18 36 441 613" +*ImageableArea EnvDL/Envelope DL: "18 36 294 588" +*ImageableArea EnvISOB5/Envelope B5: "18 36 481 673" +*ImageableArea EnvMonarch/Envelope Monarch: "18 36 261 504" +*ImageableArea Executive/Executive: "18 36 504 720" +*ImageableArea Legal/US Legal: "18 36 594 972" + +*DefaultPaperDimension: A4 +*PaperDimension Letter/US Letter: "612 792" +*PaperDimension A4/A4: "595 842" +*PaperDimension 11x17/11x17: "792 1224" +*PaperDimension A3/A3: "842 1191" +*PaperDimension A5/A5: "421 595" +*PaperDimension B5/B5 (JIS): "516 729" +*PaperDimension Env10/Envelope #10: "297 684" +*PaperDimension EnvC5/Envelope C5: "459 649" +*PaperDimension EnvDL/Envelope DL: "312 624" +*PaperDimension EnvISOB5/Envelope B5: "499 709" +*PaperDimension EnvMonarch/Envelope Monarch: "279 540" +*PaperDimension Executive/Executive: "522 756" +*PaperDimension Legal/US Legal: "612 1008" + +*JCLOpenUI *MediaType/Media Type: PickOne +*OrderDependency: 100 JCLSetup *MediaType +*DefaultMediaType: Plain +*MediaType Plain/Plain Paper: "@PJL SET MEDIATYPE=REGULAR<0A>" +*MediaType Bond/Bond Paper: "@PJL SET MEDIATYPE=BOND<0A>" +*MediaType Thick/Thick Paper: "@PJL SET MEDIATYPE=THICK<0A>" +*MediaType Thicker/Thicker Paper: "@PJL SET MEDIATYPE=THICKER<0A>" +*MediaType Thin/Thin Paper: "@PJL SET MEDIATYPE=THIN<0A>" +*MediaType Transparencies/Transparent: "@PJL SET MEDIATYPE=TRANS<0A>" +*JCLCloseUI: *MediaType + +*OpenUI *EconoMode/Economy Mode: PickOne +*FoomaticRIPOption EconoMode: enum CmdLine A +*OrderDependency: 100 AnySetup *EconoMode +*DefaultEconoMode: off +*EconoMode high/High (50%): "%% FoomaticRIPOptionSetting: EconoMode=high" +*FoomaticRIPOptionSetting EconoMode=high: " -dEconoMode=2" +*EconoMode low/Low (25%): "%% FoomaticRIPOptionSetting: EconoMode=low" +*FoomaticRIPOptionSetting EconoMode=low: " -dEconoMode=1" +*EconoMode off/Off: "%% FoomaticRIPOptionSetting: EconoMode=off" +*FoomaticRIPOptionSetting EconoMode=off: " -dEconoMode=0" +*CloseUI: *EconoMode + +*OpenUI *InputSlot/Media Source: PickOne +*FoomaticRIPOption InputSlot: enum CmdLine A +*OrderDependency: 110 AnySetup *InputSlot +*DefaultInputSlot: auto +*InputSlot upper/Upper Tray: "%% FoomaticRIPOptionSetting: InputSlot=upper" +*FoomaticRIPOptionSetting InputSlot=upper: " -dSourceTray=2" +*InputSlot lower/Lower Tray: "%% FoomaticRIPOptionSetting: InputSlot=lower" +*FoomaticRIPOptionSetting InputSlot=lower: " -dSourceTray=3" +*InputSlot auto/Automatic: "%% FoomaticRIPOptionSetting: InputSlot=auto" +*FoomaticRIPOptionSetting InputSlot=auto: " -dSourceTray=0" +*InputSlot dual/Dual: "%% FoomaticRIPOptionSetting: InputSlot=dual" +*FoomaticRIPOptionSetting InputSlot=dual: " -dSourceTray=1" +*InputSlot manual/Manual Feeder: "%% FoomaticRIPOptionSetting: InputSlot=manual" +*FoomaticRIPOptionSetting InputSlot=manual: " -dSourceTray=4" +*CloseUI: *InputSlot + +*OpenUI *Resolution/Resolution: PickOne +*FoomaticRIPOption Resolution: enum CmdLine A +*OrderDependency: 110 AnySetup *Resolution +*DefaultResolution: 300x300dpi +*Resolution 75x75dpi/75x75 DPI: "%% FoomaticRIPOptionSetting: Resolution=75x75dpi" +*FoomaticRIPOptionSetting Resolution=75x75dpi: " -r75x75" +*Resolution 150x150dpi/150x150 DPI: "%% FoomaticRIPOptionSetting: Resolution=150x150dpi" +*FoomaticRIPOptionSetting Resolution=150x150dpi: " -r150x150" +*Resolution 300x300dpi/300x300 DPI: "%% FoomaticRIPOptionSetting: Resolution=300x300dpi" +*FoomaticRIPOptionSetting Resolution=300x300dpi: " -r300x300" +*Resolution 600x600dpi/600x600 DPI: "%% FoomaticRIPOptionSetting: Resolution=600x600dpi" +*FoomaticRIPOptionSetting Resolution=600x600dpi: " -r600x600" +*Resolution 1200x600dpi/1200x600 DPI: "%% FoomaticRIPOptionSetting: Resolution=1200x600dpi" +*FoomaticRIPOptionSetting Resolution=1200x600dpi: " -r1200x600" +*CloseUI: *Resolution + +*CloseGroup: General + + +*% Generic boilerplate PPD stuff as standard PostScript fonts and so on + +*DefaultFont: Courier +*Font AvantGarde-Book: Standard "(001.006S)" Standard ROM +*Font AvantGarde-BookOblique: Standard "(001.006S)" Standard ROM +*Font AvantGarde-Demi: Standard "(001.007S)" Standard ROM +*Font AvantGarde-DemiOblique: Standard "(001.007S)" Standard ROM +*Font Bookman-Demi: Standard "(001.004S)" Standard ROM +*Font Bookman-DemiItalic: Standard "(001.004S)" Standard ROM +*Font Bookman-Light: Standard "(001.004S)" Standard ROM +*Font Bookman-LightItalic: Standard "(001.004S)" Standard ROM +*Font Courier: Standard "(002.004S)" Standard ROM +*Font Courier-Bold: Standard "(002.004S)" Standard ROM +*Font Courier-BoldOblique: Standard "(002.004S)" Standard ROM +*Font Courier-Oblique: Standard "(002.004S)" Standard ROM +*Font Helvetica: Standard "(001.006S)" Standard ROM +*Font Helvetica-Bold: Standard "(001.007S)" Standard ROM +*Font Helvetica-BoldOblique: Standard "(001.007S)" Standard ROM +*Font Helvetica-Narrow: Standard "(001.006S)" Standard ROM +*Font Helvetica-Narrow-Bold: Standard "(001.007S)" Standard ROM +*Font Helvetica-Narrow-BoldOblique: Standard "(001.007S)" Standard ROM +*Font Helvetica-Narrow-Oblique: Standard "(001.006S)" Standard ROM +*Font Helvetica-Oblique: Standard "(001.006S)" Standard ROM +*Font NewCenturySchlbk-Bold: Standard "(001.009S)" Standard ROM +*Font NewCenturySchlbk-BoldItalic: Standard "(001.007S)" Standard ROM +*Font NewCenturySchlbk-Italic: Standard "(001.006S)" Standard ROM +*Font NewCenturySchlbk-Roman: Standard "(001.007S)" Standard ROM +*Font Palatino-Bold: Standard "(001.005S)" Standard ROM +*Font Palatino-BoldItalic: Standard "(001.005S)" Standard ROM +*Font Palatino-Italic: Standard "(001.005S)" Standard ROM +*Font Palatino-Roman: Standard "(001.005S)" Standard ROM +*Font Symbol: Special "(001.007S)" Special ROM +*Font Times-Bold: Standard "(001.007S)" Standard ROM +*Font Times-BoldItalic: Standard "(001.009S)" Standard ROM +*Font Times-Italic: Standard "(001.007S)" Standard ROM +*Font Times-Roman: Standard "(001.007S)" Standard ROM +*Font ZapfChancery-MediumItalic: Standard "(001.007S)" Standard ROM +*Font ZapfDingbats: Special "(001.004S)" Standard ROM + diff --git a/roles/hacklab_printers/library/cups_printer b/roles/hacklab_printers/library/cups_printer new file mode 100644 index 0000000..7b8a817 --- /dev/null +++ b/roles/hacklab_printers/library/cups_printer @@ -0,0 +1,152 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +import hashlib +import cups +from ansible.module_utils.basic import AnsibleModule + +def get_printer_state(conn, name): + printers = conn.getPrinters() + if name in printers: + state = { + 'info': printers[name]['printer-info'], + 'location': printers[name]['printer-location'], + 'device': printers[name]['device-uri'], + 'shared': printers[name]['printer-is-shared'], + } + if printers[name]['printer-state'] == 5: + state['enabled'] = False + else: + state['enabled'] = True + attributes = conn.getPrinterAttributes(name, + requested_attributes=['printer-is-accepting-jobs']) + state['accept'] = attributes['printer-is-accepting-jobs'] + return state + else: + return None + +def main(): + module = AnsibleModule( + argument_spec=dict( + name=dict(required=True, type='str'), + info=dict(required=False, type='str'), + location=dict(required=False, type='str'), + device=dict(required=False, type='str'), + ppd=dict(required=False, type='str'), + accept=dict(required=False, type='bool'), + enabled=dict(required=False, type='bool'), + shared=dict(required=False, type='bool'), + default=dict(default=False, type='bool'), + state=dict(default='present', choices=['absent', 'present']), + options=dict(required=False, type='dict'), + ), + supports_check_mode=True + ) + + conn = cups.Connection() + current_state = get_printer_state(conn, module.params['name']) + + # handle state=absent + if module.params['state'] == 'absent': + if current_state is None: + module.exit_json(changed=False) + else: + if not module.check_mode: + conn.deletePrinter(module.params['name']) + module.exit_json(changed=True, msg='removed') + + messages = [] + changed = False + + # handle state=present, new printer + if current_state is None: + kwargs = {} + if module.params['info']: + kwargs['info'] = module.params['info'] + if module.params['location']: + kwargs['location'] = module.params['location'] + if module.params['device']: + kwargs['device'] = module.params['device'] + if module.params['shared']: + kwargs['shared'] = module.params['shared'] + if module.params['ppd']: + kwargs['filename'] = module.params['ppd'] + if not module.check_mode: + conn.addPrinter(module.params['name'], **kwargs) + conn.enablePrinter(module.params['name']) + conn.acceptJobs(module.params['name']) + messages.append('added') + changed = True + current_state = get_printer_state(conn, module.params['name']) + + # handle state=present, existing printer + if module.params['info'] is not None and module.params['info'] != current_state['info']: + if not module.check_mode: + conn.setPrinterInfo(module.params['name'], module.params['info']) + messages.append('set info') + changed = True + if module.params['location'] is not None and module.params['location'] != current_state['location']: + if not module.check_mode: + conn.setPrinterLocation(module.params['name'], module.params['location']) + messages.append('set location') + changed = True + if module.params['device'] is not None and module.params['device'] != current_state['device']: + if not module.check_mode: + conn.setPrinterDevice(module.params['name'], module.params['device']) + messages.append('set device') + changed = True + if module.params['shared'] is not None and module.params['shared'] != current_state['shared']: + if not module.check_mode: + conn.setPrinterShared(module.params['name'], module.params['shared']) + messages.append('set shared {}'.format(module.params['shared'])) + changed = True + if module.params['accept'] is not None and module.params['accept'] != current_state['accept']: + if not module.check_mode: + if module.params['accept'] is True: + conn.acceptJobs(module.params['name']) + messages.append('accept jobs') + else: + conn.rejectJobs(module.params['name']) + messages.append('reject jobs') + changed = True + if module.params['enabled'] is not None and module.params['enabled'] != current_state['enabled']: + if not module.check_mode: + if module.params['enabled'] is True: + conn.enablePrinter(module.params['name']) + messages.append('enabled') + else: + conn.disablePrinter(module.params['name']) + messages.append('disabled') + changed = True + if module.params['ppd'] is not None: + filename = conn.getPPD(module.params['name']) + current_sig = hashlib.sha1(open(filename, 'r').read()).hexdigest() + new_sig = hashlib.sha1(open(module.params['ppd'], 'r').read()).hexdigest() + if new_sig != current_sig: + if not module.check_mode: + conn.addPrinter(module.params['name'], filename=module.params['ppd']) + messages.append('updated ppd') + changed = True + #os.unlink(filename) + + if isinstance(module.params['options'], dict): + current_options = conn.getPrinterAttributes(module.params['name']) + for k, v in module.params['options'].items(): + if '{}-default'.format(k) in current_options: + if current_options['{}-default'.format(k)] != v: + if not module.check_mode: + conn.addPrinterOptionDefault(module.params['name'], k, v) + messages.append('set option {}'.format(k)) + changed = True + + if module.params['default'] is True: + if conn.getDefault() != module.params['name']: + if not module.check_mode: + conn.setDefault(module.params['name']) + messages.append('set default') + changed = True + + module.exit_json(changed=changed, msg=', '.join(messages)) + +if __name__ == '__main__': + main() diff --git a/roles/hacklab_printers/tasks/main.yml b/roles/hacklab_printers/tasks/main.yml new file mode 100644 index 0000000..706db35 --- /dev/null +++ b/roles/hacklab_printers/tasks/main.yml @@ -0,0 +1,29 @@ +- name: Python2 CUPS module + apt: + pkg: python-cups + state: present + +- name: Python3 CUPS module + apt: + pkg: python3-cups + state: present + +- name: PPD for Brother HL-1430 + copy: + src: Brother-HL-1430.ppd + dest: /etc/cups/Brother-HL-1430.ppd + +- name: Configure Brother HL-1430 + cups_printer: + name: Brother-HL-1430 + ppd: /etc/cups/Brother-HL-1430.ppd + info: Brother HL-1430 + location: + device: socket://jetdirect.hacklab:9100 + default: true + shared: false + accept: true + enabled: true + state: present + # this state will fail during initial install where cups is not running + ignore_errors: true diff --git a/roles/hardware/tasks/main.yml b/roles/hardware/tasks/main.yml new file mode 100644 index 0000000..8f75157 --- /dev/null +++ b/roles/hardware/tasks/main.yml @@ -0,0 +1,17 @@ +- name: Intel microcode + apt: + pkg: intel-microcode + state: latest + when: ansible_distribution == "Ubuntu" and ansible_virtualization_role is defined and ansible_virtualization_role != "guest" and ansible_processor[1] == "GenuineIntel" + +- name: AMD64 microcode + apt: + pkg: amd64-microcode + state: latest + when: ansible_distribution == "Ubuntu" and ansible_virtualization_role is defined and ansible_virtualization_role != "guest" and ansible_processor[1] == "AuthenticAMD" + +- name: VMware Tools + apt: + pkg: open-vm-tools + state: latest + when: ansible_pkg_mgr == "apt" and ansible_virtualization_role is defined and ansible_virtualization_role == "guest" and ansible_virtualization_type is defined and ansible_virtualization_type == "VMware" diff --git a/roles/pull_daily/files/ansible-pull-hacklab-desktop b/roles/pull_daily/files/ansible-pull-hacklab-desktop new file mode 100644 index 0000000..0d7677d --- /dev/null +++ b/roles/pull_daily/files/ansible-pull-hacklab-desktop @@ -0,0 +1,3 @@ +#!/bin/sh + +ansible-pull -U https://gogs.ehlab.uk/tim/ansible-hacklab-desktop diff --git a/roles/pull_daily/tasks/main.yml b/roles/pull_daily/tasks/main.yml new file mode 100644 index 0000000..6fd2938 --- /dev/null +++ b/roles/pull_daily/tasks/main.yml @@ -0,0 +1,18 @@ +- name: ansible-pull-hacklab-desktop + copy: + src: ansible-pull-hacklab-desktop + dest: /usr/local/sbin/ansible-pull-hacklab-desktop + owner: root + group: root + mode: 0755 + +- name: install in cron.daily + file: + src: /usr/local/sbin/ansible-pull-hacklab-desktop + dest: /etc/cron.daily/ansible-pull-hacklab-desktop + state: link + +- name: install anacron + apt: + name: anacron + state: present diff --git a/roles/upgrade/tasks/main.yml b/roles/upgrade/tasks/main.yml new file mode 100644 index 0000000..84a071b --- /dev/null +++ b/roles/upgrade/tasks/main.yml @@ -0,0 +1,4 @@ +- name: Upgrade packages + apt: + update_cache: yes + upgrade: dist diff --git a/roles/virtualbox/defaults/main.yml b/roles/virtualbox/defaults/main.yml new file mode 100644 index 0000000..f5fc738 --- /dev/null +++ b/roles/virtualbox/defaults/main.yml @@ -0,0 +1,15 @@ +virtualbox_install_release: 5.2 +virtualbox_remove_packages: + - virtualbox-4.3 + - virtualbox-5.0 + - virtualbox-5.1 + - virtualbox + - virtualbox-dkms + - virtualbox-guest-additions-iso + - virtualbox-guest-dkms + - virtualbox-guest-source + - virtualbox-guest-utils + - virtualbox-guest-x11 + - virtualbox-qt + - virtualbox-source + - virtualbox-ext-pack diff --git a/roles/virtualbox/library/virtualbox_facts b/roles/virtualbox/library/virtualbox_facts new file mode 100644 index 0000000..bded02f --- /dev/null +++ b/roles/virtualbox/library/virtualbox_facts @@ -0,0 +1,33 @@ +import os +import subprocess +from ansible.module_utils.basic import AnsibleModule + +def get_virtualbox_extpack_version(): + import xml.etree.ElementTree as ET + if os.path.exists('/usr/lib/virtualbox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/ExtPack.xml'): + root = ET.parse('/usr/lib/virtualbox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/ExtPack.xml').getroot() + version = root.find('{http://www.virtualbox.org/VirtualBoxExtensionPack}Version').text + return version + +def main(): + module = AnsibleModule( + argument_spec=dict(), + supports_check_mode=True, + ) + + facts = {} + + try: + output = subprocess.check_output(['vboxmanage', '-version']) + version, build = output.strip().split('r') + facts['virtualbox_version'] = version + facts['virtualbox_release'] = '.'.join(version.split('.')[0:2]) + facts['virtualbox_build'] = build + facts['virtualbox_extpack_version'] = get_virtualbox_extpack_version() + except OSError: + pass + + module.exit_json(msg="", ansible_facts=facts) + +if __name__ == '__main__': + main() diff --git a/roles/virtualbox/tasks/debian.yml b/roles/virtualbox/tasks/debian.yml new file mode 100644 index 0000000..9937995 --- /dev/null +++ b/roles/virtualbox/tasks/debian.yml @@ -0,0 +1,44 @@ +- name: VirtualBox APT key + apt_key: + id: 2980AECF + url: https://www.virtualbox.org/download/oracle_vbox_2016.asc + state: present + +- name: VirtualBox APT repo + apt_repository: + filename: virtualbox + repo: deb http://download.virtualbox.org/virtualbox/debian {{ ansible_distribution_release }} contrib + state: present + +- name: VirtualBox facts + virtualbox_facts: + +- name: Remove old versions of VirtualBox + shell: | + apt-mark unhold {{ virtualbox_remove_packages|join(" ") }} || true + DEBIAN_FRONTEND=noninteractive apt-get remove -y --ignore-hold {{ virtualbox_remove_packages|join(" ") }} + when: virtualbox_release is defined and virtualbox_release|string != virtualbox_install_release|string + +- name: Install or upgrade VirtualBox + shell: | + DEBIAN_FRONTEND=noninteractive apt-get install -y --force-yes --ignore-hold virtualbox-{{ virtualbox_install_release }} + ignore_errors: yes + +- name: Prevent automatic upgrades to VirtualBox + dpkg_selections: + name: virtualbox-{{ virtualbox_install_release }} + selection: hold + +- name: VirtualBox facts + virtualbox_facts: + +- name: Install VirtualBox extension pack + when: virtualbox_version != virtualbox_extpack_version + shell: | + set -e + url=http://download.virtualbox.org/virtualbox/{{ virtualbox_version }}/Oracle_VM_VirtualBox_Extension_Pack-{{ virtualbox_version }}-{{ virtualbox_build }}.vbox-extpack + tmp=$(mktemp -d) + cd $tmp + wget $url + echo y | vboxmanage extpack install --replace *.vbox-extpack + rm -rf $tmp diff --git a/roles/virtualbox/tasks/main.yml b/roles/virtualbox/tasks/main.yml new file mode 100644 index 0000000..521a113 --- /dev/null +++ b/roles/virtualbox/tasks/main.yml @@ -0,0 +1,2 @@ +- include_tasks: debian.yml + when: ansible_os_family == 'Debian' diff --git a/roles/yubikey/tasks/main.yml b/roles/yubikey/tasks/main.yml new file mode 100644 index 0000000..559ca65 --- /dev/null +++ b/roles/yubikey/tasks/main.yml @@ -0,0 +1,15 @@ +- name: Install YubiKey packages + package: + name: "{{ item }}" + state: present + with_items: + - scdaemon + - python-yubico-tools + - ykneomgr + - yubikey-neo-manager + - yubikey-personalization + - yubikey-personalization-gui + - yubikey-piv-manager + - yubioath-desktop + - ykcs11 + - yubico-piv-tool