X-Git-Url: https://git.realraum.at/?a=blobdiff_plain;f=ansible%2Froles%2Fbase%2Ftasks%2Fmain.yml;h=b9d86018955acc381d91715106b914f28f77fba2;hb=d15a9e06d1a1a1e893160906a5822309ec9e3380;hp=17e95ab493430817d71aa7d01c130b92583a0dfb;hpb=f10f8d027ccbc35daac8d4a7dc8091b15bdcfc33;p=noc.git

diff --git a/ansible/roles/base/tasks/main.yml b/ansible/roles/base/tasks/main.yml
index 17e95ab..b9d8601 100644
--- a/ansible/roles/base/tasks/main.yml
+++ b/ansible/roles/base/tasks/main.yml
@@ -47,7 +47,7 @@
 - name: Set authorized keys for root user
   authorized_key:
     user: root
-    key: "{{ noc_ssh_keys | join('\n') }}"
+    key: "{{ ssh_keys_root | join('\n') }}"
     exclusive: yes
 
 - name: disable apt suggests and recommends
@@ -70,16 +70,45 @@
       - lsof
       - haveged
       - net-tools
-      - ntp
       - screen
       - aptitude
       - unp
       - ca-certificates
       - file
+      - nano
       - zsh
       - python-apt
+      - command-not-found
+      - man-db
+      - lshw
     state: present
 
+- when: base_managed_ntpd
+  block:
+    - name: check that ISC ntpd is not installed
+      apt:
+        name: ntp
+        state: absent
+        purge: yes
+
+    - name: install openntpd
+      apt:
+        name: openntpd
+
+    - name: configure openntpd
+      copy:
+        dest: /etc/openntpd/ntpd.conf
+        content: |
+          # Use the ffgraz.net NTP server
+          servers ntp.ffgraz.net weight 3
+
+          # Use some servers announced from the NTP Pool
+          servers 0.debian.pool.ntp.org
+          servers 1.debian.pool.ntp.org
+
+      notify: restart openntpd
+
+
 - name: make sure grml-(etc|scripts)-core is not installed
   apt:
     name:
@@ -104,18 +133,20 @@
 
   when: ansible_service_mgr == "systemd"
 
-- name: install zshrc
-  with_items:
-    - src: "zprofile"
-      dest: "/etc/zsh/zprofile"
-    - src: "zshrc"
-      dest: "/etc/zsh/zshrc"
-    - src: "zshrc.skel"
-      dest: "/etc/skel/.zshrc"
-  copy:
-    src: "{{ item.src }}"
-    dest: "{{ item.dest }}"
-    mode: 0644
+- block:
+    - name: workaround console-setup race condition (1/2)
+      file:
+        path: /etc/systemd/system/console-setup.service.d/
+        state: directory
+
+    - name: workaround console-setup race condition (2/2)
+      copy:
+        content: "[Unit]\nAfter=systemd-tmpfiles-setup.service\n"
+        dest: /etc/systemd/system/console-setup.service.d/override.conf
+        mode: 0644
+      # no need to relaod systemd here, it is only there to fix a boot-time race-condition
+
+  when: ansible_distribution == "Ubuntu"
 
 - name: set root default shell to zsh
   user:
@@ -123,10 +154,24 @@
     shell: /bin/zsh
 
 - name: set default shell for adduser
-  with_items:
-    - regexp: "^DSHELL"
-      line: "DSHELL=/bin/zsh"
+  with_dict:
+    DSHELL: /bin/zsh
   lineinfile:
     dest: /etc/adduser.conf
-    regexp: "{{ item.regexp }}"
-    line: "{{ item.line }}"
+    regexp: "^#?{{ item.key }}="
+    line: "{{ item.key }}={{ item.value }}"
+
+- name: Deploy default configuration for tools
+  with_dict:
+    /etc/htoprc: "{{ global_files_dir }}/common/htoprc"
+
+    /etc/zsh/zprofile: zprofile
+    /etc/zsh/zshrc: zshrc
+    /etc/skel/.zshrc: zshrc.skel
+
+  loop_control:
+    label: "{{ item.key }}"
+  copy:
+    mode: 0644
+    src: "{{ item.value }}"
+    dest: "{{ item.key }}"