General Improvements + Miner Deprecation (#23)

* Add volume key controls. * Add placeholder for LBRY app. * Refactor gui into gnome and packages. Remove deprecated lineinfiles. Enhance package management. * Variablize tar to fix FreeBSD. * Variablize tar to fix FreeBSD. * Take FreeBSD gui.yml refactor into account. * Unfinished changes to use self-signed cert so local traffic can hit https. Server starts fine, but getting "gnutls_handshake() failed: An unexpected TLS packet was received." on client's `git clone`. * Make D2D optional. FreeBSD is still having a hard time compiling it. * Use a block for Dash To Dock so only one ignore_errors is necessary. * Deprecate miner section since machines have been decommissioned. * Remove deprecated file. * Switch to lightdm on FreeBSD. * Automate GPU driver installation. * Updated DWM config and added TODO's. * Move lynis to src folder for cleanliness. * Remove debug. * Refactor for "shared" system type folder. * Fix FreeBSD gpu.yml location. * Add a default hosts file to hide warnings.
2022-01-10 13:41:54 +00:00
parent b26d94d911
commit 791dc245a6
21 changed files with 468 additions and 468 deletions
--- a/tasks/workstation/shared/settings/gnome.yml
+++ b/tasks/workstation/shared/settings/gnome.yml
@ -0,0 +1,286 @@
+---
+# GNOME settings, extensions, and setup.
+
+# Check for special software that may need added to favorites.
+- name: Workstation | Account Management | GNOME | Facts | Defaults
+  set_fact:
+    browser: "com.github.Eloston.UngoogledChromium.desktop"
+
+- name: Workstation | Account Management | GNOME | Checks | Brave | Locate
+  shell: which brave-browser
+  register: brave
+  ignore_errors: yes
+
+- name: Workstation | Account Management | GNOME | Checks | Brave | Set As Browser
+  set_fact:
+    browser: "brave-browser.desktop"
+  when: not brave.failed
+
+#- name: Workstation | Account Management | GNOME | Checks | LibreWolf | Locate
+#  shell: which librewolf
+#  register: librewolf
+#  ignore_errors: yes
+#
+#- name: Workstation | Account Management | GNOME | Checks | LibreWolf | Set As Browser
+#  set_fact:
+#    browser: "io.gitlab.librewolf-community.desktop"
+#  when: not librewolf.failed or (flatpak_distro is defined and flatpak_distro)
+
+
+# Make sure Gnome-Tweaks is installed
+- name: Workstation | Account Management | GNOME | Install Dependencies
+  package:
+    name: 
+      - "{{ gnome_tweaks }}"
+      - "{{ dconf_editor }}"
+      - "{{ psutil }}"
+    state: present
+
+
+## Dash to Dock Extension ##
+# Note: Validate DtD by checking /org/gnome/shell/enabled-extensions for dash-to-dock@micxgx.gmail.com
+
+- name: Workstation | Account Management | GNOME | Dash To Dock
+  block:
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Check
+    shell: "cd ~/.local/share/gnome-shell/extensions/dash-to-dock@micxgx.gmail.com/"
+    become_user: "{{ user }}"
+    register: dash_to_dock_exists
+
+  # Install # 
+  # https://micheleg.github.io/dash-to-dock/download.html
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Install | Clone Repo
+    git: 
+      repo: https://github.com/micheleg/dash-to-dock.git
+      dest: "~/TRASH/dash-to-dock/"
+      clone: yes
+      force: no
+      version: master
+    become_user: "{{ user }}"
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Install | Dependencies
+    package:
+      name: 
+        - "{{ make }}"
+        - "{{ msgfmt }}"
+        - "{{ sassc }}"
+      state: present
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Install | Make
+    shell: "cd ~/TRASH/dash-to-dock/; {{ make }}; {{ make }} install"
+    become_user: "{{ user }}"
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Read Enabled Extension Array
+    dconf: 
+      key: /org/gnome/shell/enabled-extensions
+      state: read
+    become_user: "{{ user }}"
+    register: gnome_enabled_extensions
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | dconf Return Object
+    debug:
+      var: gnome_enabled_extensions
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
+
+  # https://ansible-docs.readthedocs.io/zh/stable-2.0/rst/playbooks_filters.html#filters-for-formatting-data
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Variables 1
+    set_fact: 
+      gnome_enabled_extensions: "{{ gnome_enabled_extensions.value | replace('@as ', '') }}"
+      dash_to_dock_ext_comma: ""
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | After replace()
+    debug:
+      var: gnome_enabled_extensions
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Variables 2
+    set_fact: 
+      dash_to_dock_ext_comma: ", "
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed and gnome_enabled_extensions not in ("[]", [], "None")
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Variables 3
+    set_fact: 
+      dash_to_dock_ext_name: "{{ dash_to_dock_ext_comma }}'dash-to-dock@micxgx.gmail.com']"
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Variables 4
+    set_fact:
+      gnome_enabled_extensions: "[]"
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed and gnome_enabled_extensions == "None"
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Print Value To Append With
+    debug:
+      var: dash_to_dock_ext_name
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Print Value To Append To
+    debug:
+      var: gnome_enabled_extensions
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Print Combined Value
+    debug:
+      msg: "{{ gnome_enabled_extensions | replace(']', dash_to_dock_ext_name) }}"
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Enable
+    dconf: 
+      key: /org/gnome/shell/enabled-extensions
+      value: "{{ gnome_enabled_extensions | replace(']', dash_to_dock_ext_name) }}"
+      state: present
+    become_user: "{{ user }}"
+    when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
+
+  # Settings #
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Dock Position
+    dconf: 
+      key: /org/gnome/shell/extensions/dash-to-dock/dock-position
+      value: "'LEFT'"
+      state: present
+    become_user: "{{ user }}"
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Dock Fixed
+    dconf: 
+      key: /org/gnome/shell/extensions/dash-to-dock/dock-fixed
+      value: "true"
+      state: present
+    become_user: "{{ user }}"
+
+  - name: Workstation | Account Management | GNOME | Dash To Dock | Icon Size
+    dconf: 
+      key: /org/gnome/shell/extensions/dash-to-dock/dash-max-icon-size
+      value: "32"
+      state: present
+    become_user: "{{ user }}"
+    
+  ignore_errors: yes
+
+- name: Workstation | Account Management | GNOME | Favorites (Linux)
+  dconf: 
+    key: /org/gnome/shell/favorite-apps
+    value: "['org.gnome.Terminal.desktop', 'gnome-system-monitor.desktop', 'org.gnome.Nautilus.desktop', 
+             'io.gitlab.librewolf-community.desktop', '{{ browser }}', 'org.gnome.Evolution.desktop', 
+             'com.vscodium.codium.desktop', 'org.shotcut.Shotcut.desktop', 
+             'org.telegram.desktop.desktop', 'com.discordapp.Discord.desktop', 
+             'io.lbry.lbry-app.desktop',
+             'com.valvesoftware.Steam.desktop']"
+    state: present
+  become_user: "{{ user }}"
+  when: ansible_system == "Linux"
+  
+- name: Workstation | Account Management | GNOME | Favorites (FreeBSD)
+  dconf: 
+    key: /org/gnome/shell/favorite-apps
+    value: "['org.gnome.Terminal.desktop', 'org.gnome.Nautilus.desktop', 
+             'firefox.desktop', 'org.gnome.Evolution.desktop', 'org.mozilla.Thunderbird.desktop', 
+             'code-oss.desktop', 'org.telegram.desktop.desktop']"
+    state: present
+  become_user: "{{ user }}"
+  when: ansible_system == "FreeBSD"
+
+
+## Top Bar Settings ##
+# (Battery Percentage, Clock Weekday+Seconds, Calendar Week Numbers)
+
+- name: Workstation | Account Management | GNOME | Interface - Show Date
+  dconf: 
+    key: /org/gnome/desktop/interface/clock-show-date
+    value: "true"
+    state: present
+  become_user: "{{ user }}"
+
+- name: Workstation | Account Management | GNOME | Interface - 24h Format
+  dconf: 
+    key: /org/gnome/desktop/interface/clock-format
+    value: "'24h'"
+    state: present
+  become_user: "{{ user }}"
+
+- name: Workstation | Account Management | GNOME | Interface - Show Seconds
+  dconf: 
+    key: /org/gnome/desktop/interface/clock-show-seconds
+    value: "true"
+    state: present
+  become_user: "{{ user }}"
+
+- name: Workstation | Account Management | GNOME | Interface - Show Weekday
+  dconf: 
+    key: /org/gnome/desktop/interface/clock-show-weekday
+    value: "true"
+    state: present
+  become_user: "{{ user }}"
+
+- name: Workstation | Account Management | GNOME | Interface - 24h Format
+  dconf: 
+    key: /org/gnome/desktop/interface/show-battery-percentage
+    value: "true"
+    state: present
+  become_user: "{{ user }}"
+
+- name: Workstation | Account Management | GNOME | Interface - Show Week Date
+  dconf: 
+    key: /org/gnome/desktop/calendar/show-weekdate
+    value: "true"
+    state: present
+  become_user: "{{ user }}"
+
+
+# Never Prompt for Removal Media
+
+
+
+# Dark theme?
+#Pop-dark on Pop
+#Adwaita-dark on everything else
+
+
+
+# Window Titlebars (Titlebar Buttons Minimize)
+- name: Workstation | Account Management | GNOME | Window Buttons
+  dconf: 
+    key: /org/gnome/desktop/wm/preferences/button-layout 
+    value: "'appmenu:minimize,close'"
+    state: present
+  become_user: "{{ user }}"
+
+
+# Security
+- name: Workstation | Account Management | GNOME | Privacy - Camera
+  dconf: 
+    key: /org/gnome/desktop/privacy/disable-camera
+    value: "true"
+    state: present
+  become_user: "{{ user }}"
+
+- name: Workstation | Account Management | GNOME | Privacy - Microphone
+  dconf: 
+    key: /org/gnome/desktop/privacy/disable-microphone
+    value: "true"
+    state: present
+  become_user: "{{ user }}"
+
+
+
+# Schemas to try after looking at gsettings list-schemas | sort
+# org.gnome.ControlCenter -- not very interesting
+# org.gnome.desktop.default-applications -- nothing?? Where do we set Brave and Evolution?
+# org.gnome.desktop.interface -- Good stuff in here.
+# org.gnome.desktop.peripherals -- Nothing :(
+# org.gnome.desktop.privacy -- Good stuff here too!! Cool!
+# org.gnome.desktop.session
+# org.gnome.desktop.wm.keybindings
+# org.gnome.desktop.wm.preferences
+# org.gnome.power-manager
+# org.gnome.SessionManager
+# org.gnome.shell
+# org.gnome.shell.extensions.pop-shell
+# org.gnome.shell.keybindings
--- a/tasks/workstation/shared/settings/nfs.yml
+++ b/tasks/workstation/shared/settings/nfs.yml
@ -0,0 +1,62 @@
+---
+# Mount network shares.
+
+- name: Workstation | Settings | NFS | Facts
+  set_fact:
+    media_folder: /mnt/media
+    mount_number: 0
+
+- name: Workstation | Settings | NFS | Facts (Linux)
+  set_fact:
+    mount_options: defaults
+  when: ansible_system == "Linux"
+
+- name: Workstation | Settings | NFS | Facts (FreeBSD)
+  set_fact:
+    mount_options: rw
+  when: ansible_system == "FreeBSD"
+
+
+- name: Workstation | Settings | NFS | Install (Linux)
+  package: 
+    name: 
+      - "{{ nfs }}"
+    state: present
+  when: ansible_system == "Linux"
+
+# https://www.unixmen.com/setup-nfs-server-on-freebsd/
+- name: Workstation | Settings | NFS | Install (FreeBSD)
+  blockinfile:
+    path: "{{ rc_conf }}"
+    marker: "# {mark} MANAGED BY ANSIBLE | NFS Components"
+    block: |
+      nfs_server_enable="YES"
+      nfs_server_flags="-u -t -n 4"
+      rpcbind_enable="YES"
+      mountd_flags="-r"
+      mountd_enable="YES"
+      nfs_client_enable="YES"
+      nfs_client_flags="-n 4"
+      rpc_lockd_enable="YES"
+      rpc_statd_enable="YES"
+    create: yes
+    backup: yes
+  when: ansible_system == "FreeBSD"
+
+
+- name: Workstation | Settings | NFS | Create Folders
+  file: 
+    path: "{{ item }}"
+    state: directory
+    mode: '0777'
+  loop:
+    - "{{ media_folder }}"
+
+
+- name: Workstation | Settings | NFS | Create Mount Instructions
+  blockinfile:
+    path: /etc/fstab
+    marker: "# {mark} MANAGED BY ANSIBLE | Media"
+    block: |
+      htpc:/mnt/hdd_unsafe/media {{ media_folder }} nfs {{ mount_options }} {{ mount_number }} {{ mount_number }}
+    backup: yes
--- a/tasks/workstation/shared/settings/rdp.yml
+++ b/tasks/workstation/shared/settings/rdp.yml
@ -0,0 +1,40 @@
+---
+# Allow remote viewing via open/free RDP.
+
+- name: Workstation | Settings | RDP | FreeBSD | Install
+  package:
+    name: xrdp
+    state: present
+  when: ansible_system == "FreeBSD"
+
+- name: Workstation | Settings | RDP | FreeBSD | Enable
+  blockinfile:
+    path: "{{ rc_conf }}"
+    marker: "# {mark} MANAGED BY ANSIBLE | RDP Components"
+    block: |
+      xrdp_enable="YES"
+      xrdp_sesman_enable="YES"
+    state: present
+    create: yes
+    backup: yes
+  when: ansible_system == "FreeBSD"
+
+- name: Workstation | Settings | RDP | FreeBSD | Enable GNOME
+  lineinfile:
+    path: /usr/local/etc/xrdp/startwm.sh
+    regexp: 'gnome-session'
+    line: 'exec gnome-session # MANAGED BY ANSIBLE'
+    state: present
+    create: yes
+    backup: yes
+  when: ansible_system == "FreeBSD"
+
+- name: Workstation | Settings | RDP | FreeBSD | Disable xterm
+  lineinfile:
+    path: /usr/local/etc/xrdp/startwm.sh
+    regexp: 'xterm'
+    line: '#exec xterm # MANAGED BY ANSIBLE'
+    state: present
+    create: yes
+    backup: yes
+  when: ansible_system == "FreeBSD"
--- a/tasks/workstation/shared/settings/services.yml
+++ b/tasks/workstation/shared/settings/services.yml
@ -0,0 +1,18 @@
+---
+# Enable and disable services.
+
+## CUPS ##
+
+- name: General | Software | Services | Disable CUPS Daemon
+  service:
+    name: "{{ cups }}"
+    pattern: "{{ cups_pattern }}"
+    state: started
+    enabled: yes
+
+- name: General | Software | Services | Disable CUPS-Browse Daemon
+  service:
+    name: "{{ cups_browse }}"
+    pattern: "{{ cups_browse_pattern }}"
+    state: started
+    enabled: yes
--- a/tasks/workstation/shared/settings/vnc.yml
+++ b/tasks/workstation/shared/settings/vnc.yml
@ -0,0 +1,5 @@
+---
+# Allow remote viewing desktops via VNC.
+
+- name: General | Software | Services | VNC | TBD
+  shell: echo "TBD"