sascha/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

initial pfannkuchen

Browse source
This commit is contained in:
sascha 2026-03-30 15:19:20 +02:00
parent b6dafc7a73
commit 4d305fa19f
99 changed files with 3575 additions and 321 deletions
Download patch file Download diff file Expand all files Collapse all files

140
base-debian.yml
View file

@ -2,140 +2,6 @@
- name: Basis-Konfiguration für Debian VMs
hosts: all
become: yes
vars:
# Pfad auf dem Ansible-LXC (Quelle)
source_folder: "/ansible/komodo/"
# Pfad auf der Ziel-VM (Ziel)
dest_folder: "/app-config/komodo/"
tasks:
- name: SSH Key für Benutzer sascha hinterlegen
ansible.posix.authorized_key:
user: chris
state: present
key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
- name: Standard Debian Trixie Repositories setzen
copy:
dest: /etc/apt/sources.list
content: |
deb http://ftp.gwdg.de/debian/ trixie main non-free-firmware non-free contrib
deb-src http://ftp.gwdg.de/debian/ trixie main non-free-firmware non-free contrib
deb http://security.debian.org/debian-security trixie-security main non-free-firmware non-free contrib
deb-src http://security.debian.org/debian-security trixie-security main non-free-firmware non-free contrib
deb http://ftp.gwdg.de/debian/ trixie-updates main non-free-firmware non-free contrib
deb-src http://ftp.gwdg.de/debian/ trixie-updates main non-free-firmware non-free contrib
owner: root
group: root
mode: '0644'
register: repo_status
- name: Apt Cache aktualisieren (falls Repos geändert wurden)
apt:
update_cache: yes
when: repo_status.changed
- name: Installiere benötigte Basis-Pakete
apt:
name:
- curl
- gnupg
- ca-certificates
- sudo
- wget
- vim
- mc
state: present
update_cache: yes
- name: Locales-Paket sicherstellen
apt:
name: locales
state: present
- name: en_US.UTF-8 Locale generieren
locale_gen:
name: en_US.UTF-8
state: present
- name: Systemweite Sprache auf en_US.UTF-8 setzen
debconf:
name: locales
question: locales/default_environment_locale
value: en_US.UTF-8
vtype: select
- name: Locale-Datei manuell schreiben (Sicherheitsnetz)
copy:
dest: /etc/default/locale
content: |
LANG=en_US.UTF-8
LC_ALL=en_US.UTF-8
- name: Verzeichnis für Keyrings erstellen
file:
path: /etc/apt/keyrings
state: directory
mode: '0755'
- name: Docker GPG Key herunterladen (Modern)
get_url:
url: https://download.docker.com/linux/debian/gpg
dest: /etc/apt/keyrings/docker.asc
mode: '0644'
- name: Docker Repository Datei erstellen
copy:
dest: /etc/apt/sources.list.d/docker.list
content: "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian bookworm stable"
mode: '0644'
register: docker_repo
- name: Paketliste aktualisieren
apt:
update_cache: yes
when: docker_repo.changed
- name: Docker Engine installieren
apt:
name:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-compose-plugin
state: present
- name: Zielverzeichnis auf der VM erstellen
file:
path: "{{ dest_folder }}"
state: directory
mode: '0755'
# 2. Sudoers anpassen (Ohne Passwort-Abfrage für die Gruppe sudo)
- name: Gruppe sudo passwortloses sudo erlauben
lineinfile:
path: /etc/sudoers
state: present
regexp: '^%sudo'
line: '%sudo ALL=(ALL:ALL) NOPASSWD: ALL'
validate: '/usr/sbin/visudo -cf %s'
# 3. Sascha in Gruppen stecken
- name: Benutzer sascha zu sudo und docker Gruppen hinzufügen
user:
name: sascha
groups: sudo,docker
append: yes
- name: Unnötige Pakete entfernen
apt:
autoremove: yes
- name: QEMU Guest Agent installieren und starten
apt:
name: qemu-guest-agent
state: present
- name: Agent Dienst aktivieren
service:
name: qemu-guest-agent
state: started
enabled: yes
roles:
- base
- docker