--- - name: Basis-Konfiguration für Debian VMs hosts: all become: yes vars: # Pfad auf dem Ansible-LXC (Quelle) source_folder: "/ansible/komodo/" # Pfad auf der Ziel-VM (Ziel) dest_folder: "/app-config/komodo/" tasks: - name: SSH Key für Benutzer sascha hinterlegen ansible.posix.authorized_key: user: chris state: present key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}" - name: Standard Debian Trixie Repositories setzen copy: dest: /etc/apt/sources.list content: | deb http://ftp.gwdg.de/debian/ trixie main non-free-firmware non-free contrib deb-src http://ftp.gwdg.de/debian/ trixie main non-free-firmware non-free contrib deb http://security.debian.org/debian-security trixie-security main non-free-firmware non-free contrib deb-src http://security.debian.org/debian-security trixie-security main non-free-firmware non-free contrib deb http://ftp.gwdg.de/debian/ trixie-updates main non-free-firmware non-free contrib deb-src http://ftp.gwdg.de/debian/ trixie-updates main non-free-firmware non-free contrib owner: root group: root mode: '0644' register: repo_status - name: Apt Cache aktualisieren (falls Repos geändert wurden) apt: update_cache: yes when: repo_status.changed - name: Installiere benötigte Basis-Pakete apt: name: - curl - gnupg - ca-certificates - sudo - wget - vim - mc state: present update_cache: yes - name: Locales-Paket sicherstellen apt: name: locales state: present - name: en_US.UTF-8 Locale generieren locale_gen: name: en_US.UTF-8 state: present - name: Systemweite Sprache auf en_US.UTF-8 setzen debconf: name: locales question: locales/default_environment_locale value: en_US.UTF-8 vtype: select - name: Locale-Datei manuell schreiben (Sicherheitsnetz) copy: dest: /etc/default/locale content: | LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 - name: Verzeichnis für Keyrings erstellen file: path: /etc/apt/keyrings state: directory mode: '0755' - name: Docker GPG Key herunterladen (Modern) get_url: url: https://download.docker.com/linux/debian/gpg dest: /etc/apt/keyrings/docker.asc mode: '0644' - name: Docker Repository Datei erstellen copy: dest: /etc/apt/sources.list.d/docker.list content: "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian bookworm stable" mode: '0644' register: docker_repo - name: Paketliste aktualisieren apt: update_cache: yes when: docker_repo.changed - name: Docker Engine installieren apt: name: - docker-ce - docker-ce-cli - containerd.io - docker-compose-plugin state: present - name: Zielverzeichnis auf der VM erstellen file: path: "{{ dest_folder }}" state: directory mode: '0755' # 2. Sudoers anpassen (Ohne Passwort-Abfrage für die Gruppe sudo) - name: Gruppe sudo passwortloses sudo erlauben lineinfile: path: /etc/sudoers state: present regexp: '^%sudo' line: '%sudo ALL=(ALL:ALL) NOPASSWD: ALL' validate: '/usr/sbin/visudo -cf %s' # 3. Sascha in Gruppen stecken - name: Benutzer sascha zu sudo und docker Gruppen hinzufügen user: name: sascha groups: sudo,docker append: yes - name: Unnötige Pakete entfernen apt: autoremove: yes - name: QEMU Guest Agent installieren und starten apt: name: qemu-guest-agent state: present - name: Agent Dienst aktivieren service: name: qemu-guest-agent state: started enabled: yes