add basic provisioning role: installs packages, sets timezone

Readme.md

@@ -8,6 +8,11 @@ vagrant ssh devbox
 cd /vagrant
 ansible-playbook playbook.yml --connection=local -i devbox, -e ansible_become=true
 
+# SSH configuration
+https://www.vagrantup.com/docs/vagrantfile/ssh_settings.html
+config.ssh.insert_key=True
+Vagrant adds its own private/public key pair to the box. Private key will be stored on the executing box in $(pwd)/.vagrant folder.
+
 # Graphics card issues
 Issues with nvidia graphics card (NVIDIA Corporation GK106GLM [Quadro K2100M]).
 * Use latest virtualbox / vagrant

Vagrantfile

@@ -23,8 +23,7 @@ Vagrant.configure("2") do |config|
   config.vm.hostname = "devbox.devops.detss.corpintra.net"
 
   # proxy configuration
-  if ENV.key?("http_proxy")
-    # requires additional vagrant plugin vagrant-proxyconf
+  if Vagrant.has_plugin?("vagrant-proxyconf") and ENV.key?("http_proxy")
     config.proxy.http = ENV["http_proxy"]
     config.proxy.https = ENV["https_proxy"]
     config.proxy.no_proxy = ENV["no_proxy"]
@@ -62,6 +61,9 @@ Vagrant.configure("2") do |config|
   end
 
   # add ssh key
+  if !File.file?("#{Dir.home}/.ssh/id_rsa.pub")
+    puts "No SSH key found."
+  end
   config.vm.provision "shell" do |s|
     ssh_pub_key = File.readlines("#{Dir.home}/.ssh/id_rsa.pub").first.strip
     s.inline = <<-SHELL

ansible.cfg

+[defaults]
+roles_path = roles:local_roles
+

local_roles/base/defaults/main.yml

+base_packages: ["htop", "tmux", "nmap", "dnsutils", "tcpdump", "vim", "emacs-nox",
+                "multitail", "apt-transport-https", "jq"]
+base_locales_generated:
+  - "de_DE.UTF-8 UTF-8"
+  - "en_US.UTF-8 UTF-8"
+base_locales_default: "de_DE.UTF-8"
+base_timezone: "Europe/Berlin"
+
+base_custom_packages:
+  system: ['apt-file', 'unzip', 'gparted', 'mailutils', 'tree', 'iotop']
+  shell: ['tmux']
+  system_dns: ['haveged', 'bind9utils']
+  revision: ['git', 'subversion']
+  web: ['thunderbird']  # 'firefox' firefox-esr in debian
+  ftp: ['filezilla']
+  network: ['openssh-server', 'openvpn', 'whois', 'nmap', 'netcat',
+            'tcpdump', 'iftop', 'iperf',
+            'dnsutils', 'wireshark', 'net-tools',
+            'etherwake'
+            ]
+  #webserver: ['nginx', 'php-fpm']
+  #remote: ['xtightvncviewer', 'vnc4server', 'x11vnc', 'linuxvnc']
+  #cdburning: ['ripperx', 'k3b', 'brasero']
+  scanner: ['simple-scan']
+  editors: ['vim', 'emacs-nox', 'bluefish', 'libreoffice-common', 'geany']
+  #messaging: ['pidgin', 'pidgin-otr']
+  #image: ['imagemagick', 'gimp']
+  #camera: ['digikam', 'libimage-exiftool-perl', 'hugin', 'luminance-hdr']
+  latex: ['texlive-full', 'kile', 'pdfsam', 'ghostscript', 'lyx']
+  security: ['apparmor-utils', 'pwgen', 'keepass2', 'cryptsetup']
+  #audio/video: ['vlc', 'cheese', 'audacity', 'soundconverter', 'devede', 'handbrake', 'ffmpeg', 'rhythmbox']
+  #virtualisation: ['virtualbox', 'qemu']
+  #programming: ['ipython', 'ipython3', 'python-dev']
+  #programming: ['xvfb', 'chromium-chromedriver']
+  python: ['python-hamcrest']
+  make: ['build-essential', 'automake']

local_roles/base/handlers/main.yml

+- name: reconfigure locales
+  command: dpkg-reconfigure -f noninteractive locales
+
+- name: "reload systemd journal"
+  service:
+    name: systemd-journald
+    state: 'restarted'

local_roles/base/tasks/debian_apt-file.yml

+- name: "Install APT package searching utility 'apt-file'"
+  apt:
+    pkg: "apt-file"
+    state: "present"
+    update_cache: yes
+    cache_valid_time: 3600
+  register: _apt_file_task
+
+- name: "Update apt-file cache if necessary"
+  shell: "apt-file update"
+  when: _apt_file_task.changed

local_roles/base/tasks/locale.yml

+- name: Enable locales that you wish to have built.
+  lineinfile:
+    dest: '/etc/locale.gen'
+    regexp: '^{{ item }}$'
+    line: '{{ item }}'
+    state: 'present'
+  with_items:
+  - "{{ base_locales_generated }}"
+  notify: reconfigure locales
+
+- name: set default locale
+  lineinfile:
+    dest: "/etc/default/locale"
+    regexp: "^LANG="
+    line: "LANG={{ base_locales_default }}"
+  notify: reconfigure locales

local_roles/base/tasks/main.yml

+- name: "Install base packages"
+  apt:
+    pkg: "{{ base_packages }}"
+    state: 'present'
+    update_cache: yes
+    cache_valid_time: 3600
+
+- import_tasks: debian_apt-file.yml
+
+- import_tasks: locale.yml
+- import_tasks: timezone.yml
+
+- import_tasks: systemd-persistent-journal.yml
+
+- name: "Install custom packages"
+  apt:
+    pkg: "{{ base_custom_packages.values() | sum(start=[]) }}"
+    state: 'present'
+  when: base_custom_packages is defined

local_roles/base/tasks/systemd-persistent-journal.yml

+# This enables persistent logs (default is only current log since boot)
+#
+# journalctl -b -1
+
+- name: Create systemd journal directory
+  file:
+    path: /var/log/journal
+    state: directory
+    owner: root
+    group: systemd-journal
+  notify: "reload systemd journal"
+  register: _base_systemd_journal_directory
+
+- name: Create files in systemd journal directory
+  command: systemd-tmpfiles --create --prefix /var/log/journal
+  when: _base_systemd_journal_directory.changed
+
+- name: Template journald.conf
+  template:
+    src: journald.conf.j2
+    dest: /etc/systemd/journald.conf
+    mode: 0644
+    owner: root
+    group: root
+  notify: "reload systemd journal"

local_roles/base/tasks/timezone.yml

+- name: "Set timezone to {{ base_timezone }}"
+  timezone:
+    name: "{{ base_timezone }}"

local_roles/base/templates/journald.conf.j2

+[Journal]
+Storage=persistent
+SystemMaxUse=400M
+SystemMaxFileSize=30M
+RuntimeMaxUse=250M
+RuntimeMaxFileSize=30M
+Compress=yes
\ No newline at end of file

playbook.yml

@@ -14,6 +14,7 @@
   - {role: "geerlingguy.docker", docker_users: ["vagrant"], tags: "docker"}
   - {role: 'jetbrains_installer', tags: ['jetbrains']}
   - {role: 'webofmars.xfce4-desktop', tags: ['desktop']}
+  - {role: 'base', tags: ['base']}
   post_tasks:
     - import_tasks: tasks/xfce4_configuration.yml
       tags: desktop_config