Ansible Playbook: manage_linux_workstations

Purpose

Manage Linux Workstations.

Supported features in the current version:

  • Configure IAM
    • Create users
    • Create groups
    • Create sudoers rules
  • Provision and configure shells
  • Provision and configure AutoFS
  • Install fonts
  • Install native Desktop Managers and tools
    • DConf
    • Cinnamon
  • Install and configure GUI-based tools
    • Tilix
  • Install and configure TUI-based tools
    • mc
  • Provision container engines
    • docker
    • podman
  • Configure OpenSSH
    • client
    • server

Use Cases

Provision users to Linux Workstation

/opt/aplatform64/bin/ap64.sh -n -p manage_linux_workstations -s <SITE>

Playbook Parameters

Inventory

Register the hosts that will consume the service in the Ansible Inventory file:

  • File: inventories/<SITE>/linux_workstations.ini
  • Host Group: linux_workstations

End State

A dedicated group_vars directory is used to store end-state configuration settings for both the playbook and related Ansible Roles.

Set playbook specific settings in the file: inventories/<SITE>/group_vars/linux_workstations/manage_linux_workstations.yml

linux_workstations_component:
  autofs:
  cinnamon:
  dconf:
  docker:
  fonts:
  mc:
  openssh_client:
  openssh_server:
  podman:
  shell:
  sudo:
  tilix:
  users:
Parameter Required? Type Default Purpose / Value
linux_workstations_component no dictionary Define what applications will be deployed
linux_workstations_component.autofs no boolean false Enable components?
linux_workstations_component.cinnamon no boolean false Enable components?
linux_workstations_component.dconf no boolean false Enable components?
linux_workstations_component.docker no boolean false Enable components?
linux_workstations_component.fonts no boolean true Enable components?
linux_workstations_component.mc no boolean true Enable components?
linux_workstations_component.openssh_client no boolean true Enable components?
linux_workstations_component.openssh_server no boolean true Enable components?
linux_workstations_component.podman no boolean false Enable components?
linux_workstations_component.sudo no boolean true Enable components?
linux_workstations_component.shell no boolean true Enable components?
linux_workstations_component.tilix no boolean false Enable components?
linux_workstations_component.users no boolean true Enable components?

Additional role specific settings are available to further customize the playbook:

A:Platform64 role group_vars file
serdigital64.system.sys_mc inventories/<SITE>/group_vars/linux_workstations/sys_mc.yml
serdigital64.system.sys_repository inventories/<SITE>/group_vars/linux_workstations/sys_repository.yml
serdigital64.system.sys_sudo inventories/<SITE>/group_vars/linux_workstations/sys_sudo.yml
serdigital64.system.sys_shell inventories/<SITE>/group_vars/linux_workstations/sys_shell.yml
serdigital64.system.sys_user inventories/<SITE>/group_vars/linux_workstations/sys_user.yml
serdigital64.storage.stg_autofs inventories/<SITE>/group_vars/linux_workstations/stg_autofs.yml

Deployment

OS Compatibility

OS compatibility is role dependant. Please refer to the respective role documentation.

Dependencies

Dependencies in this section are automatically solved during the installation process.

  • Ansible Collections:
    • serdigital64.application
    • serdigital64.backup
    • serdigital64.container
    • serdigital64.security
    • serdigital64.system
    • serdigital64.storage

Prerequisites

  • Ansible:
    • Control Node: A:Platform64 installed and configured
    • Managed Nodes: target hosts prepared for A:Platform64 control

Installation Procedure

The playbook is automatically deployed during the A:Platform64 installation process

Contributing

Help on implementing new features and maintaining the code base is welcomed.

Please see the guidelines for further details.

Author

License

GPL-3.0-or-later