2026-05-17 21:33:03 +02:00
|
|
|
---
|
feat: vollst. Installations-Doku, Ansible-Rollen ausimplementiert, claude_workspace-Rolle
- docs/installation.md: Netinstall + Dualboot Schritt-für-Schritt (LUKS nur am Notebook)
- docs/postinstall-ansible.md: Ablauf + restmanuelle Schritte
- roles/base: APT-Sources mit non-free-firmware + Backports, Locale, Tastatur, Zeitzone, Grundpakete
- roles/desktop_kde: Plasma 6 + SDDM (ohne Recommends, kompakt)
- roles/hardening: SSH key-only, UFW, unattended-upgrades
- roles/dev_tools: Node.js via NodeSource, Python, Perl, Git-Defaults
- roles/workstation_apps: Firefox, Thunderbird, LibreOffice, Codecs, KeePassXC
- roles/claude_workspace (NEU): Claude Code + ccusage, SSH-Key für Gitea, Workspace-Clone (recurse-submodules), ~/.claude/settings.json
- site.yml: alle Rollen mit Tags
2026-05-17 21:46:23 +02:00
|
|
|
- name: APT-Quellen mit contrib + non-free-firmware + (Backports)
|
|
|
|
|
ansible.builtin.copy:
|
|
|
|
|
dest: /etc/apt/sources.list
|
|
|
|
|
mode: '0644'
|
|
|
|
|
content: |
|
|
|
|
|
deb http://deb.debian.org/debian/ trixie main contrib non-free-firmware
|
|
|
|
|
deb http://security.debian.org/debian-security trixie-security main contrib non-free-firmware
|
|
|
|
|
deb http://deb.debian.org/debian/ trixie-updates main contrib non-free-firmware
|
|
|
|
|
{% if enable_backports | default(true) %}
|
|
|
|
|
deb http://deb.debian.org/debian/ trixie-backports main contrib non-free-firmware
|
|
|
|
|
{% endif %}
|
|
|
|
|
register: apt_sources
|
|
|
|
|
|
|
|
|
|
- name: APT cache aktualisieren
|
|
|
|
|
ansible.builtin.apt:
|
|
|
|
|
update_cache: true
|
|
|
|
|
when: apt_sources.changed
|
|
|
|
|
|
|
|
|
|
- name: Locale-Paket
|
|
|
|
|
ansible.builtin.apt:
|
|
|
|
|
name: locales
|
|
|
|
|
state: present
|
|
|
|
|
cache_valid_time: 3600
|
|
|
|
|
|
|
|
|
|
- name: Locale aktivieren
|
|
|
|
|
ansible.builtin.lineinfile:
|
|
|
|
|
path: /etc/locale.gen
|
|
|
|
|
regexp: "^# ?{{ locale }} "
|
|
|
|
|
line: "{{ locale }} UTF-8"
|
|
|
|
|
register: locale_line
|
|
|
|
|
|
|
|
|
|
- name: locale-gen ausführen
|
|
|
|
|
ansible.builtin.command: locale-gen
|
|
|
|
|
when: locale_line.changed
|
|
|
|
|
|
|
|
|
|
- name: Standard-Locale setzen
|
|
|
|
|
ansible.builtin.copy:
|
|
|
|
|
dest: /etc/default/locale
|
|
|
|
|
mode: '0644'
|
|
|
|
|
content: "LANG={{ locale }}\n"
|
|
|
|
|
|
|
|
|
|
- name: Tastaturlayout
|
|
|
|
|
ansible.builtin.copy:
|
|
|
|
|
dest: /etc/default/keyboard
|
|
|
|
|
mode: '0644'
|
|
|
|
|
content: |
|
|
|
|
|
XKBMODEL="pc105"
|
|
|
|
|
XKBLAYOUT="{{ keyboard_layout }}"
|
|
|
|
|
XKBVARIANT=""
|
|
|
|
|
XKBOPTIONS=""
|
|
|
|
|
BACKSPACE="guess"
|
|
|
|
|
|
|
|
|
|
- name: Zeitzone
|
|
|
|
|
ansible.builtin.command: "timedatectl set-timezone {{ timezone }}"
|
|
|
|
|
changed_when: false
|
|
|
|
|
|
|
|
|
|
- name: Grundpakete
|
|
|
|
|
ansible.builtin.apt:
|
|
|
|
|
name:
|
|
|
|
|
- sudo
|
|
|
|
|
- curl
|
|
|
|
|
- wget
|
|
|
|
|
- gnupg
|
|
|
|
|
- ca-certificates
|
|
|
|
|
- apt-transport-https
|
|
|
|
|
- vim
|
|
|
|
|
- htop
|
|
|
|
|
- tmux
|
|
|
|
|
- rsync
|
|
|
|
|
- net-tools
|
|
|
|
|
- dnsutils
|
|
|
|
|
- firmware-linux
|
|
|
|
|
- firmware-linux-nonfree
|
|
|
|
|
- lsb-release
|
|
|
|
|
- bash-completion
|
|
|
|
|
- man-db
|
|
|
|
|
state: present
|
|
|
|
|
|
|
|
|
|
- name: Extra-Pakete je Host
|
|
|
|
|
ansible.builtin.apt:
|
|
|
|
|
name: "{{ extra_packages }}"
|
|
|
|
|
state: present
|
|
|
|
|
when: extra_packages | default([]) | length > 0
|
