add: Distro-Entscheidung (Debian 13 + KDE), Ansible-Skelett, ADR

2026-05-17 21:33:03 +02:00
parent 8885643b84
commit 0f81a6f6eb
14 changed files with 157 additions and 20 deletions
--- a/ansible/ansible.cfg
+++ b/ansible/ansible.cfg
@@ -0,0 +1,10 @@
+[defaults]
+inventory = inventory.yml
+host_key_checking = False
+retry_files_enabled = False
+stdout_callback = yaml
+roles_path = roles
+interpreter_python = auto_silent
+
+[ssh_connection]
+pipelining = True
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -0,0 +1,15 @@
+---
+# Defaults für alle Workstations
+timezone: Europe/Berlin
+locale: de_DE.UTF-8
+keyboard_layout: de
+
+# APT
+apt_components:
+  - main
+  - contrib
+  - non-free-firmware
+enable_backports: true
+
+# Benutzer
+primary_user: tom
--- a/ansible/host_vars/notebook.yml
+++ b/ansible/host_vars/notebook.yml
@@ -0,0 +1,7 @@
+---
+# Hardware: TBD
+# Besonderheiten Notebook: Akku-Management, WLAN-Firmware, Suspend
+extra_packages:
+  - tlp
+  - powertop
+  - firmware-iwlwifi  # bei Intel-WLAN
--- a/ansible/host_vars/pc.yml
+++ b/ansible/host_vars/pc.yml
@@ -0,0 +1,3 @@
+---
+# Hardware: TBD
+extra_packages: []
--- a/ansible/host_vars/werkstatt.yml
+++ b/ansible/host_vars/werkstatt.yml
@@ -0,0 +1,4 @@
+---
+# Hardware: TBD
+# Werkstatt-Rolle: ggf. CAD-Viewer, Druckdienste, weniger Multimedia
+extra_packages: []
--- a/ansible/inventory.yml
+++ b/ansible/inventory.yml
@@ -0,0 +1,13 @@
+all:
+  children:
+    workstations:
+      hosts:
+        notebook:
+          ansible_host: notebook.egonlebt.lan
+        pc:
+          ansible_host: pc.egonlebt.lan
+        werkstatt:
+          ansible_host: werkstatt.egonlebt.lan
+      vars:
+        ansible_user: tom
+        ansible_become: true
--- a/ansible/roles/base/tasks/main.yml
+++ b/ansible/roles/base/tasks/main.yml
@@ -0,0 +1,3 @@
+---
+# Grundsystem: APT-Quellen, Lokalisierung, Firmware, Hilfspakete
+# TODO: implementieren — Skeleton-Datei
--- a/ansible/roles/desktop_kde/tasks/main.yml
+++ b/ansible/roles/desktop_kde/tasks/main.yml
@@ -0,0 +1,3 @@
+---
+# KDE Plasma 6, SDDM, KDE-Anwendungen
+# TODO: implementieren — Skeleton-Datei
--- a/ansible/roles/dev_tools/tasks/main.yml
+++ b/ansible/roles/dev_tools/tasks/main.yml
@@ -0,0 +1,3 @@
+---
+# Git, Editor, Sprachen (Python/Node/Perl für FHEM)
+# TODO: implementieren — Skeleton-Datei
--- a/ansible/roles/hardening/tasks/main.yml
+++ b/ansible/roles/hardening/tasks/main.yml
@@ -0,0 +1,3 @@
+---
+# SSH-Hardening, UFW, unattended-upgrades, fail2ban
+# TODO: implementieren — Skeleton-Datei
--- a/ansible/roles/workstation_apps/tasks/main.yml
+++ b/ansible/roles/workstation_apps/tasks/main.yml
@@ -0,0 +1,3 @@
+---
+# Browser, Office, Multimedia-Codecs
+# TODO: implementieren — Skeleton-Datei
--- a/ansible/site.yml
+++ b/ansible/site.yml
@@ -0,0 +1,10 @@
+---
+- name: Provision Linux workstations
+  hosts: workstations
+  gather_facts: true
+  roles:
+    - base
+    - desktop_kde
+    - hardening
+    - dev_tools
+    - workstation_apps