mirror of
https://github.com/Websoft9/websoft9.git
synced 2025-01-24 01:50:19 +08:00
os suport
This commit is contained in:
parent
8b871e5214
commit
6ef98dd4eb
17
apps/roles/os/CHANGELOG.md
Normal file
17
apps/roles/os/CHANGELOG.md
Normal file
@ -0,0 +1,17 @@
|
||||
# CHANGELOG
|
||||
|
||||
## To do
|
||||
|
||||
1. 更详细的规范说明
|
||||
2. VNC服务无法kill进程的问题
|
||||
|
||||
## Logs
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* 2020-02-14
|
||||
|
||||
### Features
|
||||
|
||||
* 2020-03-27 将Cloud Agent 相关部分移到role_cloud
|
||||
* 2020-03-27 创建本模板语法
|
44
apps/roles/os/Notes.md
Normal file
44
apps/roles/os/Notes.md
Normal file
@ -0,0 +1,44 @@
|
||||
## 可视化
|
||||
|
||||
Linux 可视化可以从 Desktop 和 Web GUI 两个方案考量。不同的操作系统发行版加上可视化的翅膀后,可以形成20个镜像商品
|
||||
|
||||
### Desktop
|
||||
|
||||
* Desktop: KDE, GNOME, 深度等
|
||||
* Server: VNCServer,XDRP Server(依赖VNCServer)
|
||||
* 客户端:VNC和Windows远程桌面客户端
|
||||
|
||||
最好可以支持两种客户端
|
||||
|
||||
### Web-GUI
|
||||
|
||||
Cockpit 是红帽开发的网页版图像化服务管理工具,优点是无需中间层,且可以管理多种服务。
|
||||
|
||||
Cockpit 安装已经移到 role_common
|
||||
|
||||
|
||||
## 上传OS
|
||||
|
||||
目前有如下 Linux 发行版有分发的价值:
|
||||
|
||||
* Oracle Linux
|
||||
* 深度
|
||||
|
||||
上传的自定义镜像OS,除了满足云平台要求之外,还需额外安装云平添的 Cloud Agent,例如:阿里云的安骑士。
|
||||
|
||||
## 待研究
|
||||
|
||||
1. 安装tigerVNC 之后,默认生成了 vncserver@.server模板,本Ansible role 中的service模板是修改后的内容
|
||||
2. 所有的启动设置之前,都可以加上一个连词号(-),表示"抑制错误",即发生错误的时候,不影响其他命令的执行
|
||||
|
||||
## 常见问题
|
||||
|
||||
#### 阿里云上 OracleLinux 无法通过控制台下发秘钥对?
|
||||
|
||||
确保安骑士服务启动,且安骑士版本是阿里云版本
|
||||
|
||||
#### Oracle Linux 如何安装 epel 等软件包?
|
||||
|
||||
Oracle Linux 提供了非常快捷等安装方式([参考](https://yum.oracle.com/getting-started.html#installing-software-from-oracle-linux-yum-server))
|
||||
例如:yum install oracle-epel-release-el8
|
||||
|
63
apps/roles/os/README.md
Normal file
63
apps/roles/os/README.md
Normal file
@ -0,0 +1,63 @@
|
||||
Ansible Role: OS
|
||||
=========
|
||||
|
||||
本 Role 在是一个模块化role的模板格式,用于规范化模块化role的创作。接来下的内容是模块化role的readme格式
|
||||
|
||||
## Requirements
|
||||
|
||||
运行本 Role,请确认符合如下的必要条件:
|
||||
|
||||
| **Items** | **Details** |
|
||||
| ------------------| ------------------|
|
||||
| Operating system | CentOS7.x Ubuntu18.04 AmazonLinux|
|
||||
| Python 版本 | Python2 |
|
||||
| Python 组件 | |
|
||||
| Runtime | |
|
||||
|
||||
|
||||
## Related roles
|
||||
|
||||
本 Role 在语法上不依赖其他 role 的变量,但程序运行时需要确保已经运行: common。以下为例:
|
||||
|
||||
```
|
||||
roles:
|
||||
- {role: role_common, tags: "role_common"}
|
||||
- {role: role_cloud, tags: "role_cloud"}
|
||||
- {role: role_os, tags: "role_os"}
|
||||
```
|
||||
|
||||
|
||||
## Variables
|
||||
|
||||
本 Role 主要变量以及使用方法如下:
|
||||
|
||||
| **Items** | **Details** | **Format** | **是否初始化** |
|
||||
| ------------------| ------------------|-----|-----|
|
||||
| os_gui | gnome,kde | 字符串 | 否 |
|
||||
| os_connection | vnc | 字符串 | 否 |
|
||||
|
||||
注意:
|
||||
|
||||
1. os_connection 目前只支持vnc
|
||||
|
||||
## Example
|
||||
|
||||
```
|
||||
- name: Memcached
|
||||
hosts: all
|
||||
become: yes
|
||||
become_method: sudo
|
||||
vars_files:
|
||||
- vars/main.yml
|
||||
|
||||
roles:
|
||||
- {role: role_common, tags: "role_common"}
|
||||
- {role: role_cloud, tags: "role_cloud"}
|
||||
- {role: role_os, tags: "role_os"}
|
||||
```
|
||||
|
||||
## FAQ
|
||||
|
||||
1. 注意变量命名一定要符合role名称在前的规范
|
||||
2. 尽量减少role之间的依赖关系
|
||||
3. role默认变量设置要科学,即默认变量下语法是顺畅的
|
10
apps/roles/os/defaults/main.yml
Normal file
10
apps/roles/os/defaults/main.yml
Normal file
@ -0,0 +1,10 @@
|
||||
# Install Desktop, e.g [gnome,kde]
|
||||
# Debian support: gnome, kde, xfce
|
||||
# RedHat support: gnome, kde
|
||||
|
||||
os_desktop:
|
||||
|
||||
# alibabacloud | tencentcloud | huaweicloud | aws | azure
|
||||
os_cloudplatform:
|
||||
|
||||
os_aegis_download_url: "https://aegis.alicdn.com/download/install/2.0/linux/AliAqsInstall_64.sh"
|
45
apps/roles/os/files/vncserver-service-unit
Normal file
45
apps/roles/os/files/vncserver-service-unit
Normal file
@ -0,0 +1,45 @@
|
||||
# The vncserver service unit file
|
||||
# /usr/lib/systemd/system/vncserver@.service
|
||||
# Quick HowTo:
|
||||
# 1. Copy this file to /etc/systemd/system/vncserver@.service
|
||||
# 2. Replace <USER> with the actual user name and edit vncserver
|
||||
# parameters in the wrapper script located in /usr/bin/vncserver_wrapper
|
||||
# 3. Run `systemctl daemon-reload`
|
||||
# 4. Run `systemctl enable vncserver@:<display>.service`
|
||||
#
|
||||
# DO NOT RUN THIS SERVICE if your local area network is
|
||||
# untrusted! For a secure way of using VNC, you should
|
||||
# limit connections to the local host and then tunnel from
|
||||
# the machine you want to view VNC on (host A) to the machine
|
||||
# whose VNC output you want to view (host B)
|
||||
#
|
||||
# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB
|
||||
#
|
||||
# this will open a connection on port 590N of your hostA to hostB's port 590M
|
||||
# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB).
|
||||
# See the ssh man page for details on port forwarding)
|
||||
#
|
||||
# You can then point a VNC client on hostA at vncdisplay N of localhost and with
|
||||
# the help of ssh, you end up seeing what hostB makes available on port 590M
|
||||
#
|
||||
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
|
||||
#
|
||||
# Use "-localhost" to prevent remote VNC clients connecting except when
|
||||
# doing so through a secure tunnel. See the "-via" option in the
|
||||
# `man vncviewer' manual page.
|
||||
|
||||
|
||||
[Unit]
|
||||
Description=Remote desktop service (VNC)
|
||||
After=syslog.target network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
|
||||
# Clean any existing files in /tmp/.X11-unix environment
|
||||
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
|
||||
ExecStart=/usr/bin/vncserver_wrapper <USER> %i
|
||||
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
17
apps/roles/os/files/vncserver.service
Normal file
17
apps/roles/os/files/vncserver.service
Normal file
@ -0,0 +1,17 @@
|
||||
[Unit]
|
||||
Description=Start TightVNC server at startup
|
||||
After=syslog.target network.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
User=user
|
||||
Group=group
|
||||
WorkingDirectory=/home/user
|
||||
|
||||
PIDFile=/home/user/.vnc/%H:1.pid
|
||||
ExecStartPre=-/usr/bin/vncserver -kill :* > /dev/null 2>&1
|
||||
ExecStart=/usr/bin/vncserve :1
|
||||
ExecStop=/usr/bin/vncserver -kill :1
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
11
apps/roles/os/handlers/main.yml
Normal file
11
apps/roles/os/handlers/main.yml
Normal file
@ -0,0 +1,11 @@
|
||||
- name: check_vncserver_service
|
||||
debug:
|
||||
var: check_vncserver_service.stdout
|
||||
|
||||
- name: check_xrdp_service
|
||||
debug:
|
||||
var: check_xrdp_service.stdout
|
||||
|
||||
- name: check_cockpit_service
|
||||
debug:
|
||||
var: check_cockpit_service.stdout
|
19
apps/roles/os/meta/main.yml
Normal file
19
apps/roles/os/meta/main.yml
Normal file
@ -0,0 +1,19 @@
|
||||
---
|
||||
dependencies: []
|
||||
|
||||
galaxy_info:
|
||||
author:
|
||||
description:
|
||||
company:
|
||||
license:
|
||||
min_ansible_version:
|
||||
platforms:
|
||||
- name: EL
|
||||
versions:
|
||||
- 7
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- 18.04
|
||||
|
||||
galaxy_tags:
|
||||
|
2
apps/roles/os/tasks/Debian.yml
Normal file
2
apps/roles/os/tasks/Debian.yml
Normal file
@ -0,0 +1,2 @@
|
||||
|
||||
|
0
apps/roles/os/tasks/RedHat.yml
Normal file
0
apps/roles/os/tasks/RedHat.yml
Normal file
105
apps/roles/os/tasks/desktop.yml
Normal file
105
apps/roles/os/tasks/desktop.yml
Normal file
@ -0,0 +1,105 @@
|
||||
- block:
|
||||
- name: Install GNOME Desktop
|
||||
shell: |
|
||||
yum groupinstall -y 'Server with GUI'
|
||||
systemctl set-default graphical.target
|
||||
systemctl isolate graphical.target
|
||||
systemctl get-default
|
||||
when: os_desktop=="gnome" and ansible_distribution != 'Amazon'
|
||||
|
||||
- name: Install KDE Desktop
|
||||
shell: |
|
||||
yum groupinstall -y "X Window System"
|
||||
yum groupinstall -y "KDE"
|
||||
systemctl set-default graphical.target
|
||||
systemctl isolate graphical.target
|
||||
systemctl get-default
|
||||
when: os_desktop=="kde" and ansible_distribution != 'Amazon'
|
||||
|
||||
- name: Install Xfce Desktop
|
||||
shell: |
|
||||
yum groupinstall -y 'Xfce'
|
||||
sudo bash -c 'echo PREFERRED=/usr/bin/xfce4-session > /etc/sysconfig/desktop'
|
||||
when: os_desktop=="xfce"
|
||||
|
||||
- name: Install Mate Desktop on AmazonLinux
|
||||
shell: |
|
||||
sudo amazon-linux-extras install -y mate-desktop1.x
|
||||
sudo bash -c 'echo PREFERRED=/usr/bin/mate-session > /etc/sysconfig/desktop'
|
||||
when: os_desktop=="mate" and ansible_distribution == 'Amazon'
|
||||
|
||||
- name: Install Mate Desktop on CentOS
|
||||
shell: |
|
||||
yum groupinstall -y 'MATE Desktop'
|
||||
sudo bash -c 'echo PREFERRED=/usr/bin/mate-session > /etc/sysconfig/desktop'
|
||||
when: os_desktop=="mate" and ansible_distribution == 'CentOS'
|
||||
|
||||
when: ansible_os_family == "RedHat"
|
||||
|
||||
- block:
|
||||
- name: Install GNOME Desktop
|
||||
shell: |
|
||||
apt install gnome gnome-session-flashback -y
|
||||
when: os_desktop=="gnome"
|
||||
|
||||
- name: Install KDE Desktop
|
||||
shell: |
|
||||
echo "/usr/sbin/sddm" > /etc/X11/default-display-manager
|
||||
DEBIAN_FRONTEND=noninteractive apt install kde-plasma-desktop -y
|
||||
echo "plasma_session" >~/.xsession
|
||||
when: os_desktop=="kde"
|
||||
|
||||
- name: Install Xfce Desktop
|
||||
shell: |
|
||||
echo "/usr/sbin/lightdm" > /etc/X11/default-display-manager
|
||||
DEBIAN_FRONTEND=noninteractive apt install -y xfce4
|
||||
echo "xfce4-session" >~/.xsession
|
||||
when: os_desktop=="xfce"
|
||||
|
||||
- name: Install Mate Desktop
|
||||
shell: |
|
||||
apt install -y mate-desktop-environment
|
||||
echo "mate-session" >~/.xsession
|
||||
when: os_desktop=="mate"
|
||||
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: Install VNC
|
||||
include: vnc.yml
|
||||
|
||||
- block:
|
||||
- name: Check RedHat Mate Desktop Version
|
||||
shell: sudo echo "Mate Desktop version:" `ls /usr/share/doc/ | grep mate-desktop | awk -F '-' '{print $3}'` | sudo tee -a /data/logs/install_version.txt
|
||||
when: ansible_os_family == "RedHat" and os_desktop == "mate" and ansible_distribution != 'Amazon'
|
||||
|
||||
- name: Check AmazonLinux Mate Desktop Version
|
||||
shell: sudo echo "Mate Desktop version:" `ls /usr/share/doc/ | grep mate-terminal | awk -F '-' '{print $3}'` | sudo tee -a /data/logs/install_version.txt
|
||||
when: ansible_distribution == 'Amazon' and os_desktop == "mate"
|
||||
|
||||
- name: Check RedHat Xfce4 Desktop Version
|
||||
shell: sudo echo "Xfce4 Desktop version:" `ls /usr/share/doc | grep '^xfce4-panel' | awk -F '-' '{print $3}'` | sudo tee -a /data/logs/install_version.txt
|
||||
when: ansible_os_family == "RedHat" and os_desktop == "xfce"
|
||||
|
||||
- name: Check RedHat Gnome Desktop Version
|
||||
shell: sudo echo "Gnome Desktop version:" `ls /usr/share/doc | grep '^gnome-desktop' | awk -F '-' '{print $3}'` | sudo tee -a /data/logs/install_version.txt
|
||||
when: ansible_os_family == "RedHat" and os_desktop == "gnome"
|
||||
|
||||
- name: Check RedHat KDE Desktop Version
|
||||
shell: sudo echo "KDE Desktop version:" `ls /usr/share/doc | grep '^kdelibs' | awk -F '-' '{print $2}'` | sudo tee -a /data/logs/install_version.txt
|
||||
when: ansible_os_family == "RedHat" and os_desktop == "kde"
|
||||
|
||||
- name: Check Debian Xfce4 Desktop Version
|
||||
shell: sudo echo "Xfce4 Desktop version:" `dpkg -l | grep 'xfce4' -w | sed -n '1p' | awk -F ' ' '{print $3}'` | sudo tee -a /data/logs/install_version.txt
|
||||
when: ansible_os_family == "Debian" and os_desktop == "xfce"
|
||||
|
||||
- name: Check Debian Mate Desktop Version
|
||||
shell: sudo echo "Mate Desktop version:" `grep -E 'Version' /usr/share/doc/mate-session-manager/dbus/mate-session.html | awk '{print $3}' | awk -F '<' '{print $1}'` | sudo tee -a /data/logs/install_version.txt
|
||||
when: ansible_os_family == "Debian" and os_desktop == "mate"
|
||||
|
||||
- name: Check Debian Gnome Desktop Version
|
||||
shell: sudo echo "Gnome Desktop version:" `gnome-shell --version | awk '{print $3}'` | sudo tee -a /data/logs/install_version.txt
|
||||
when: ansible_os_family == "Debian" and os_desktop == "gnome"
|
||||
|
||||
- name: Check Debian KDE Desktop Version
|
||||
shell: sudo echo "KDE Desktop version:" `grep 'X-KDE-PluginInfo-Version' /usr/share/kservices5/plasma-dataengine-touchpad.desktop | awk -F '=' '{print $2}'` | sudo tee -a /data/logs/install_version.txt
|
||||
when: ansible_os_family == "Debian" and os_desktop == "kde"
|
61
apps/roles/os/tasks/image.yml
Normal file
61
apps/roles/os/tasks/image.yml
Normal file
@ -0,0 +1,61 @@
|
||||
- name: Is cloud-init exists
|
||||
shell: ls /etc/cloud/cloud.cfg
|
||||
ignore_errors: True
|
||||
register: result
|
||||
|
||||
- debug: var=result.stdout
|
||||
|
||||
- name: Install cloud-init
|
||||
shell: |
|
||||
yum install cloud-init
|
||||
when: result.stdout != '/etc/cloud/cloud.cfg'
|
||||
|
||||
- name: Configure cloud-init
|
||||
template:
|
||||
src: cloud-init.cfg.j2
|
||||
dest: /etc/cloud/cloud.cfg
|
||||
|
||||
- name: Configure time zone and delete useful cloud.conf
|
||||
shell: |
|
||||
timedatectl set-ntp yes
|
||||
timedatectl set-timezone "Asia/Shanghai"
|
||||
timedatectl set-local-rtc yes
|
||||
rm -rf /etc/cloud/cloud.cfg.d/10_updates_policy.cfg
|
||||
rm -rf /etc/cloud/cloud.cfg.d/10-azure-kvp.cfg
|
||||
|
||||
- name: Change PasswordAuthentication
|
||||
lineinfile:
|
||||
dest: /etc/ssh/sshd_config
|
||||
regexp: "PasswordAuthentication no"
|
||||
line: "PasswordAuthentication yes"
|
||||
|
||||
- name: Set enable login by root
|
||||
lineinfile:
|
||||
dest: /etc/ssh/sshd_config
|
||||
regexp: "#PermitRootLogin yes"
|
||||
line: "PermitRootLogin yes"
|
||||
|
||||
- name: Restart sshd
|
||||
shell: systemctl restart sshd
|
||||
|
||||
- name: Uninstall waagent
|
||||
shell: |
|
||||
yum -y remove WALinuxAgent
|
||||
rm -f /etc/waagent.conf.rpmsave
|
||||
rm -rf /var/lib/waagent
|
||||
rm -f /var/log/waagent.log
|
||||
when: ansible_os_family == "RedHat"
|
||||
|
||||
- name: Uninstall waagent
|
||||
shell: |
|
||||
apt -y purge walinuxagent
|
||||
rm -rf /var/lib/waagent
|
||||
rm -f /var/log/waagent.log
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: Disable firewalld
|
||||
shell: |
|
||||
systemctl stop firewalld
|
||||
systemctl disable firewalld
|
||||
|
||||
- include: "migration/{{os_cloudplatform}}.yml"
|
19
apps/roles/os/tasks/main.yml
Normal file
19
apps/roles/os/tasks/main.yml
Normal file
@ -0,0 +1,19 @@
|
||||
- name: Install Desktop on {{ansible_os_family}}
|
||||
include: "{{ansible_os_family}}.yml"
|
||||
|
||||
- name: Disable firewalld(some cloud has no firewalld)
|
||||
shell: |
|
||||
systemctl stop firewalld
|
||||
systemctl disable firewalld
|
||||
ignore_errors: true
|
||||
|
||||
- name: Install Desktop and VNC
|
||||
include: desktop.yml
|
||||
when: os_desktop is defined and os_desktop is not none and os_desktop !="" and (os_image =="" or os_image is undefined)
|
||||
|
||||
- name: Make a private image with some cloud platform
|
||||
include: image.yml
|
||||
when: os_cloudplatform is defined and os_cloudplatform is not none and os_cloudplatform !=""
|
||||
|
||||
- name: Check chrony status
|
||||
shell: systemctl restart chronyd
|
25
apps/roles/os/tasks/migration/alibabacloud.yml
Normal file
25
apps/roles/os/tasks/migration/alibabacloud.yml
Normal file
@ -0,0 +1,25 @@
|
||||
- name: Install packages for image importer of alibabacloud
|
||||
shell: |
|
||||
yum install qemu-kvm virt-manager libvirt virt-install openssh-askpass -y
|
||||
|
||||
- name: Install aegis
|
||||
shell: |
|
||||
wget {{ os_aegis_download_url }} && chmod +x AliAqsInstall_64.sh && ./AliAqsInstall_64.sh sJmepE 2>/dev/null
|
||||
test -d /usr/local/aegis && bash /usr/local/aegis/aegis_install.sh
|
||||
|
||||
- name: Install aliyun_assist
|
||||
shell: yum -y install https://aliyun-client-assist.oss-accelerate.aliyuncs.com/linux/aliyun_assist_latest.rpm
|
||||
when: ansible_os_family == "RedHat"
|
||||
|
||||
- name: Install aliyun_assist
|
||||
shell: apt -y install https://aliyun-client-assist.oss-accelerate.aliyuncs.com/linux/aliyun_assist_latest.deb
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: Install aliyun_assist
|
||||
shell: |
|
||||
systemctl stop qemu-guest-agent
|
||||
systemctl disable qemu-guest-agent
|
||||
when: ansible_distribution == "RedHat"
|
||||
|
||||
- name: Restart aliyun.service
|
||||
shell: systemctl restart aliyun.service
|
90
apps/roles/os/tasks/vnc.yml
Normal file
90
apps/roles/os/tasks/vnc.yml
Normal file
@ -0,0 +1,90 @@
|
||||
#1 Install VNC
|
||||
- block:
|
||||
- name: Install VNC Server on {{ansible_os_family}}
|
||||
yum:
|
||||
name: tigervnc-server
|
||||
when: ansible_os_family == "RedHat"
|
||||
|
||||
- name: Install VNC Server on {{ansible_os_family}}
|
||||
apt:
|
||||
name: tightvncserver
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: Create a random password for VNC
|
||||
set_fact: temp_password="{{ lookup('password', '/tmp/passwordfile length=8 chars=digits') }}"
|
||||
|
||||
- debug:
|
||||
msg: Testing VNC password is {{ temp_password }}
|
||||
|
||||
- name: Configure vncserver password
|
||||
expect:
|
||||
command: vncpasswd
|
||||
responses:
|
||||
"Password": "{{temp_password}}"
|
||||
"Verify": "{{temp_password}}"
|
||||
"view-only": "n"
|
||||
|
||||
#2 Configure VNC
|
||||
- name: Copy vncserver.service(when system_user=root)
|
||||
template:
|
||||
src: vncserver.service1.j2
|
||||
dest: /lib/systemd/system/vncserver.service
|
||||
|
||||
- block:
|
||||
- name: Copy xstartup
|
||||
template:
|
||||
src: xstartup.j2
|
||||
dest: /root/.vnc/xstartup
|
||||
|
||||
- name: Copy xstartup
|
||||
shell: chmod +x /root/.vnc/xstartup
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: Restart vncserver
|
||||
service:
|
||||
name: vncserver
|
||||
state: restarted
|
||||
enabled: yes
|
||||
|
||||
#3 Install and configure XRDP
|
||||
- block:
|
||||
- name: Install Remote tool on {{ansible_os_family}}
|
||||
shell: yum install xrdp -y
|
||||
when: ansible_os_family == "RedHat"
|
||||
|
||||
- name: Install Remote toolon {{ansible_os_family}}
|
||||
shell: apt install xrdp -y
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: Start and enable xrdp
|
||||
service:
|
||||
name: xrdp
|
||||
state: restarted
|
||||
enabled: yes
|
||||
|
||||
#4 Check
|
||||
|
||||
- name: set soft link
|
||||
shell: ln -sf /lib/systemd/system/vncserver.service /lib/systemd/system/vnc.service
|
||||
|
||||
- block:
|
||||
- name: Check vncserver Version
|
||||
shell: sudo echo "TigerVNC version:" `vncserver -version | grep "TigerVNC" | sed -n '1p' | awk '{print $3}'` | sudo tee -a /data/logs/install_version.txt
|
||||
when: ansible_os_family == "RedHat"
|
||||
|
||||
- name: Check vncserver Version
|
||||
shell: sudo echo "TightVNC version:" `vncserver -version | grep "TightVNC" | sed -n '1p' | awk -F "-" '{print $2}'` | sudo tee -a /data/logs/install_version.txt
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: Check vncserver Service
|
||||
shell: systemctl status vncserver | grep Active*
|
||||
register: check_vncserver_service
|
||||
notify: check_vncserver_service
|
||||
|
||||
- name: Check Xrdp Version
|
||||
shell: sudo echo "xrdp version:" `unbuffer xrdp --version | sed -n '1p' | awk '{print $2}'` | sudo tee -a /data/logs/install_version.txt
|
||||
|
||||
- name: Check xrdp Service
|
||||
shell: systemctl status xrdp | grep Active*
|
||||
register: check_xrdp_service
|
||||
notify: check_xrdp_service
|
166
apps/roles/os/templates/cloud-init.cfg.j2
Normal file
166
apps/roles/os/templates/cloud-init.cfg.j2
Normal file
@ -0,0 +1,166 @@
|
||||
{% if os_cloudplatform == 'tencentcloud' %}
|
||||
users:
|
||||
- default
|
||||
|
||||
disable_root: 0
|
||||
ssh_pwauth: 1
|
||||
|
||||
datasource_list: [ ConfigDrive, TencentCloud ]
|
||||
datasource:
|
||||
ConfigDrive:
|
||||
dsmode: local
|
||||
TencentCloud:
|
||||
metadata_urls: ['http://169.254.0.23', 'http://metadata.tencentyun.com']
|
||||
{% endif %}
|
||||
|
||||
{% if os_cloudplatform == 'huaweicloud' %}
|
||||
# The top level settings are used as module
|
||||
# and system configuration.
|
||||
|
||||
# A set of users which may be applied and/or used by various modules
|
||||
# when a 'default' entry is found it will reference the 'default_user'
|
||||
# from the distro configuration specified below
|
||||
users:
|
||||
- name: root
|
||||
lock_passwd: False
|
||||
|
||||
# If this is set, 'root' will not be able to ssh in and they
|
||||
# will get a message to login instead as the default $user
|
||||
disable_root: false
|
||||
ssh_pwauth: true
|
||||
|
||||
# This will cause the set+update hostname module to not operate (if true)
|
||||
preserve_hostname: false
|
||||
|
||||
manage_etc_hosts: localhost
|
||||
|
||||
network:
|
||||
config: disabled
|
||||
|
||||
apt:
|
||||
preserve_sources_list: true
|
||||
|
||||
# Example datasource config
|
||||
# datasource:
|
||||
# Ec2:
|
||||
# metadata_urls: [ 'blah.com' ]
|
||||
# timeout: 5 # (defaults to 50 seconds)
|
||||
# max_wait: 10 # (defaults to 120 seconds)
|
||||
datasource_list: [ OpenStack ]
|
||||
datasource:
|
||||
OpenStack:
|
||||
metadata_urls: ['http://169.254.169.254']
|
||||
max_wait: 120
|
||||
timeout: 5
|
||||
apply_network_config: false
|
||||
{% endif %}
|
||||
|
||||
{% if os_cloudplatform == 'alibabacloud' %}
|
||||
# The top level settings are used as module
|
||||
# and system configuration.
|
||||
|
||||
# A set of users which may be applied and/or used by various modules
|
||||
# when a 'default' entry is found it will reference the 'default_user'
|
||||
# from the distro configuration specified below
|
||||
users:
|
||||
- default
|
||||
|
||||
user:
|
||||
name: root
|
||||
lock_passwd: False
|
||||
|
||||
# If this is set, 'root' will not be able to ssh in and they
|
||||
# will get a message to login instead as the default $user
|
||||
disable_root: false
|
||||
|
||||
# This will cause the set+update hostname module to not operate (if true)
|
||||
preserve_hostname: false
|
||||
|
||||
manage_etc_hosts: localhost
|
||||
|
||||
datasource_list: [ AliYun ]
|
||||
|
||||
# Example datasource config
|
||||
datasource:
|
||||
AliYun:
|
||||
support_xen: false
|
||||
timeout: 5
|
||||
max_wait: 300
|
||||
# metadata_urls: [ 'blah.com' ]
|
||||
|
||||
timezone: "Asia/Shanghai"
|
||||
|
||||
growpart:
|
||||
mode: auto
|
||||
devices: [/dev/vda2]
|
||||
ignore_growroot_disabled: false
|
||||
|
||||
runcmd:
|
||||
- [pvresize,/dev/vda2]
|
||||
- [lvextend,-l,+100%FREE,/dev/rootvg/rootlv]
|
||||
- [xfs_growfs,/dev/rootvg/rootlv]
|
||||
|
||||
{% endif %}
|
||||
# The modules that run in the 'init' stage
|
||||
cloud_init_modules:
|
||||
- migrator
|
||||
- source-address
|
||||
- pip-source
|
||||
- seed_random
|
||||
- bootcmd
|
||||
- write-files
|
||||
- [ growpart, once-per-instance ]
|
||||
- [ resizefs, once-per-instance ]
|
||||
- disk_setup
|
||||
- mounts
|
||||
- set_hostname
|
||||
- update_hostname
|
||||
- update_etc_hosts
|
||||
- ca-certs
|
||||
- rsyslog
|
||||
- users-groups
|
||||
- ssh
|
||||
|
||||
# The modules that run in the 'config' stage
|
||||
cloud_config_modules:
|
||||
- ssh-import-id
|
||||
- locale
|
||||
- set-passwords
|
||||
- spacewalk
|
||||
- yum-add-repo
|
||||
- ntp
|
||||
- timezone
|
||||
- disable-ec2-metadata
|
||||
- runcmd
|
||||
# - ntp-conf
|
||||
# - chrony-conf
|
||||
|
||||
# The modules that run in the 'final' stage
|
||||
cloud_final_modules:
|
||||
- package-update-upgrade-install
|
||||
- puppet
|
||||
- chef
|
||||
- mcollective
|
||||
- salt-minion
|
||||
- rightscale_userdata
|
||||
- scripts-vendor
|
||||
- scripts-per-once
|
||||
- scripts-per-boot
|
||||
- scripts-per-instance
|
||||
- scripts-user
|
||||
- ssh-authkey-fingerprints
|
||||
- keys-to-console
|
||||
- phone-home
|
||||
- final-message
|
||||
- power-state-change
|
||||
|
||||
# System and/or distro specific settings
|
||||
# (not accessible to handlers/transforms)
|
||||
system_info:
|
||||
# This will affect which distro class gets used
|
||||
distro: centos
|
||||
# Other config here will be given to the distro class and/or path classes
|
||||
paths:
|
||||
cloud_dir: /var/lib/cloud/
|
||||
templates_dir: /etc/cloud/templates/
|
||||
ssh_svcname: sshd
|
16
apps/roles/os/templates/vncserver.service1.j2
Normal file
16
apps/roles/os/templates/vncserver.service1.j2
Normal file
@ -0,0 +1,16 @@
|
||||
[Unit]
|
||||
Description=Start TigerVNC server at startup
|
||||
After=syslog.target network.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
PAMName=login
|
||||
User=%u
|
||||
|
||||
PIDFile=/%u/.vnc/%H:1.pid
|
||||
ExecStartPre=-/usr/bin/vncserver -kill :1 > /dev/null 2>&1
|
||||
ExecStart=/usr/bin/vncserver -depth 24 :1
|
||||
ExecStop=/usr/bin/vncserver -kill :1
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
16
apps/roles/os/templates/vncserver.service2.j2
Normal file
16
apps/roles/os/templates/vncserver.service2.j2
Normal file
@ -0,0 +1,16 @@
|
||||
[Unit]
|
||||
Description=Start TigerVNC server at startup
|
||||
After=syslog.target network.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
PAMName=login
|
||||
User=%u
|
||||
|
||||
PIDFile=/home/%u/.vnc/%H:1.pid
|
||||
ExecStartPre=-/usr/bin/vncserver -kill :1 > /dev/null 2>&1
|
||||
ExecStart=/usr/bin/vncserver -depth 24 :1
|
||||
ExecStop=/usr/bin/vncserver -kill :1
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
66
apps/roles/os/templates/xstartup.j2
Normal file
66
apps/roles/os/templates/xstartup.j2
Normal file
@ -0,0 +1,66 @@
|
||||
{% if os_desktop == 'mate' %}
|
||||
#!/bin/sh
|
||||
|
||||
# Uncomment the following two lines for normal desktop:
|
||||
unset SESSION_MANAGER
|
||||
unset DBUS_SESSION_BUS_ADDRESS
|
||||
#. /etc/X11/xinit/xinitrc
|
||||
/usr/bin/{{os_desktop}}-session
|
||||
|
||||
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
|
||||
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
|
||||
xsetroot -solid grey
|
||||
vncconfig -iconic &
|
||||
x-terminal-emulator -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
|
||||
x-window-manager &
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% if os_desktop == 'xfce' %}
|
||||
#!/bin/sh
|
||||
|
||||
# Uncomment the following two lines for normal desktop:
|
||||
unset SESSION_MANAGER
|
||||
unset DBUS_SESSION_BUS_ADDRESS
|
||||
#. /etc/X11/xinit/xinitrc
|
||||
/usr/bin/{{os_desktop}}4-session
|
||||
|
||||
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
|
||||
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
|
||||
xsetroot -solid grey
|
||||
vncconfig -iconic &
|
||||
x-terminal-emulator -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
|
||||
x-window-manager &
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% if os_desktop == 'kde' %}
|
||||
#!/bin/sh
|
||||
|
||||
# Uncomment the following two lines for normal desktop:
|
||||
unset SESSION_MANAGER
|
||||
unset DBUS_SESSION_BUS_ADDRESS
|
||||
#. /etc/X11/xinit/xinitrc
|
||||
/usr/bin/plasma_session
|
||||
|
||||
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
|
||||
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
|
||||
xsetroot -solid grey
|
||||
vncconfig -iconic &
|
||||
x-terminal-emulator -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
|
||||
x-window-manager &
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% if os_desktop == 'gnome' %}
|
||||
#!/bin/sh
|
||||
autocutsel -fork
|
||||
xrdb $HOME/.Xresources
|
||||
xsetroot -solid grey
|
||||
export XKL_XMODMAP_DISABLE=1
|
||||
export XDG_CURRENT_DESKTOP="GNOME-Flashback:Unity"
|
||||
export XDG_MENU_PREFIX="gnome-flashback-"
|
||||
unset DBUS_SESSION_BUS_ADDRESS
|
||||
gnome-session --session=gnome-flashback-metacity --disable-acceleration-check &
|
||||
|
||||
{% endif %}
|
Loading…
Reference in New Issue
Block a user