.
This commit is contained in:
jonas
@@ -1,3 +1,8 @@
|
||||
Start firewalld:
|
||||
service.running:
|
||||
- name: firewalld
|
||||
- enable: True
|
||||
|
||||
Configure wireguard service:
|
||||
firewalld.service:
|
||||
- name: wireguard
|
||||
|
||||
0
salt/states/remote-desktop/files/passwd
Normal file
0
salt/states/remote-desktop/files/passwd
Normal file
@@ -10,20 +10,22 @@ Disable wayland login:
|
||||
- group: root
|
||||
- mode: "0644"
|
||||
|
||||
Check that passwd file has correct settings:
|
||||
file.managed:
|
||||
- name: /home/{{ pillar['username'] }}/.vnc/passwd
|
||||
- source: salt://remote-desktop/files/passwd
|
||||
- replace: False
|
||||
- user: {{ pillar['username'] }}
|
||||
- group: users
|
||||
- mode: "0600"
|
||||
- makedirs: True
|
||||
- dir_mode: "0700"
|
||||
|
||||
Set vnc password if no passwd file:
|
||||
cmd.run:
|
||||
- name: bash -c "echo {{ pillar['remote-desktop']['password'] }} | vncpasswd -f > /home/{{ pillar['username'] }}/.vnc/passwd"
|
||||
- runas: {{ pillar['username'] }}
|
||||
- unless: bash -c "[[ -f /home/{{ pillar['username'] }}/.vnc/passwd ]]"
|
||||
|
||||
Check that passwd file has correct settings:
|
||||
file.managed:
|
||||
- name: /home/{{ pillar['username'] }}/.vnc/passwd
|
||||
- replace: False
|
||||
- user: {{ pillar['username'] }}
|
||||
- group: users
|
||||
- mode: "0600"
|
||||
- unless: bash -c "[[ -s /home/{{ pillar['username'] }}/.vnc/passwd ]]"
|
||||
|
||||
Create x0vncserver desktop file:
|
||||
file.managed:
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
base:
|
||||
'*':
|
||||
- hosts
|
||||
- vlan
|
||||
- firewalld
|
||||
- ssh
|
||||
- chrony
|
||||
- atftp
|
||||
@@ -12,5 +14,4 @@ base:
|
||||
- docker.registry
|
||||
- remote-desktop
|
||||
- hostapd
|
||||
- firewalld
|
||||
- wol
|
||||
|
||||
25
salt/states/vlan/init.sls
Normal file
25
salt/states/vlan/init.sls
Normal file
@@ -0,0 +1,25 @@
|
||||
{% for vlan in pillar['network']['vlan'] -%}
|
||||
{% set ifname = 'vlan.' + vlan['id']|string %}
|
||||
create device {{ ifname }}:
|
||||
cmd.run:
|
||||
- name: nmcli connection add type vlan con-name {{ ifname }} ifname {{ ifname }} dev {{ pillar['network']['interface'] }} id {{ vlan['id'] }}
|
||||
- unless: nmcli device show {{ ifname }}
|
||||
|
||||
set ip address on {{ ifname }}:
|
||||
cmd.run:
|
||||
- name: nmcli connection modify {{ ifname }} ipv4.addresses {{ vlan['address'] }}/24
|
||||
- unless: bash -c "if [[ \"$(nmcli connection show Wired\ connection\ 1 | sed -n 's/^ipv4.addresses.\s*\(.*\)$/\1/p')\" == "{{ vlan['address'] }}/24" ]]; then exit 0; else exit 1;fi"
|
||||
|
||||
set ip static on {{ ifname }}:
|
||||
cmd.run:
|
||||
- name: nmcli connection modify {{ ifname }} ipv4.method manual
|
||||
- unless: bash -c "if [[ \"$(nmcli connection show Wired\ connection\ 1 | sed -n 's/^ipv4.method.\s*\(.*\)$/\1/p')\" == "manual" ]]; then exit 0; else exit 1;fi"
|
||||
|
||||
bring up {{ ifname }}:
|
||||
cmd.run:
|
||||
- name: nmcli connection up {{ ifname }}
|
||||
- onchanges:
|
||||
- cmd: create device {{ ifname }}
|
||||
- cmd: set ip address on {{ ifname }}
|
||||
- cmd: set ip static on {{ ifname }}
|
||||
{% endfor %}
|
||||
Reference in New Issue
Block a user