From b184599b0acd582ef3c12048d694238774ac4ede Mon Sep 17 00:00:00 2001
From: David Rotermund <54365609+davrot@users.noreply.github.com>
Date: Fri, 29 Mar 2024 01:55:48 +0100
Subject: [PATCH] Add files via upload

---
 yaml_sub/fix_intel.yaml    |  19 ++++++
 yaml_sub/groups_39.yaml    |  59 +++++++++++++++++
 yaml_sub/mount_info.yaml   |  58 +++++++++++++++++
 yaml_sub/myrepo_clean.yaml |  27 ++++++++
 yaml_sub/myrepo_data.yaml  | 119 ++++++++++++++++++++++++++++++++++
 yaml_sub/packages_1.yaml   |  12 ++++
 yaml_sub/packages_2.yaml   | 129 +++++++++++++++++++++++++++++++++++++
 yaml_sub/packages_3.yaml   |  25 +++++++
 yaml_sub/semaphore.yaml    |  55 ++++++++++++++++
 yaml_sub/sssd.yaml         |  48 ++++++++++++++
 10 files changed, 551 insertions(+)
 create mode 100644 yaml_sub/fix_intel.yaml
 create mode 100644 yaml_sub/groups_39.yaml
 create mode 100644 yaml_sub/mount_info.yaml
 create mode 100644 yaml_sub/myrepo_clean.yaml
 create mode 100644 yaml_sub/myrepo_data.yaml
 create mode 100644 yaml_sub/packages_1.yaml
 create mode 100644 yaml_sub/packages_2.yaml
 create mode 100644 yaml_sub/packages_3.yaml
 create mode 100644 yaml_sub/semaphore.yaml
 create mode 100644 yaml_sub/sssd.yaml

diff --git a/yaml_sub/fix_intel.yaml b/yaml_sub/fix_intel.yaml
new file mode 100644
index 0000000..63e88b9
--- /dev/null
+++ b/yaml_sub/fix_intel.yaml
@@ -0,0 +1,19 @@
+---
+- name: remove broken packages (step 0)
+  shell: "cd /root; export LC_ALL=C; rpm -qa >/dev/null 2> error.log"
+
+- name: remove broken packages (step 1)
+  shell: 'cd /root; cat error.log | grep "error: rpmdbNextIterator: skipping h\#" > error2.log'
+
+- name: remove broken packages (step 2)
+  shell: "cd /root; cat error2.log | awk -c '{print \"rpm -e --nosignature --nodeps $(rpm -q --nosignature --querybynumber \" $5 \")\"}' | sort -u | sh"
+
+- name: reinstall intel packages
+  dnf:
+    name: "intel-aikit,intel-basekit,intel-dlfdkit,intel-hpckit,intel-iotkit"
+    state: latest
+    update_cache: true
+    skip_broken: true
+    nobest: false
+    allowerasing: true
+
diff --git a/yaml_sub/groups_39.yaml b/yaml_sub/groups_39.yaml
new file mode 100644
index 0000000..3815cf2
--- /dev/null
+++ b/yaml_sub/groups_39.yaml
@@ -0,0 +1,59 @@
+groupnames:
+  - "@Fedora Custom Operating System"
+  - "@Minimal Install"
+  - "@Fedora Server Edition"
+  - "@Fedora Workstation"
+  - "@KDE Plasma Workspaces"
+  - "@Xfce Desktop"
+  - "@Phosh Desktop"
+  - "@LXDE Desktop"
+  - "@LXQt Desktop"
+  - "@Cinnamon Desktop"
+  - "@MATE Desktop"
+  - "@Sugar Desktop Environment"
+  - "@Deepin Desktop"
+  - "@Budgie Desktop"
+  - "@Development and Creative Workstation"
+  - "@Infrastructure Server"
+  - "@Basic Desktop"
+  - "@i3 desktop"
+  - "@Sway Desktop"
+  - "@3D Printing"
+  - "@Administration Tools"
+  - "@Audio Production"
+  - "@Authoring and Publishing"
+  - "@Budgie"
+  - "@Budgie Desktop Applications"
+  - "@C Development Tools and Libraries"
+  - "@Compiz"
+  - "@Container Management"
+  - "@D Development Tools and Libraries"
+  - "@Design Suite"
+  - "@Development Tools"
+  - "@Domain Membership"
+  - "@Editors"
+  - "@Educational Software"
+  - "@Electronic Lab"
+  - "@Engineering and Scientific"
+  - "@FreeIPA Server"
+  - "@Headless Management"
+  - "@LibreOffice"
+  - "@MATE Applications"
+  - "@Milkymist"
+  - "@Network Servers"
+  - "@Neuron Modelling Simulators"
+  - "@Office/Productivity"
+  - "@Python Classroom"
+  - "@Python Science"
+  - "@Robotics"
+  - "@Security Lab"
+  - "@Sway Window Manager (supplemental packages)"
+  - "@Text-based Internet"
+  - "@Window Managers"
+  - "@Deepin Desktop Environment"
+  - "@Graphical Internet"
+  - "@Fonts"
+  - "@Games and Entertainment"
+  - "@Hardware Support"
+  - "@Sound and Video"
+  - "@System Tools"
diff --git a/yaml_sub/mount_info.yaml b/yaml_sub/mount_info.yaml
new file mode 100644
index 0000000..6ce0062
--- /dev/null
+++ b/yaml_sub/mount_info.yaml
@@ -0,0 +1,58 @@
+---
+- name: Mount /home
+  mount:
+    src: 10.10.1.21:/volume1/home_dir
+    path: /home
+    opts: rw,sync,hard,nolock
+    boot: true 
+    state: mounted
+    fstype: nfs
+- name: Mount /glocal
+  mount:
+    src: 10.10.1.1:/volume1/glocal
+    path: /glocal
+    opts: rw,sync,hard,nolock
+    boot: true
+    state: mounted
+    fstype: nfs
+- name: Mount /tools
+  mount:
+    src: 10.10.1.1:/volume1/tools
+    path: /tools
+    opts: rw,sync,hard,nolock
+    boot: true
+    state: mounted
+    fstype: nfs
+- name: Mount /0
+  mount:
+    src: 10.10.1.1:/volume1/data
+    path: /0
+    opts: rw,sync,hard,nolock
+    boot: true
+    state: mounted
+    fstype: nfs
+- name: Mount /sge-root
+  mount:
+    src: 10.10.10.16:/sge-root
+    path: /sge-root
+    opts: rw,sync,hard
+    boot: true
+    state: mounted
+    fstype: nfs
+- name: Mount /data_1
+  mount:
+    src: 10.10.1.31:/volume1/data
+    path: /data_1
+    opts: rw,sync,hard,nolock
+    boot: true
+    state: mounted
+    fstype: nfs
+- name: Mount /web
+  mount:
+    src: 10.10.1.1:/volume1/web
+    path: /web
+    opts: rw,sync,hard,nolock
+    boot: true
+    state: mounted
+    fstype: nfs
+
diff --git a/yaml_sub/myrepo_clean.yaml b/yaml_sub/myrepo_clean.yaml
new file mode 100644
index 0000000..e896d4a
--- /dev/null
+++ b/yaml_sub/myrepo_clean.yaml
@@ -0,0 +1,27 @@
+---
+- name: Find files everything except myrepo.repo
+  find:
+    paths: /etc/yum.repos.d
+    file_type: file
+    excludes: "myrepo.repo"
+  register: output
+- name: Delete other files
+  file:
+    path: "{{ item.path }}"
+    state: absent
+  loop: "{{ output.files }}"
+
+- name: Check for marker line
+  lineinfile:
+    path: /etc/yum.repos.d/myrepo.repo
+    create: true
+    state: present
+    line: "# BEGIN ANSIBLE MANAGED BLOCK"
+  register: marker_check
+
+- name: Delete file if marker is absent
+  file:
+    path: /etc/yum.repos.d/myrepo.repo
+    state: absent
+  when: marker_check.changed
+
diff --git a/yaml_sub/myrepo_data.yaml b/yaml_sub/myrepo_data.yaml
new file mode 100644
index 0000000..57e0f38
--- /dev/null
+++ b/yaml_sub/myrepo_data.yaml
@@ -0,0 +1,119 @@
+---
+- name: set myrepo
+  blockinfile:
+    path: /etc/yum.repos.d/myrepo.repo
+    state: present
+    create: true
+    owner: "root"
+    group: "root"
+    mode: "0666"
+    block: |
+      [FEDORACORE]
+      name=Fedora Core $releasever
+      baseurl=http://10.10.1.1/repos/Fedora/$releasever/Fedora/os
+      enabled=1
+      gpgcheck=0
+      
+      [FEDORAUPDATE]
+      name=Fedora Update $releasever
+      baseurl=http://10.10.1.1/repos/Fedora/$releasever/Fedora_Update
+      enabled=1
+      gpgcheck=0
+      
+      [CUDA_37]
+      name=NVidia Cuda 37
+      baseurl=http://10.10.1.1/repos/Fedora/AllVersion/cuda_37
+      enabled=0
+      gpgcheck=0
+      
+      [CUDA_36]
+      name=NVidia Cuda 36
+      baseurl=http://10.10.1.1/repos/Fedora/AllVersion/cuda_36
+      enabled=0
+      gpgcheck=0
+      
+      [CUDA_35]
+      name=NVidia Cuda 35
+      baseurl=http://10.10.1.1/repos/Fedora/AllVersion/cuda_35
+      enabled=0
+      gpgcheck=0
+      
+      [CUDA_RHEL8]
+      name=NVidia Cuda RHEL 8
+      baseurl=http://10.10.1.1/repos/Fedora/AllVersion/cuda_rhel8
+      enabled=0
+      gpgcheck=0
+      
+      [Google]
+      name=Google
+      baseurl=http://10.10.1.1/repos/Fedora/AllVersion/google_64
+      enabled=1
+      gpgcheck=0
+      
+      [oneAPI]
+      name=oneAPI
+      baseurl=http://10.10.1.1/repos/Fedora/AllVersion/oneAPI
+      enabled=1
+      gpgcheck=0
+      
+      [Opera]
+      name=Opera
+      baseurl=http://10.10.1.1/repos/Fedora/AllVersion/opera/rpm.opera.com/rpm
+      enabled=1
+      gpgcheck=0
+      
+      [RPMFusionFreeUpdate]
+      name=RPM Fusion Free Update $releasever
+      baseurl=http://10.10.1.1/repos/Fedora/$releasever/fusion_free/
+      enabled=1
+      gpgcheck=0
+      
+      [RPMFusionNonFreeUpdate]
+      name=RPM Fusion Non Free Update $releasever
+      baseurl=http://10.10.1.1/repos/Fedora/$releasever/fusion_nonfree/
+      enabled=1
+      gpgcheck=0
+      
+      [RPMFusionFreeEverything]
+      name=RPM Fusion Free Everything $releasever
+      baseurl=http://10.10.1.1/repos/Fedora/$releasever/fusion_free2/os
+      enabled=1
+      gpgcheck=0
+      
+      [RPMFusionNonFreeEverything]
+      name=RPM Fusion Non Free Everything $releasever
+      baseurl=http://10.10.1.1/repos/Fedora/$releasever/fusion_nonfree2/os
+      enabled=1
+      gpgcheck=0
+      
+      [SGE]
+      name=SGE
+      baseurl=http://10.10.1.1/repos/Fedora/32/sge/copr-be.cloud.fedoraproject.org/results/loveshack/SGE/fedora-32-x86_64
+      enabled=1
+      gpgcheck=0
+      
+      [VSCode]
+      name=VS Code
+      baseurl=http://10.10.1.1/repos/Fedora/AllVersion/vscode/packages.microsoft.com/yumrepos/vscode
+      enabled=1
+      gpgcheck=0
+      
+      [zoom]
+      name=zoom
+      baseurl=http://10.10.1.1/repos/Fedora/AllVersion/zoom
+      enabled=1
+      gpgcheck=0
+      
+      [msedge]
+      name=msedge
+      baseurl=http://10.10.1.1/repos/Fedora/AllVersion/edge/packages.microsoft.com/yumrepos/edge
+      enabled=1
+      gpgcheck=0
+      
+      [docker-ce-stable]
+      name=Docker CE Stable - $basearch
+      baseurl=https://download.docker.com/linux/fedora/$releasever/$basearch/stable
+      enabled=0
+      gpgcheck=1
+      gpgkey=https://download.docker.com/linux/fedora/gpg
+      
diff --git a/yaml_sub/packages_1.yaml b/yaml_sub/packages_1.yaml
new file mode 100644
index 0000000..83ca185
--- /dev/null
+++ b/yaml_sub/packages_1.yaml
@@ -0,0 +1,12 @@
+package1names:
+  - chkconfig
+  - firefox
+  - gdm
+  - gnome-calculator
+  - gnome-terminal
+  - kdm
+  - lightdm
+  - lxdm
+  - okular
+  - sddm
+  - xdm
diff --git a/yaml_sub/packages_2.yaml b/yaml_sub/packages_2.yaml
new file mode 100644
index 0000000..ac390a0
--- /dev/null
+++ b/yaml_sub/packages_2.yaml
@@ -0,0 +1,129 @@
+package2names:
+  - "ant"
+  - "automake"
+  - "bind-utils"
+  - "bluez-cups"
+  - "boost-graph-openmpi"
+  - "boost-openmpi"
+  - "boost-openmpi-devel"
+  - "boost-openmpi-python3"
+  - "code"
+  - "csh"
+  - "cups"
+  - "cups-client"
+  - "cups-filters"
+  - "cups-ipptool"
+  - "cups-libs"
+  - "cups-lpd"
+  - "dkms"
+  - "dnf-plugin-system-upgrade"
+  - "elfutils-libelf-devel"
+  - "emacs"
+  - "firewall-config"
+  - "ftp"
+  - "gcc"
+  - "gdbm-devel"
+  - "gimp"
+  - "git-all"
+  - "gnuplot"
+  - "google-chrome-stable"
+  - "gutenprint-cups"
+  - "gv"
+  - "hdf5-devel"
+  - "hdf5-openmpi"
+  - "hdf5-openmpi-devel"
+  - "hdf5-openmpi-static"
+  - "htop"
+  - "hwloc-devel"
+  - "ImageMagick"
+  - "inkscape"
+  - "iptraf-ng"
+  - "iscan-firmware"
+  - "java-1.8.0-openjdk"
+  - "java-1.8.0-openjdk-devel"
+  - "joe"
+  - "kernel-devel"
+  - "lammps-openmpi"
+  - "lammps-openmpi-devel"
+  - "lapack-devel"
+  - "lapack-static"
+  - "libdb-devel"
+  - "libpng-devel"
+  - "libreoffice-*"
+  - "libreoffice-langpack-de"
+  - "libtirpc"
+  - "libtirpc-devel"
+  - "libXmu"
+  - "libXp"
+  - "libXpm"
+  - "libXt-devel"
+  - "lm_sensors"
+  - "lynx"
+  - "mc"
+  - "mesa-libGLES"
+  - "motif-devel"
+  - "mpg123"
+  - "mpg123-devel"
+  - "mpg123-libs"
+  - "nagios-plugins-nrpe"
+  - "ncurses-devel"
+  - "ncurses-libs"
+  - "nextcloud-client"
+  - "nfs-utils"
+  - "npm"
+  - "nrpe"
+  - "nss-pam-ldapd"
+  - "nss-pam-ldapd"
+  - "ntfs-3g"
+  - "openblas-static"
+  - "openmotif"
+  - "openmpi"
+  - "openmpi-devel"
+  - "openssl-devel"
+  - "opera-stable"
+  - "p7zip"
+  - "p7zip-plugins"
+  - "pam-devel"
+  - "perl"
+  - "python3-qt5"
+  - "python3-qt5-base"
+  - "python3-qt5-devel"
+  - "python3-scipy"
+  - "readline-devel"
+  - "redhat-lsb"
+  - "rsync"
+  - "schroedinger"
+  - "screen"
+  - "SDL2-static"
+  - "SDL-devel"
+  - "SDL"
+  - "SDL2"
+  - "sssd-ldap"
+  - "sssd-tools"
+  - "tcl-devel"
+  - "telnet"
+  - "texlive"
+  - "texlive-*"
+  - "thunderbird"
+  - "tigervnc"
+  - "tigervnc-server"
+  - "tk-devel"
+  - "uuid"
+  - "wget"
+  - "xfce4-*"
+  - "xsane"
+  - "xsane-gimp"
+  - "chkconfig"
+  - "cdrskin"
+  - "sqlite-devel"
+  - "nitrogen"
+  - "flameshot"
+  - "nextcloud-client"
+  - "libomp-devel"
+  - "libomp"
+  - "gcc-gnat"
+  - "libstdc++.i686"
+  - "libproxy.i686"
+  - "glib-networking.i686"
+  - "java-latest-openjdk"
+  - "harfbuzz.i686"
diff --git a/yaml_sub/packages_3.yaml b/yaml_sub/packages_3.yaml
new file mode 100644
index 0000000..61515f6
--- /dev/null
+++ b/yaml_sub/packages_3.yaml
@@ -0,0 +1,25 @@
+package3names:
+  - "audacious"
+  - "audacious*"
+  - "filezilla"
+  - "gridengine"
+  - "gridengine-execd"
+  - "gridengine-qmaster"
+  - "gridengine-qmon"
+  - "intel-aikit"
+  - "intel-basekit"
+  - "intel-dlfdkit"
+  - "intel-hpckit"
+  - "intel-iotkit"
+  - "k3b"
+  - "kile"
+  - "klatexformula"
+  - "leafpad"
+  - "mmv"
+  - "unrar"
+  - "vlc"
+  - "xfig"
+  - "xpdf"
+  - "xscreensaver"
+  - "microsoft-edge-stable"
+
diff --git a/yaml_sub/semaphore.yaml b/yaml_sub/semaphore.yaml
new file mode 100644
index 0000000..2bae19d
--- /dev/null
+++ b/yaml_sub/semaphore.yaml
@@ -0,0 +1,55 @@
+---
+- name: create docker compose files
+  blockinfile:
+    path: /root/docker-compose.yml
+    state: present
+    create: true
+    owner: "root"
+    group: "root"
+    mode: "0600"
+    block: |
+     services:
+       mysql:
+         restart: unless-stopped
+         image: mysql:8.0
+         hostname: mysql
+         volumes:
+           - semaphore-mysql:/var/lib/mysql
+         environment:
+           MYSQL_RANDOM_ROOT_PASSWORD: 'yes'
+           MYSQL_DATABASE: semaphore
+           MYSQL_USER: semaphore
+           MYSQL_PASSWORD: semaphore
+       semaphore:
+         restart: unless-stopped
+         ports:
+           - 3000:3000
+         image: semaphoreui/semaphore:latest
+         environment:
+           SEMAPHORE_DB_USER: semaphore
+           # change:
+           SEMAPHORE_DB_PASS: semaphore
+           SEMAPHORE_DB_HOST: mysql 
+           SEMAPHORE_DB_PORT: 3306 
+           SEMAPHORE_DB_DIALECT: mysql
+           SEMAPHORE_DB: semaphore
+           SEMAPHORE_PLAYBOOK_PATH: /tmp/semaphore/
+           # change:
+           SEMAPHORE_ADMIN_PASSWORD: changeme
+           SEMAPHORE_ADMIN_NAME: admin
+           SEMAPHORE_ADMIN_EMAIL: davrot@uni-bremen.de
+           SEMAPHORE_ADMIN: admin
+           # change: head -c32 /dev/urandom | base64
+           SEMAPHORE_ACCESS_KEY_ENCRYPTION: gs72mPntFATGJs9qK0pQ0rKtfidlexiMjYCH9gWKhTU=
+           SEMAPHORE_LDAP_ACTIVATED: 'no' # if you wish to use ldap, set to: 'yes' 
+           SEMAPHORE_LDAP_HOST: 10.10.0.4
+           SEMAPHORE_LDAP_PORT: '636'
+           SEMAPHORE_LDAP_NEEDTLS: 'yes'
+           SEMAPHORE_LDAP_DN_BIND: 'uid=bind_user,cn=users,cn=accounts,dc=local,dc=shiftsystems,dc=net'
+           SEMAPHORE_LDAP_PASSWORD: 'ldap_bind_account_password'
+           SEMAPHORE_LDAP_DN_SEARCH: 'dc=local,dc=example,dc=com'
+           SEMAPHORE_LDAP_SEARCH_FILTER: "(\u0026(uid=%s)(memberOf=cn=ipausers,cn=groups,cn=accounts,dc=local,dc=example,dc=com))"
+         depends_on:
+           - mysql
+     volumes:
+       semaphore-mysql:
diff --git a/yaml_sub/sssd.yaml b/yaml_sub/sssd.yaml
new file mode 100644
index 0000000..55ef449
--- /dev/null
+++ b/yaml_sub/sssd.yaml
@@ -0,0 +1,48 @@
+---
+- name: Check for marker line
+  lineinfile:
+    path: /etc/sssd/sssd.conf
+    create: true
+    state: present
+    line: "# BEGIN ANSIBLE MANAGED BLOCK"
+  register: marker_check
+
+- name: Delete file if marker is absent
+  file:
+    path: /etc/sssd/sssd.conf
+    state: absent
+  when: marker_check.changed
+
+- name: sssd config
+  blockinfile:
+    path: /etc/sssd/sssd.conf
+    state: present
+    create: true
+    owner: "root"
+    group: "root"
+    mode: "0600"
+    block: |
+      [sssd]
+      domains = default
+      services = nss,pam,ssh
+      
+      [domain/default]
+      id_provider = ldap
+      ldap_uri = ldap://10.10.1.31
+      ldap_search_base = dc=nas1,dc=neuro,dc=itp
+      ldap_auth_disable_tls_never_use_in_production = true
+      ldap_id_use_start_tls = False
+  register: marker_check
+
+- name: enable sssd
+  shell: "/usr/bin/authselect select sssd --force"
+  when: marker_check.changed
+
+- name: Make sure sssd is updated
+  systemd_service:
+    daemon_reload: true
+    state: restarted
+    enabled: true
+    name: sssd
+  when: marker_check.changed
+