diff options
| author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-13 22:21:25 -0500 |
|---|---|---|
| committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-13 22:21:25 -0500 |
| commit | a10aee68def0b72d7f79e1b1682f8a53354cf5b3 (patch) | |
| tree | 63663d60452ccc4fd73660f3ff1631237f99b8ec | |
| parent | cc5f4658d2fe08a2741ce7cadfcef8b7c986318e (diff) | |
| download | selfhosted-a10aee68def0b72d7f79e1b1682f8a53354cf5b3.tar.gz selfhosted-a10aee68def0b72d7f79e1b1682f8a53354cf5b3.zip | |
linux_laptop: add docs
| -rw-r--r-- | inventory-example/group_vars/all/global.yml | 2 | ||||
| -rw-r--r-- | roles/linux_laptop/README.md | 43 | ||||
| -rw-r--r-- | roles/linux_laptop/defaults/main.yml | 2 |
3 files changed, 45 insertions, 2 deletions
diff --git a/inventory-example/group_vars/all/global.yml b/inventory-example/group_vars/all/global.yml index f4ea98e..a1fed72 100644 --- a/inventory-example/group_vars/all/global.yml +++ b/inventory-example/group_vars/all/global.yml @@ -13,7 +13,7 @@ organization: ACME, Inc. # changeme # This variable will be used to configure an SSID with certificate-based auth # for any hosts in the linux-laptops group. -wifi_ssid: acme-wifi +linux_laptop_wifi_ssid: acme-wifi # Hosts in these CIDRs should be capable of kerberos authentication. # We use this in many apache configs to determine when to force GSSAPI auth. diff --git a/roles/linux_laptop/README.md b/roles/linux_laptop/README.md new file mode 100644 index 0000000..598170e --- /dev/null +++ b/roles/linux_laptop/README.md @@ -0,0 +1,43 @@ +Linux Laptop +============ + +Description +----------- + +The `linux_laptop` role performs various setup tasks for Linux laptops, +such as configuring power-saving tuneables and creating a WiFi connection +using certificate-based authentication. + +For WiFi authentication to work, you'll need a RADIUS server configured with +the [freeradius](../freeradius/) role. + +Variables +--------- + +This role **accepts** the following variables: + +Variable | Default | Description +-----------------------------------------|-----------------------------|------------ +`linux_laptop_access_group` | `role-linux-desktop-access` | FreeIPA group allowed to login to GDM (will be created) +`linux_laptop_wifi_ssid` | | SSID of local WiFi network +`linux_laptop_wifi_ip` | `{{ ip }}` | Static IPv4 address for WiFi connection +`linux_laptop_wifi_prefix` | `{{ vlan.cidr }}` prefix | Network prefix for WiFi connection +`linux_laptop_wifi_gateway` | `{{ vlan.gateway }}` | Gateway for WiFi connection +`linux_laptop_wifi_domain` | `{{ domain }}` | Default DNS domain for WiFi connection +`linux_laptop_wifi_dns_servers` | `{{ vlan.dns_servers }}` | DNS serers for WiFi connection +`linux_laptop_wlan_device` | `wlan0` | Wireless network interface name +`linux_laptop_dirty_writeback_centisecs` | 6000 | [Disk writeback interval](https://www.kernel.org/doc/html/latest/admin-guide/sysctl/vm.html#dirty-writeback-centisecs) + +Usage +----- + +Example playbook: + +````yaml +- hosts: linux_laptops + roles: + - role: linux_laptop + vars: + linux_laptop_access_group: laptop-users + linux_laptop_wifi_ssid: exampleorg-wifi +```` diff --git a/roles/linux_laptop/defaults/main.yml b/roles/linux_laptop/defaults/main.yml index adaa6b2..b003835 100644 --- a/roles/linux_laptop/defaults/main.yml +++ b/roles/linux_laptop/defaults/main.yml @@ -3,7 +3,7 @@ linux_laptop_wifi_ssid: '{{ wifi_ssid }}' linux_laptop_wifi_ip: '{{ ip }}' linux_laptop_wifi_prefix: "{{ vlan.cidr | ansible.utils.ipaddr('prefix') }}" linux_laptop_wifi_gateway: '{{ vlan.gateway }}' -linux_laptop_wifi_domain: '{{ ansible_domain }}' +linux_laptop_wifi_domain: '{{ domain }}' linux_laptop_wifi_dns_servers: '{{ vlan.dns_servers }}' linux_laptop_wlan_device: wlan0 linux_laptop_dirty_writeback_centisecs: 6000 |