Added building Ubuntu 20.04 template

ansible/roles/os-linux-prep-templ/tasks/add-users-admins.yml

@@ -0,0 +1,50 @@
+---
+
+- include_vars: vars/os-creds-admins.yml
+
+- name: Set host facts group for use sudo
+  set_fact: os_group_for_sudo="sudo"
+  when: ansible_os_family == "Debian"
+
+- name: Set host facts group for use sudo
+  set_fact: os_group_for_sudo="wheel"
+  when: ansible_os_family == "RedHat"
+
+- name: Add admins users
+  user:
+    name: "{{ item.username }}"
+    shell: /bin/bash
+    groups: "{{ os_group_for_sudo }}"
+    password: "{{ item.password }}"
+    comment: "{{ item.comment }}"
+    append: yes
+  loop: "{{ os_creds_sysadmins }}"
+  no_log: true
+
+- name: Change perm for home dir 0700
+  file:
+    path: /home/{{ item.username }}
+    state: directory
+    mode: '0700'
+  loop: "{{ os_creds_sysadmins }}"
+  no_log: true
+
+- name: Add SSH keys for admins users
+  authorized_key:
+    user:  "{{ item.username }}"
+    state: present
+    key: "{{ item.ssh_key }}"
+  loop: "{{ os_creds_sysadmins }}"
+  no_log: true
+
+- name: Add admins users to /etc/sudoers.d/
+  copy:
+    dest: "/etc/sudoers.d/{{ item.username }}"
+    content: |
+      {{ item.username }} ALL=(ALL) NOPASSWD:ALL
+
+    owner: root
+    group: root
+    mode: '0444'
+  loop: "{{ os_creds_sysadmins }}"
+  no_log: true

ansible/roles/os-linux-prep-templ/tasks/ipv6-disable.yml

@@ -0,0 +1,12 @@
+---
+
+- name: Disable IPv6
+  block:
+  - name: Add to /etc/default/grub option ipv6.disable=1
+    ansible.builtin.lineinfile:
+      path: /etc/default/grub
+      regexp: '^GRUB_CMDLINE_LINUX="'
+      line: GRUB_CMDLINE_LINUX="ipv6.disable=1"
+    notify:
+      - Update config grub on Debian like
+  when: ansible_os_family == "Debian"

ansible/roles/os-linux-prep-templ/tasks/main.yml

@@ -0,0 +1,19 @@
+---
+
+#- name: Ping
+#  import_tasks: ping.yml
+
+- name: Upload sctipts for first starting system
+  import_tasks: scripts-first-start.yml
+
+- name: IPv6 disable
+  import_tasks: ipv6-disable.yml
+
+- name: OS basic config
+  import_tasks: os-config.yml
+
+- name: Add admins users
+  import_tasks: add-users-admins.yml
+
+- name: Install basic pkg
+  import_tasks: pkg-install.yml

ansible/roles/os-linux-prep-templ/tasks/os-config.yml

@@ -0,0 +1,50 @@
+---
+
+- name: Change default for add user create params perm 755 to 700 (Debian 12)
+  block:
+    - name: Edit options in /etc/login.defs (Debian 12)
+      lineinfile:
+        regexp: "(^#HOME_MODE)|(^HOME_MODE)"
+        path: /etc/login.defs
+        line: "HOME_MODE 0700"
+  when: (ansible_os_family == "Debian" and ansible_distribution_major_version == "12") or ( ansible_distribution == "Ubuntu" and ansible_distribution_major_version == "24")
+
+
+- name: Make dir for mc in /etc/skel dir
+  file:
+    path: "{{ item }}"
+    state: directory
+    owner: root
+    group: root
+    mode: '0700'
+  loop:
+    - /etc/skel/.config/mc
+    - /root/.config/mc
+
+- name: Copy default files for skeleton
+  copy:
+    src: "files/{{ item }}"
+    dest: "/etc/skel/{{ item }}"
+  loop:
+    - .bashrc
+    - .config/mc/ini
+    - .config/mc/panels.ini
+
+- name: Copy default config file for root
+  copy:
+    src: "files/{{ item }}"
+    dest: "/root/{{ item }}"
+  loop:
+    - .bashrc
+    - .config/mc/ini
+    - .config/mc/panels.ini
+
+- name: Make welcome massage
+  copy:
+    dest: /etc/update-motd.d/99-custom
+    mode: '0755'
+    content: |
+      #!/bin/bash
+      #
+      echo; hostname -f | sed 's/.*/\U&/' | sed 's/^/=> /' | sed 's/$/ <=/' | toilet -f term -F border --gay
+

ansible/roles/os-linux-prep-templ/tasks/ping.yml

@@ -0,0 +1,8 @@
+---
+
+- name: Prepare default config for OS type of Debian
+  block:
+    - name: Debug
+      debug:
+        msg: '{{ role_path }}'
+  when: ansible_os_family == "Debian"

ansible/roles/os-linux-prep-templ/tasks/pkg-install.yml

@@ -0,0 +1,25 @@
+---
+
+- include_vars: os-pkg-list.yml
+
+- name: Install of packages for Debian
+  block:
+  - name: Install from list of packages for Debian
+    apt:
+      state: latest
+      pkg: "{{ debian_install_pkg_list }}"
+  - name: Run "apt-get clean" for Debian
+    apt:
+      clean: yes
+  when: ansible_distribution == "Debian"
+
+- name: Install of packages for Ubuntu
+  block:
+  - name: Install from list of packages for Ubuntu
+    apt:
+      state: latest
+      pkg: "{{ ubuntu_install_pkg_list }}"
+  - name: Run "apt-get clean" for Ubuntu
+    apt:
+      clean: yes
+  when: ansible_distribution == "Ubuntu"

ansible/roles/os-linux-prep-templ/tasks/scripts-first-start.yml

@@ -0,0 +1,40 @@
+---
+
+- name: Prepare scripts for custom VMs (First start)
+  block:
+  - name: Copy files to remote system Debian
+    copy:
+      src: files/first_start_debian.sh
+      dest: /root/first_start.sh
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Edit /etc/rc.local
+    lineinfile:
+      path: /etc/rc.local
+      regexp: '^(exit 0.*)$'
+      line: |
+        chmod 755 /root/first_start.sh |  sed 's/^chmod 755 \/root\/first_start.sh.*/\/root\/first_start.sh \&/' -i /etc/rc.local &
+        exit 0
+
+  when: ansible_distribution == "Debian"
+
+
+- name: Prepare scripts for custom VMs (First start)
+  block:
+  - name: Copy files to remote system Ubuntu
+    copy:
+      src: files/first_start_ubuntu.sh
+      dest: /root/first_start.sh
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Edit /etc/rc.local
+    lineinfile:
+      path: /etc/rc.local
+      regexp: '^(exit 0.*)$'
+      line: |
+        chmod 755 /root/first_start.sh |  sed 's/^chmod 755 \/root\/first_start.sh.*/\/root\/first_start.sh \&/' -i /etc/rc.local &
+        exit 0
+
+  when: ansible_distribution == "Ubuntu"