Add support for tags

group_vars/all.yml

@@ -56,6 +56,10 @@ repos:
         origin: "deb.debian.org"
         release_name: "sid"
         pin_priority: 120
+      - package: '/^dracut-?.*/'
+        origin: "deb.debian.org"
+        release_name: "sid"
+        pin_priority: 500
   - repo: "deb http://deb.debian.org/debian experimental main contrib non-free"
     filename: "experimental"
     preferences:

inventory/dezentrale.yml

@@ -1,7 +1,6 @@
 all:
   vars:
       ansible_nopasswd: true
-      use_apt_cache_for_server: true
       # interface for a internet connection
       wan_interface: "{{ ansible_default_ipv4.interface }}"
       # ip of the server of the installer network
@@ -13,17 +12,7 @@ all:
 
   hosts:
     hw4f-fai:
-      # interface to the clients to install
+      # interface to install the clients
       dhcp_interface: ens19
       # customized server name
       server_name: "hw4f-fai"
-      # ip of the server of the installer network
-    hw4f-fai-vagrant:
-      ansible_host: "192.168.33.9"
-      #ansible_connection: "local"
-      #python_interpreter: "/usr/bin/python3"
-      # interface to the clients to install
-      dhcp_interface: eth1
-      # customized server name
-      server_name: "hw4f-fai-vagrant"
-    #localhost:

inventory/local.yml

@@ -0,0 +1,23 @@
+all:
+  vars:
+      ansible_nopasswd: true
+      # interface for a internet connection
+      wan_interface: "{{ ansible_default_ipv4.interface }}"
+      # ip of the server of the installer network
+      server_ip: "192.168.33.8/24"
+      routers:
+        - "192.168.33.1"
+      #nameservers:
+      fai_config_git: "https://git.dezentrale.cloud/HW4F/fai-config.git"
+
+  hosts:
+    hw4f-fai-vagrant:
+      ansible_host: "192.168.33.9"
+      #ansible_connection: "local"
+      #python_interpreter: "/usr/bin/python3"
+      # interface to install the clients
+      dhcp_interface: eth1
+      # customized server name
+      server_name: "hw4f-fai-vagrant"
+    #localhost:
+

roles/fai/defaults/main.yml

@@ -20,7 +20,7 @@ timeservers:
 ntpservers:
   - "{{ server_address }}"
 apt_cacher_offline_mode: false
-use_apt_cache_for_server: false
+use_apt_cache_for_server: true
 
 fai_etc_dir: "/etc/fai"
 fai_dir: "/srv/fai"
@@ -30,9 +30,11 @@ fai_dir_nfsroot_boot: "{{ fai_dir_nfsroot }}/boot"
 fai_config_archive: "config.tar"
 fai_squashfs_file: "squash.img"
 fai_squashfs_path: "{{ fai_dir_download + '/' + fai_squashfs_file }}"
-#fai_loguser: "fai"
+fai_loguser:
 fai_menu_default: 'HW4F Desktop Jammy'
+fai_nfsroot_force_rebuild: false
 
+fai_hw4f_password_salt: "toXu6kiez1haetan"
 fai_hw4f_rootpw_fai: "fai"
 fai_hw4f_profile_username: "user"
 fai_hw4f_profile_password: "dezentrale"

roles/fai/handlers/main.yml

@@ -70,3 +70,8 @@
     name: unbound
     state: reloaded
   listen: reload unbound
+
+- name: "Force rebuild nfsroot"
+  ansible.builtin.set_fact:
+    fai_nfsroot_force_rebuild: true
+

roles/fai/meta/main.yml

@@ -1,22 +1,19 @@
+---
 galaxy_info:
   author: Alexander Böhm
   description: FAI server for Hardware For Future
   company: Hardware For Future
-
   # issue_tracker_url: http://example.com/issue/tracker
-
   license: MIT
-
   min_ansible_version: 2.9
-
   platforms:
-  - name: Debian
-    versions:
-      - 10
-
+    - name: Debian
+      versions:
+        - 10
+        - 11
+        - 12
   galaxy_tags:
     - hw4f
-
 collections:
   - ansible.posix
 

roles/fai/tasks/apt-cacher-ng.yml

@@ -61,7 +61,7 @@
 - name: "Set apt cache also for installer host"
   become: true
   ansible.builtin.copy:
-    dest: "/etc/apt/apt.conf.d/00proxy"
+    dest: "/etc/apt/apt.conf.d/02proxy"
     content: |
       Acquire::http::Proxy "http://localhost:3142";
     owner: root

roles/fai/tasks/fai-config-dir.yml

@@ -8,19 +8,6 @@
     group: root
     mode: '0755'
 
-- name: "Copy fai profiles to '{{ fai_dir_config }}'"
-  become: true
-  ansible.builtin.copy:
-    src: "profiles/"
-    dest: "{{ fai_dir_config }}"
-    owner: root
-    group: root
-    mode: '0755'
-    force: true
-    #recursive: true
-  notify: pack fai-config
-  when: false
-
 - name: "Git checkout fai-config to '{{ fai_dir_config }}'"
   become: true
   ansible.builtin.git:
@@ -40,6 +27,90 @@
     mode: '0755'
     #recursive: true
 
+- name: "Set APT proxy"
+  become: true
+  ansible.builtin.template:
+    src: "etc/apt/apt.conf.d/02proxy.j2"
+    dest: "{{ fai_dir_config }}/files/etc/apt/apt.conf.d/02proxy/HW4F_DESKTOP"
+    owner: root
+    group: root
+    mode: '0644'
+  notify: pack fai-config
+  when: false
+
+- name: "Set default menu entry to profile"
+  become: true
+  ansible.builtin.copy:
+    content: |
+      Default: {{ fai_menu_default }}
+    dest: "{{ fai_dir_config + '/class/zz_menu_default.profile' }}"
+    owner: root
+    group: root
+    mode: '0644'
+  when:
+    - fai_menu_default is defined
+    - fai_menu_default is not none
+
+- name: "Create class specific directories"
+  become: true
+  vars:
+    paths:
+      - "scripts/HW4F_DESKTOP"
+      - "scripts/HW4F_DESKTOP_LAST"
+  ansible.builtin.file:
+    dest: "{{ fai_dir_config + '/' + item }}"
+    state: directory
+    owner: root
+    group: root
+    mode: '0755'
+  loop: "{{ paths }}"
+  notify: pack fai-config
+
+- name: "Define files in '{{ fai_dir_config }}'"
+  become: true
+  vars:
+    scripts:
+      - src: "class/HW4F_DESKTOP.var.j2"
+        dest: "class/HW4F_DESKTOP.var"
+        mode: '0644'
+      - src: "scripts/00-remove-proxy.j2"
+        dest: "scripts/HW4F_DESKTOP_LAST/00-remove-proxy"
+        mode: "0755"
+  ansible.builtin.template:
+    src: "srv/fai/config/{{ item.src }}"
+    dest: "{{ fai_dir_config + '/' + item.dest }}"
+    owner: root
+    group: root
+    mode: "{{ item.mode }}"
+  notify: pack fai-config
+  loop: "{{ scripts }}"
+
+- name: "Define files in '{{ fai_dir_config }}' without templating"
+  become: true
+  vars:
+    scripts:
+      - src: "scripts/04-snaps"
+        dest: "scripts/HW4F_DESKTOP/04-snaps"
+        mode: '0755'
+        ### TRICK COPY TO FIND THE "FILE"
+        ### IN THE DIRECTORY "templates" NOT IN "files"
+        search_prefix: "templates/"
+      - src: "scripts/91-misc"
+        dest: "scripts/HW4F_DESKTOP/91-misc"
+        mode: '0755'
+        ### TRICK COPY TO FIND THE "FILE"
+        ### IN THE DIRECTORY "templates" NOT IN "files"
+        search_prefix: "templates/"
+  ansible.builtin.copy:
+    src: "{{ item.search_prefix | default('') +
+      'srv/fai/config/' + item.src }}"
+    dest: "{{ fai_dir_config + '/' + item.dest }}"
+    owner: root
+    group: root
+    mode: "{{ item.mode }}"
+  notify: pack fai-config
+  loop: "{{ scripts }}"
+
 - name: "Define FAI classes for BASEFILES"
   become: true
   ansible.builtin.template:
@@ -55,37 +126,3 @@
     - basefile: "FOCAL64"
       dist: "focal"
       mirror_url: "{{ ubuntu_mirror_url }}"
-
-- name: "Set APT proxy"
-  become: true
-  ansible.builtin.template:
-    src: "etc/apt/apt.conf.d/02proxy.j2"
-    dest: "{{ fai_dir_config }}/files/etc/apt/apt.conf.d/02proxy/HW4F_DESKTOP"
-    owner: root
-    group: root
-    mode: '0644'
-  notify: pack fai-config
-  when: false
-
-- name: "Define fai CLASS 'HW4F_DESKTOP'"
-  become: true
-  ansible.builtin.template:
-    src: "srv/fai/config/class/HW4F_DESKTOP.var"
-    dest: "{{ fai_dir_config }}/class/HW4F_DESKTOP.var"
-    owner: root
-    group: root
-    mode: '0644'
-  notify: pack fai-config
-
-- name: "Set default menu entry to profile"
-  become: true
-  ansible.builtin.copy:
-    content: |
-      Default: {{ fai_menu_default }}
-    dest: "{{ fai_dir_config + '/class/zz_menu_default.profile' }}"
-    owner: root
-    group: root
-    mode: '0644'
-  when:
-    - fai_menu_default is defined
-    - fai_menu_default is not none

roles/fai/tasks/fai-etc-dir.yml

@@ -7,24 +7,43 @@
     mode: '0644'
     owner: root
     group: root
+  notify:
+    - Force rebuild nfsroot
   tags:
     - fai_conf
 
 ### "/etc/fai/apt" GETS COPIED TO NFSROOT BY "fai-make-nfsroot"
+
+- name: "Create apt configuration directories for nfsroot"
+  become: true
+  vars:
+    paths:
+      - "{{ fai_etc_dir }}/apt/sources.list.d"
+      - "{{ fai_etc_dir }}/apt/preferences.d"
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    owner: root
+    group: root
+    mode: '0755'
+  loop: "{{ paths }}"
+
 - name: "Copy hosts '{{ src }}' to nfsroot"
   become: true
   vars:
-    src: "/etc/apt/sources.list.d"
-    dest: "/etc/fai/apt/sources.list.d"
+    src: "/etc/apt/sources.list.d/"
+    dest: "{{ fai_etc_dir }}/apt/sources.list.d"
   ansible.builtin.copy:
     remote_src: true
-    recursive: true
     src: "{{ src }}"
     dest: "{{ dest }}"
     owner: root
     group: root
+    mode: '0755'
   when:
     - debian_release_fai == debian_release_nfsroot
+  notify:
+    - Force rebuild nfsroot
   tags:
     - fai_nfsroot_sources_list
 
@@ -32,14 +51,16 @@
   become: true
   vars:
     paths:
-      - "/etc/fai/apt/sources.list"
-      - "/etc/fai/apt/sources.list~"
+      - "{{ fai_etc_dir }}/apt/sources.list"
+      - "{{ fai_etc_dir }}/apt/sources.list~"
   ansible.builtin.file:
     path: "{{ item }}"
     state: absent
   loop: "{{ paths }}"
   when:
     - debian_release_fai == debian_release_nfsroot
+  notify:
+    - Force rebuild nfsroot
 
 - name: "Set repositories for nfsroot in '{{ dest }}'"
   become: true
@@ -54,6 +75,8 @@
     group: root
   when:
     - debian_release_fai != debian_release_nfsroot
+  notify:
+    - Force rebuild nfsroot
   tags:
     - fai_nfsroot_sources_list
 
@@ -68,6 +91,8 @@
   loop:
     - "{{ fai_etc_dir }}/apt"
     - "{{ fai_etc_dir }}/apt/preferences.d"
+  notify:
+    - Force rebuild nfsroot
 
 - name: "Set apt preferences for nfsroot in '{{ dest }}'"
   become: true
@@ -79,6 +104,10 @@
     owner: root
     group: root
     mode: "0644"
+  when:
+    - debian_release_fai == debian_release_nfsroot
+  notify:
+    - Force rebuild nfsroot
   tags:
     - fai_nfsroot_apt_preferences
 
@@ -94,6 +123,31 @@
     group: root
   tags:
     - fai_nfsroot_apt_preferences
+  notify:
+    - Force rebuild nfsroot
   when:
-    - falsen
+    - debian_release_fai != debian_release_nfsroot
+
+- name: "Create configuration for nfsroot"
+  become: true
+  ansible.builtin.template:
+    src: "etc/fai/nfsroot.conf.j2"
+    dest: "{{ fai_etc_dir }}/nfsroot.conf"
+    owner: root
+    group: root
+    mode: '0644'
+  notify:
+    - Force rebuild nfsroot
+
+- name: "Create package_config for nfsroot"
+  become: true
+  ansible.builtin.template:
+    src: "etc/fai/NFSROOT.j2"
+    dest: "{{ fai_etc_dir }}/NFSROOT"
+    owner: root
+    group: root
+    mode: '0644'
+  register: "etc_fai_NFSROOT"
+  notify:
+    - Force rebuild nfsroot
 

roles/fai/tasks/fai-nfsroot.yml

@@ -1,21 +1,11 @@
 ---
-- name: "Create configuration for nfsroot"
+- name: "Delete nfsroot '{{ fai_dir_nfsroot }}' to force rebuilt"
   become: true
-  ansible.builtin.template:
-    src: "etc/fai/nfsroot.conf.j2"
-    dest: "{{ fai_etc_dir }}/nfsroot.conf"
-    owner: root
-    group: root
-    mode: '0644'
-
-- name: "Create package_config for nfsroot"
-  become: true
-  ansible.builtin.template:
-    src: "etc/fai/NFSROOT.j2"
-    dest: "{{ fai_etc_dir }}/NFSROOT"
-    owner: root
-    group: root
-    mode: '0644'
+  ansible.builtin.file:
+    path: "{{ fai_dir_nfsroot }}"
+    state: absent
+  when:
+    - fai_nfsroot_force_rebuild
 
 - name: "Test if nfsroot dir '{{ fai_dir_nfsroot }}' already exists"
   become: true
@@ -45,7 +35,7 @@
     - "FOCAL64"
     - "JAMMY64"
   tags:
-    - unbound_configure
+    - basefiles
 
 - name: "Allow '{{ fai_loguser }}' to write to '{{ tftp_dir }}' to ship logs"
   become: true

roles/fai/tasks/main.yml

@@ -20,111 +20,92 @@
     - debug_hostvars
 
 - name: "Configure operating system"
-  include_tasks:
-    file: os.yml
-    apply:
-      tags:
-        - os
-        - ansible_nopasswd
+  import_tasks: os.yml
+  tags:
+    - os
+    - ansible_nopasswd
 
 - name: "Configure networking"
-  include_tasks:
-    file: network.yml
-    apply:
-      tags:
-        - network
+  import_tasks: network.yml
+  tags:
+    - network
 
 - name: "Configure package management"
-  include_tasks:
-    file: package_mgmt.yml
-    apply:
-      tags:
-        - package_mgmt.yml
+  import_tasks: package_mgmt.yml
+  tags:
+    - package_mgmt
+
+- name: "Configure zsh"
+  import_tasks: zsh.yml
+  tags:
+    - zsh
 
 - name: "Setup apt proxy cache"
-  include_tasks:
-    file: apt-cacher-ng.yml
-    apply:
-      tags:
-        - apt-cacher-ng.yml
+  import_tasks: apt-cacher-ng.yml
+  tags:
+    - apt-cacher-ng
 
 - name: "Configure a time server"
-  include_tasks:
-    file: time-server.yml
-    apply:
-      tags:
-        - time-server.yml
+  import_tasks: time-server.yml
+  tags:
+    - time-server
 
 - name: "Configure the web server"
-  include_tasks:
-    file: nginx.yml
-    apply:
-      tags:
-        - nginx
+  import_tasks: nginx.yml
+  tags:
+    - nginx
 
 - name: "Configure the tftp server"
-  include_tasks:
-    file: tftpd-hpa.yml
-    apply:
-      tags:
-        - tftpd-hpa.yml
+  import_tasks: tftpd-hpa.yml
+  tags:
+    - tftpd-hpa
 
 - name: "Configure dns server"
-  include_tasks:
-    file: unbound.yml
-    apply:
-      tags:
-        - unbound
+  import_tasks: unbound.yml
+  tags:
+    - unbound
 
 - name: "Configure dhcp"
-  include_tasks:
-    file: isc-dhcp-server.yml
-    apply:
-      tags:
-        - dhcp
+  import_tasks: isc-dhcp-server.yml
+  tags:
+    - dhcp
+    - isc-dhcp-server
 
 ### RUN ALL SO FAR NOTIFIED HANDLERS NOW
 - name: "######## Flush handlers ########"
   ansible.builtin.meta: flush_handlers
 
 - name: "Prepare FAI"
-  include_tasks:
-    file: fai-prepare.yml
-    apply:
-      tags:
-        - fai_prepare
+  import_tasks: fai-prepare.yml
+  tags:
+    - fai_prepare
 
-- name: "Configure FAI"
-  include_tasks:
-    file: fai-configure.yml
-    apply:
-      tags:
-        - fai_configure
+- name: "Configure '{{ fai_dir_etc }}'"
+  import_tasks: fai-etc-dir.yml
+  tags:
+    - fai_etc_dir
+    - fai_nfsroot
 
-- name: "Transfer FAI profiles"
-  include_tasks:
-    file: fai-profiles.yml
-    apply:
-      tags:
-        - fai_profiles
+- name: "Configure '{{ fai_dir_config }}'"
+  import_tasks: fai-config-dir.yml
+  tags:
+    - fai_config_dir
+
+### RUN ALL SO FAR NOTIFIED HANDLERS NOW
+- name: "######## Flush handlers ########"
+  ansible.builtin.meta: flush_handlers
 
 - name: "Create FAI nfsroot"
-  include_tasks:
-    file: fai-nfsroot.yml
-    apply:
-      tags:
-        - fai_nfsroot
+  import_tasks: fai-nfsroot.yml
+  tags:
+    - fai_nfsroot
 
 - name: "Configure FAI PXE"
-  include_tasks:
-    file: fai-pxe.yml
-    apply:
-      tags:
-        - fai_pxe
+  import_tasks: fai-pxe.yml
+  tags:
+    - fai_pxe
 
 - name: "Configure FAI iPXE"
-  include_tasks:
-    file: fai-ipxe.yml
-    apply:
-      tags:
-        - fai_ipxe
+  import_tasks: fai-ipxe.yml
+  tags:
+    - fai_ipxe

roles/fai/tasks/unbound.yml

@@ -1,5 +1,5 @@
 - name: "Ensure systemd-resolved is stopped and disabled"
-  ansible.buildin.service:
+  ansible.builtin.service:
     name: systemd-resolved
     enabled: false
     state: stopped

roles/fai/tasks/zsh.yml

@@ -0,0 +1,120 @@
+### ZSH
+- name: "zsh - grml-config"
+  become: true
+  ansible.builtin.git:
+    repo: 'git://git.grml.org/grml-etc-core.git'
+    dest: "/opt/grml-etc-core"
+    version: HEAD
+  tags:
+    - grml
+    - zsh
+    - zshrc
+
+- name: "zsh - stat '/etc/zsh'"
+  ansible.builtin.stat:
+    path: "/etc/zsh"
+  register: etc_zsh
+  tags:
+    - grml
+    - zsh
+    - zshrc
+
+- name: "zsh - debug variable 'etc_zsh'"
+  ansible.builtin.debug:
+    var: etc_zsh
+    verbosity: 2
+  when:
+    - etc_zsh.stat.exists
+  tags:
+    - debug
+    - grml
+    - zsh
+    - zshrc
+
+- name: "zsh - debug path '/etc/zsh' and path type"
+  ansible.builtin.debug:
+    msg: >
+      "zsh - path '/etc/zsh' exists"
+      "and the chack for symlink is {{ etc_zsh.stat.islnk }}"
+    verbosity: 2
+  when:
+    - etc_zsh.stat.islnk is defined
+  tags:
+    - debug
+    - grml
+    - zsh
+    - zshrc
+
+- name: "zsh - move '/etc/zsh' to '/etc/zsh.dist'"
+  become: true
+  ansible.builtin.command: >
+    mv -v "/etc/zsh" "/etc/zsh.dist"
+  when:
+    - etc_zsh.stat.islnk is defined
+    - not etc_zsh.stat.islnk
+  register: etc_zsh_mv
+  tags:
+    - grml
+    - zsh
+    - zshrc
+
+- name: "zsh - debug variable 'etc_zsh_mv'"
+  ansible.builtin.debug:
+    var: etc_zsh_mv
+    verbosity: 2
+  when:
+    - etc_zsh_mv.changed
+
+- name: "zsh - sym-link '/etc/zsh' to '/opt/grml-etc-core/etc/zsh'"
+  become: true
+  ansible.builtin.file:
+    src: "/opt/grml-etc-core/etc/zsh"
+    path: "/etc/zsh"
+    state: link
+    owner: root
+    group: root
+  when:
+    - etc_zsh_mv.changed
+    - etc_zsh_mv.failed is defined
+    - not etc_zsh_mv.failed
+  tags:
+    - grml
+    - zsh
+    - zshrc
+
+- name: "zsh - stat '/etc/zsh'"
+  ansible.builtin.stat:
+    path: "/etc/zsh"
+  register: etc_zsh
+  when:
+  tags:
+    - grml
+    - zsh
+    - zshrc
+
+- name: "Show variable 'etc_zsh'"
+  ansible.builtin.debug:
+    var: etc_zsh
+    verbosity: 2
+  when:
+    - etc_zsh.stat.exists
+  tags:
+    - grml
+    - zsh
+    - zshrc
+
+- name: "zsh - make zsh default shell for selected users"
+  become: true
+  ansible.builtin.user:
+    name: "{{ item }}"
+    shell: "/bin/zsh"
+  loop:
+    - rockstable
+  when:
+    - etc_zsh.stat.exists is defined
+    - etc_zsh.stat.exists
+  tags:
+    - grml
+    - zsh
+    - zshrc
+

roles/fai/templates/etc/fai/fai.conf.j2

@@ -49,11 +49,15 @@
 # For example, you can use write permissions for the group linuxadm.
 # chgrp linuxadm /srv/tftp/fai;chmod g+w /srv/tftp/fai.
 # If the variable is undefined, this feature is disabled.
-{% if fai_loguser is defined %}
-LOGUSER={{ fai_loguser }}
-{% else %}
+{% if fai_loguser is defined and
+      fai_loguser is none %}
 ### DISABLE LOG UPLOAD
 LOGUSER=
+{% elif fai_loguser is defined and
+      fai_loguser is not none %}
+LOGUSER={{ fai_loguser }}
+{% else %}
+#LOGUSER=
 {% endif %}
 
 # Protocol for saving logs

roles/fai/templates/etc/fai/nfsroot.conf.j2

@@ -7,7 +7,7 @@
 # Example:
 # FAI_DEBOOTSTRAP="bullseye http://deb.debian.org/debian"
 FAI_DEBOOTSTRAP="{{ debian_release_nfsroot +
-	'http://' + server_name + ':3142/debian' }}"
+	' http://' + server_name + ':3142/debian' }}"
 
 # Options that will be passed to debootstrap(8).
 # Used for excluding packages and for specifying a different architecture.
@@ -24,8 +24,8 @@ FAI_DEBOOTSTRAP_OPTS="--exclude=wget"
 # 
 # echo "yoursecrectpassword" | mkpasswd -m md5 -s
 
-FAI_ROOTPW="{{ fai_hw4f_rootpw_fai | password_hash("sha512") }}"
-#FAI_ROOTPW='$y$j9T$9Gpl96oNFKz9us5aM5iCb.$v/JHwnHRfaxMCPK/nsxu.DAmoGB1hlgRQBDIxTeMd9/'
+FAI_ROOTPW="{{ fai_hw4f_rootpw_fai
+        | password_hash("sha512", fai_hw4f_password_salt ) }}"
 
 # Directory on the install server where the nfsroot is created.
 NFSROOT="{{ fai_dir_nfsroot }}"

roles/fai/templates/srv/fai/config/class/HW4F_DESKTOP.var

@@ -1,23 +0,0 @@
-### CONFIGURE TIME
-UTC=yes
-TIMEZONE=Europe/Berlin
-
-### INSTALL PARAMETERS
-STOP_ON_ERROR=700
-MAXPACKAGES=800
-
-HOSTNAME="user-pc"
-KEYMAP=de-latin1-nodeadkeys
-
-
-ROOTPW='{{ fai_hw4f_profile_password |password_hash("sha512") }}'
-
-# START USER AND PASSWORD
-username={{ fai_hw4f_profile_username }}
-USERPW='{{ fai_hw4f_profile_password |password_hash("sha512") }}'
-
-SUPRESS_GNOME_INITIAL_SCREEN=1
-
-FAI_ALLOW_UNSIGNED=0
-APTPROXY=http://{{ server_name }}:3142
-

roles/fai/templates/srv/fai/config/class/HW4F_DESKTOP.var.j2

@@ -0,0 +1,36 @@
+### CONFIGURE TIME
+UTC=yes
+TIMEZONE=Europe/Berlin
+
+### INSTALL PARAMETERS
+STOP_ON_ERROR=700
+MAXPACKAGES=800
+
+HOSTNAME="user-pc"
+KEYMAP=de-latin1-nodeadkeys
+
+
+ROOTPW='{{ fai_hw4f_profile_password 
+        | password_hash("sha512", fai_hw4f_password_salt ) }}'
+
+# START USER AND PASSWORD
+username={{ fai_hw4f_profile_username }}
+USERPW='{{ fai_hw4f_profile_password
+        | password_hash("sha512", fai_hw4f_password_salt ) }}'
+
+SUPRESS_GNOME_INITIAL_SCREEN=1
+
+FAI_ALLOW_UNSIGNED=0
+APTPROXY=http://{{ server_name }}:3142
+
+### CONFIGURE LOG UPLOAD
+{% if fai_loguser is defined and
+      fai_loguser is none %}
+### DISABLE LOG UPLOAD
+LOGUSER=
+{% elif fai_loguser is defined and
+      fai_loguser is not none %}
+LOGUSER={{ fai_loguser }}
+{% else %}
+#LOGUSER=
+{% endif %}

roles/fai/templates/srv/fai/config/scripts/00-remove-proxy.j2

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+[ -f $target/etc/apt/apt.conf.d/02proxy ] && \
+        rm $target/etc/apt/apt.conf.d/02proxy
+

roles/fai/templates/srv/fai/config/scripts/04-snaps

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+if [ "${#SNAPS[*]}" -eq 0 ]; then
+        SNAPS=( firefox )
+fi
+
+function package_exists() {
+        return dpkg -l "$1" &> /dev/null
+}
+
+for SNAP in $SNAPS; do
+        if ! package_exists "snapd"; then
+                snap install "$SNAP"
+        fi
+done

roles/fai/templates/srv/fai/config/scripts/91-misc

@@ -0,0 +1,7 @@
+#! /bin/bash
+
+# disable the first login screen
+$ROOTCMD dpkg-divert --local --rename --add /etc/xdg/autostart/gnome-initial-setup-first-login.desktop
+$ROOTCMD dpkg-divert --local --rename --add /etc/xdg/autostart/gnome-initial-setup-copy-worker.desktop
+$ROOTCMD deluser --system gnome-initial-setup
+$ROOTCMD dpkg-reconfigure keyboard-configuration