From a1e191bf6181253a3239e67a911e6aa5763634c0 Mon Sep 17 00:00:00 2001 From: Nicky Gerritsen Date: Mon, 1 Dec 2025 17:47:08 +0100 Subject: [PATCH] Make Ansible work with recent ICPC images, i.e. Ubuntu 24.04 based ones --- provision-contest/ansible/Makefile | 2 +- provision-contest/ansible/domserver.yml | 2 +- .../files/{htop.desktop => btop.desktop} | 2 +- .../roles/base_packages/defaults/main.yml | 8 ++ .../roles/base_packages/tasks/main.yml | 6 ++ .../roles/domjudge_user/handlers/main.yml | 6 ++ .../roles/domjudge_user/tasks/main.yml | 79 ++++++++++++++++++- .../domlogo/templates/domlogo.service.j2 | 2 +- .../ansible/roles/judgedaemon/tasks/main.yml | 34 +++++++- 9 files changed, 131 insertions(+), 10 deletions(-) rename provision-contest/ansible/files/{htop.desktop => btop.desktop} (89%) diff --git a/provision-contest/ansible/Makefile b/provision-contest/ansible/Makefile index 06f39de7..a6172930 100644 --- a/provision-contest/ansible/Makefile +++ b/provision-contest/ansible/Makefile @@ -33,7 +33,7 @@ $(VENDOR): $(VENDORTGZ) endif ROLES=domserver judgehost admin grafana cds presclient presadmin scoreboard mgmt autoanalyst -$(ROLES): %: %.yml hosts group_vars/all/secret.yml $(VENDOR) $(SSHKEY) $(SSHKEY).pub +$(ROLES): %: %.yml hosts group_vars/onprem/secret.yml $(VENDOR) $(SSHKEY) $(SSHKEY).pub ansible-playbook -i hosts $< FAILED_ROLES=$(addprefix failed-,$(ROLES)) diff --git a/provision-contest/ansible/domserver.yml b/provision-contest/ansible/domserver.yml index c688690c..bcf322e5 100644 --- a/provision-contest/ansible/domserver.yml +++ b/provision-contest/ansible/domserver.yml @@ -121,7 +121,7 @@ group: domjudge mode: 0755 loop: - - htop + - btop - taillog-domserver-nginx-error when: GRAPHICAL diff --git a/provision-contest/ansible/files/htop.desktop b/provision-contest/ansible/files/btop.desktop similarity index 89% rename from provision-contest/ansible/files/htop.desktop rename to provision-contest/ansible/files/btop.desktop index 993e64a1..4a7850c0 100644 --- a/provision-contest/ansible/files/htop.desktop +++ b/provision-contest/ansible/files/btop.desktop @@ -1,4 +1,4 @@ [Desktop Entry] Name=htop Type=Application -Exec=gnome-terminal --window --geometry 150x18+0+0 -e 'bash -c "sudo htop"' +Exec=gnome-terminal --window --geometry 150x18+0+0 -e 'bash -c "sudo btop"' diff --git a/provision-contest/ansible/roles/base_packages/defaults/main.yml b/provision-contest/ansible/roles/base_packages/defaults/main.yml index 6a552323..17cf4ce2 100644 --- a/provision-contest/ansible/roles/base_packages/defaults/main.yml +++ b/provision-contest/ansible/roles/base_packages/defaults/main.yml @@ -3,6 +3,7 @@ REMOVED_PACKAGES: - ntp INSTALLED_PACKAGES: + - yarnpkg - ack - acl - apache2-utils @@ -24,6 +25,7 @@ INSTALLED_PACKAGES: - git-gui - gitk - htop + - btop - httpie - jq - latexmk @@ -53,3 +55,9 @@ INSTALLED_PACKAGES: - tree - unzip - zip + +GRAPHICAL_INSTALLED_PACKAGES: + - dconf-cli + - python3-psutil + - gnome-terminal + - fonts-noto-color-emoji diff --git a/provision-contest/ansible/roles/base_packages/tasks/main.yml b/provision-contest/ansible/roles/base_packages/tasks/main.yml index de4b0175..f3432781 100644 --- a/provision-contest/ansible/roles/base_packages/tasks/main.yml +++ b/provision-contest/ansible/roles/base_packages/tasks/main.yml @@ -57,6 +57,12 @@ state: present pkg: "{{ INSTALLED_PACKAGES }}" +- name: Install common required/useful graphical packages + apt: + state: present + pkg: "{{ GRAPHICAL_INSTALLED_PACKAGES }}" + when: GRAPHICAL + - name: Install local DEB packages include_tasks: install-local-package.yml with_fileglob: diff --git a/provision-contest/ansible/roles/domjudge_user/handlers/main.yml b/provision-contest/ansible/roles/domjudge_user/handlers/main.yml index d1c7e282..2dfa8db8 100644 --- a/provision-contest/ansible/roles/domjudge_user/handlers/main.yml +++ b/provision-contest/ansible/roles/domjudge_user/handlers/main.yml @@ -4,3 +4,9 @@ name: gdm3 enabled: true state: restarted + +- name: Restart lightdm + service: + name: lightdm + enabled: true + state: restarted diff --git a/provision-contest/ansible/roles/domjudge_user/tasks/main.yml b/provision-contest/ansible/roles/domjudge_user/tasks/main.yml index 53c86d76..eff661c3 100644 --- a/provision-contest/ansible/roles/domjudge_user/tasks/main.yml +++ b/provision-contest/ansible/roles/domjudge_user/tasks/main.yml @@ -22,7 +22,13 @@ loop_control: loop_var: user_item +- name: Detect display manager + shell: basename $(cat /etc/X11/default-display-manager 2>/dev/null || systemctl get-default 2>/dev/null | grep -oP '^\w+-dm' || echo "unknown") + register: detected_dm + changed_when: false + - name: Setup autologin on desktop installs + when: GRAPHICAL block: - name: Enable GDM autologin lineinfile: @@ -32,13 +38,26 @@ create: true mode: 0644 notify: Restart gdm + when: detected_dm.stdout == 'gdm3' or detected_dm.stdout == 'gdm' - - name: Automatically login domjudge user + - name: Automatically login domjudge user (GDM) lineinfile: path: /etc/gdm3/custom.conf regexp: 'AutomaticLogin\s*=' line: 'AutomaticLogin=domjudge' notify: Restart gdm + when: detected_dm.stdout == 'gdm3' or detected_dm.stdout == 'gdm' + + - name: Enable LightDM autologin + lineinfile: + path: /etc/lightdm/lightdm.conf + regexp: 'autologin-user=' + line: 'autologin-user=domjudge' + insertafter: '\[Seat:\*\]' + create: true + mode: 0644 + notify: Restart lightdm + when: detected_dm.stdout == 'lightdm' - name: Make sure autostart directory exists file: @@ -47,4 +66,60 @@ owner: domjudge group: domjudge mode: 0755 - when: GRAPHICAL + + - name: Get default GNOME Terminal profile + command: dconf read /org/gnome/terminal/legacy/profiles:/default + register: terminal_profile + changed_when: false + become: true + become_user: domjudge + + - name: Get default GNOME Terminal profile + command: dconf read /org/gnome/terminal/legacy/profiles:/default + register: terminal_profile + changed_when: false + failed_when: false + become: true + become_user: domjudge + + - name: Generate profile UUID + set_fact: + profile_uuid: "{{ 'domjudge-terminal' | to_uuid }}" + when: terminal_profile.stdout == '' + + - name: Use existing profile UUID + set_fact: + profile_uuid: "{{ terminal_profile.stdout | replace(\"'\", '') }}" + when: terminal_profile.stdout != '' + + - name: Set default profile + community.general.dconf: + key: /org/gnome/terminal/legacy/profiles:/default + value: "'{{ profile_uuid }}'" + become: true + become_user: domjudge + when: terminal_profile.stdout == '' + + - name: Add profile to list + community.general.dconf: + key: /org/gnome/terminal/legacy/profiles:/list + value: "['{{ profile_uuid }}']" + become: true + become_user: domjudge + when: terminal_profile.stdout == '' + + - name: Configure GNOME Terminal colors + community.general.dconf: + key: "/org/gnome/terminal/legacy/profiles:/:{{ profile_uuid }}/{{ item.key }}" + value: "{{ item.value }}" + loop: + - key: background-color + value: "'rgb(0,43,54)'" + - key: foreground-color + value: "'rgb(131,148,150)'" + - key: use-theme-colors + value: "false" + - key: visible-name + value: "'Default'" + become: true + become_user: domjudge diff --git a/provision-contest/ansible/roles/domlogo/templates/domlogo.service.j2 b/provision-contest/ansible/roles/domlogo/templates/domlogo.service.j2 index 71c899e3..bccd68c4 100644 --- a/provision-contest/ansible/roles/domlogo/templates/domlogo.service.j2 +++ b/provision-contest/ansible/roles/domlogo/templates/domlogo.service.j2 @@ -8,7 +8,7 @@ Type=simple Environment=REQUESTS_CA_BUNDLE=/usr/local/share/ca-certificates/domserver.crt Environment=DISPLAY=:0 WorkingDirectory={{ DJ_DIR }} -ExecStart=domlogo.py +ExecStart=python3 domlogo.py User=domjudge Restart=always diff --git a/provision-contest/ansible/roles/judgedaemon/tasks/main.yml b/provision-contest/ansible/roles/judgedaemon/tasks/main.yml index e585b7e2..4ce8025a 100644 --- a/provision-contest/ansible/roles/judgedaemon/tasks/main.yml +++ b/provision-contest/ansible/roles/judgedaemon/tasks/main.yml @@ -33,26 +33,52 @@ src: chroot-list dest: /tmp/dj_ansible/ +- name: Convert ASC key to GPG format for debootstrap + shell: gpg --dearmor < /etc/apt/trusted.gpg.d/pc2packages.asc > /tmp/pc2packages.gpg + args: + creates: /tmp/pc2packages.gpg + when: ICPC_IMAGE + - name: Create chroot shell: "set -o pipefail && {{ DJ_DIR }}/misc-tools/dj_make_chroot -y -H - -i icpc-kotlinc,openjdk-17-jdk-headless + -i openjdk-21-jdk-headless -l \"$(ls /tmp/dj_ansible/install-chroot/*.deb 2>/dev/null | tr '\n' ',')\" -s \"$(ls /tmp/dj_ansible/chroot-list/*.list 2>/dev/null | tr '\n' ',')\" 2>&1 | tee /tmp/dj_make_chroot.log; grep '^Done building chroot in' /tmp/dj_make_chroot.log" environment: - DEBMIRROR: "{%- if WF_RESTRICTED_NETWORK and ICPC_IMAGE -%}https://packages/ubuntu - {%- elif ICPC_IMAGE -%}https://sysopspackages.icpc.global/ubuntu + DEBMIRROR: "{%- if WF_RESTRICTED_NETWORK and ICPC_IMAGE -%}https://packages/ubuntu/noble + {%- elif ICPC_IMAGE -%}https://sysopspackages.icpc.global/ubuntu/noble {%- else -%} {%- endif -%}" args: executable: /bin/bash creates: "/chroot/domjudge" +- name: ICPC Kotlin setup in chroot + when: ICPC_IMAGE + block: + - name: Sync kotlinc to chroot + ansible.posix.synchronize: + src: /opt/kotlinc/ + dest: /chroot/domjudge/usr/lib/kotlinc/ + delegate_to: "{{ inventory_hostname }}" + + - name: Create kotlin symlinks in chroot + ansible.builtin.file: + src: /usr/lib/kotlinc/bin/{{ item }} + dest: /chroot/domjudge/usr/local/bin/{{ item }} + state: link + force: true + follow: false + loop: + - kotlin + - kotlinc + - name: Pre-generate the kernel flags for ansible usage set_fact: - procline: "apparmor=0 systemd.unified_cgroup_hierarchy=0 cgroup_enable=memory swapaccount=1 isolcpus={{ cpucore | join(',') }}" + procline: "apparmor=0 cgroup_enable=memory swapaccount=1 isolcpus={{ cpucore | join(',') }}" - name: Add cgroup kernel parameters lineinfile: