WIP: Notes

fedora/ansible/tigervnc/files/config

@@ -0,0 +1,7 @@
+## Supported server options to pass to vncserver upon invocation can be listed
+## in this file. See the following manpages for more: vncserver(1) Xvnc(1).
+## Several common ones are shown below. Uncomment and modify to your liking.
+##
+session=gnome
+securitytypes=vncauth,tlsvnc
+geometry=1920x1080

fedora/ansible/tigervnc/files/vncserver.users

@@ -0,0 +1 @@
+:2=vncuser

fedora/ansible/tigervnc/files/xstartup

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+unset SESSION_MANAGER
+unset DBUS_SESSION_BUS_ADDRESS
+/etc/X11/xinit/xinitrc
+# Assume either Gnome will be started by default when installed
+# We want to kill the session automatically in this case when user logs out. In case you modify
+# /etc/X11/xinit/Xclients or ~/.Xclients yourself to achieve a different result, then you should
+# be responsible to modify below code to avoid that your session will be automatically killed
+if [ -e /usr/bin/gnome-session ]; then
+    vncserver -kill $DISPLAY
+fi

fedora/ansible/tigervnc/meta/main.yml

@@ -0,0 +1,52 @@
+galaxy_info:
+  author: Reese Wells
+  description: Installs and enables a tigervnc server
+  company: ""
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.1
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.

fedora/ansible/tigervnc/tasks/main.yml

@@ -0,0 +1,59 @@
+---
+# Install and activate tigervnc
+# NOTE: You will still need to log in manually as the new user and run "passwd" and "vncpasswd"
+- name: Ensure tigervnc-server is installed
+  dnf:
+    name: 
+    - tigervnc-server
+  become: yes
+- name: Copy systemd file to /etc/system/system
+  copy:
+    remote_src: yes
+    src: /lib/systemd/system/vncserver@.service
+    dest: /etc/systemd/system/vncserver@.service
+  become: yes
+- name: Copy vncserver.users
+  copy:
+    src: files/vncserver.users
+    dest: /etc/tigervnc/vncserver.users
+  become: yes
+- name: Create vncuser
+  user:
+    name: vncuser
+    shell: /bin/fish
+    groups: wheel
+    append: yes
+  become: yes
+- name: Ensure .vnc folder exists for vncuser
+  file:
+    path: /home/vncuser/.vnc
+    state: directory
+    owner: vncuser
+    group: vncuser
+  become: yes
+- name: Copy vnc config
+  copy:
+    src: files/config
+    dest: /home/vncuser/.vnc/config
+    owner: vncuser
+    group: vncuser
+  become: yes
+- name: Copy xstartup
+  copy:
+    src: files/xstartup
+    dest: /home/vncuser/.vnc/xstartup
+    owner: vncuser
+    group: vncuser
+  become: yes
+- name: Start tigervnc service
+  systemd:
+    name: vncserver@:2
+    state: started
+    enabled: yes
+  become: yes
+- name: UFW Allow 5902/tcp
+  community.general.ufw:
+    rule: allow
+    port: 5902
+    proto: tcp
+  become: yes