customization.yaml

---
- hosts: localhost
  
  vars:
    ssh_keys:
      - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0eTzvYXj4ddqxz49CJsUBYD4wjLfhj6Py/AHKVPLEtq7hB2AeY+OLkkyDoDTC+mBIPgbS6aB2rGrc2vGM7q2w4Nw3a/rcXS5IIncMWlrznLd0E0r84OGdwQbGWfAP3RUX5pxRoykCHeE9hHpjN3xF0IM/RPgXNz+H5Z1325SSYTEorQ9JI6E75eQk/r9/aWF2yoZeFwLc5FDG6AQylHGNiiNeqMrR11TvbPomXd3H7zXgdwem+Egz23BNLt8TldrugzYj1vlx1qBazpHTbf95xpZGaMWiBcmo+Uy2BiVft5gO7YAl0et4japJYS2eQE0N5T0pJoIlWDz5ns2phVZt esa@x1y3

  tasks:

  - name: "Disable built in installation wizard"
    file:
      path: "/etc/systemd/system/{{ item }}"
      src: "/dev/null"
      state: link
    loop:
    - ubiquity.service
    - nv-oem-config.target
    - nv-oem-config-gui.service

  - name: "Create a service to resize rootfs"
    copy:
      dest: /etc/systemd/system/nvresizefs.service
      content: |
        [Unit]
        Description=Resized app partition
        ConditionFirstBoot=true

        [Service]
        ExecStart=/usr/lib/nvidia/resizefs/nvresizefs.sh
        Type=oneshot

        [Install]
        WantedBy=multi-user.target

  - name: "Enable nvresizefs.service"
    file:
      path: "/etc/systemd/system/multi-user.target.wants/nvresizefs.service"
      src: "/etc/systemd/system/nvresizefs.service"
      state: link

  - name: "Set locale"
    copy:
      dest: /etc/default/locale
      content: |
        LANG=en_DK.UTF-8

  - name: "Console keyboard layout"
    copy:
      dest: /etc/vconsole.conf
      content: |
        KEYMAP=fi

  - name: "X11 keyboard layout"
    copy:
      dest: /etc/default/keyboard
      content: |
        XKBMODEL=pc105
        XKBLAYOUT=fi
        XKBOPTIONS=terminate:ctrl_alt_bksp
        BACKSPACE=guess

  - name: "Remove excludes to include documentation"
    copy:
      dest: /etc/dpkg/dpkg.cfg.d/excludes
      content: ''
    register: remove_excludes

  - name: "Reinstall packages with missing documentation"
    when: remove_excludes.changed
    shell: |
      # Reinstallation takes place in two steps because a single dpkg --verified
      # command generates very long parameter list for "xargs dpkg -S" and may go
      # over ARG_MAX. Since many packages have man pages the second download
      # handles a much smaller amount of packages.
      dpkg -S /usr/share/man/ |sed 's|, |\n|g;s|: [^:]*$||' | DEBIAN_FRONTEND=noninteractive xargs apt-get install --reinstall -y
      echo "Reinstalling packages with system documentation in /usr/share/doc/ .."
      # This step processes the packages which still have missing documentation
      dpkg --verify --verify-format rpm | awk '/..5......   \/usr\/share\/doc/ {print $2}' | sed 's|/[^/]*$||' | sort |uniq \
           | xargs dpkg -S | sed 's|, |\n|g;s|: [^:]*$||' | uniq | DEBIAN_FRONTEND=noninteractive xargs apt-get install --reinstall -y

  - name: "Install useful software"
    apt:
      pkg:
        - htop
        - rsync
        - screen
        - tmux

  - name: "Create default user"
    user:
      name: jetson
      password: "$6$salt$MJznBo5SCG.t/gLu4bwlaE9foMvdFFsVJVlq2YRx3PaRvILYhA5V4nRtzc8yb5c1WwiLCqAvTdYQBbom7DmYq/" # jetson
      shell: "/bin/bash"
      groups: 
      - gdm
      - sudo
      - video

  - name: "Enable passwordless sudo"
    lineinfile:
      path: /etc/sudoers
      regexp: '%sudo.*'
      line: '%sudo	ALL=(ALL:ALL) NOPASSWD: ALL'

  - name: "Create override directory for getty@tty1.service"
    file:
      path: /etc/systemd/system/getty@tty1.service.d
      state: directory

  - name: "Set multi-user.target as default target"
    file:
      path: /etc/systemd/system/default.target
      src: /lib/systemd/system/multi-user.target
      state: link

  - name: "Enable autologin on console"
    copy:
      dest: /etc/systemd/system/getty@tty1.service.d/override.conf
      content: |
        [Service]
        ExecStart=
        ExecStart=-/sbin/agetty --autologin jetson %I $TERM

  - name: "Add authorized keys"
    authorized_key:
      user: jetson
      state: present
      key: "{{ item }}"
    loop: "{{ ssh_keys }}"