Last active
September 20, 2019 13:51
-
-
Save perfecto25/dfe09e7f2cc52c13be8ca0bde42d12e9 to your computer and use it in GitHub Desktop.
Thinlinc Server install on Centos 7 using Saltstack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
install-pygtk=yes | |
email-address=admin@company.com | |
install-python-ldap=yes | |
setup-firewall=yes | |
setup-selinux=yes | |
setup-web-integration=yes | |
setup-apparmor=yes | |
server-type=master | |
missing-answer=abort | |
install-nfs=yes | |
install-sshd=yes | |
accept-eula=yes | |
migrate-conf=old | |
install-required-libs=yes | |
setup-nearest=no | |
setup-thinlocal=no | |
tlwebadm-password=sp@ceBALL$1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[/profiles] | |
# The default profile. Must be present below | |
default=xfce | |
# The order the profiles will be presented in. Only profiles that exist in | |
# this parameter will be presented as alternatives. This is a space-separated | |
# list. | |
order=xfce | |
# If you wish to remove the introduction text, set this parameter to false | |
show_intro=true | |
# Greeting text shown at the top of the profile chooser | |
greeting=Hello Cowgirl! | |
# Introduction text to be shown before any choices. Enter \n to get | |
# a line break in the output text. | |
introduction=Company Thinlinc Session \n\nPress OK to create a session. | |
# Default/example profile entries. See the ThinLinc Administrator's | |
# Guide for details. | |
[/profiles/xfce] | |
xdg_session=xfce | |
name=Xfce Desktop | |
description=Xfce is a lightweight desktop environment for various Unix systems. Designed for productivity, it loads and executes applications fast, while conserving system resources. | |
[/profiles/xterm] | |
xdg_session= | |
name=Terminal | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### installs Thinlinc Server on Centos 7, getting .zip file from internal Sonatype Nexus repository | |
### does additional configuration for user access | |
get_zip: | |
cmd.run: | |
- name: wget --no-check-certificate --user=uname --password=pw https://repo/repository/files/thinlinc/tl-4.9.0-server.zip | |
- cwd: /opt | |
- creates: tl-4.9.0-server.zip | |
unzip: | |
cmd.run: | |
- name: unzip tl-4.9.0-server.zip | |
- cwd: /opt | |
- unless: test -d tl-4.9.0-server | |
install_pkg: | |
cmd.run: | |
- name: yum -y localinstall tl-4.9.0-server/packages/*.rpm | |
- cwd: /opt | |
- unless: rpm -qa | grep thinlinc | |
silent_installer: | |
file.managed: | |
- name: /root/thinlinc-setup.answers | |
- mode: 0644 | |
- source: salt://{{ slspath }}/files/answers | |
- user: root | |
- group: root | |
run_setup: | |
cmd.run: | |
- name: /opt/thinlinc/sbin/tl-setup -a "/root/thinlinc-setup.answers" | |
- unless: ps -ef | grep vsmserver | grep -v grep | |
remove_mount: | |
file.absent: | |
- name: /opt/thinlinc/etc/xstartup.d/40-tl-mount-localdrives | |
remove_smartcard: | |
file.absent: | |
- name: /opt/thinlinc/etc/xstartup.d/50-tl-wait-smartcard | |
agent_conf: | |
file.managed: | |
- name: /opt/thinlinc/etc/conf.d/vsmagent.hconf | |
- mode: 0644 | |
- source: salt://{{ slspath }}/files/vsmagent.hconf.j2 | |
- template: jinja | |
- user: root | |
- group: root | |
server_conf: | |
file.managed: | |
- name: /opt/thinlinc/etc/conf.d/vsmserver.hconf | |
- mode: 0644 | |
- source: salt://{{ slspath }}/files/vsmserver.hconf | |
- user: root | |
- group: root | |
profile_conf: | |
file.managed: | |
- name: /opt/thinlinc/etc/conf.d/profiles.hconf | |
- mode: 0644 | |
- source: salt://{{ slspath }}/files/profiles.hconf | |
- user: root | |
- group: root | |
vsmserver_service: | |
service.running: | |
- name: vsmserver | |
- restart: True | |
- watch: | |
- file: server_conf | |
vsmagent_service: | |
service.running: | |
- name: vsmagent | |
- restart: True | |
- watch: | |
- file: agent_conf | |
disable_mounts: | |
cmd.run: | |
- name: chmod u-s /opt/thinlinc/libexec/tl-mount-personal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Hiveconf configuration file - VSM agent | |
# | |
[/vsmagent] | |
fontpath=catalogue:/etc/X11/fontpath.d,/usr/share/X11/fonts/misc,/usr/share/X11/fonts/75dpi,/usr/share/X11/fonts/100dpi,/usr/share/X11/fonts/Type1,/usr/share/X11/fonts/TTF,/usr/share/fonts/default/Type1,/usr/share/fonts/X11/misc,/usr/share/fonts/X11/Type1,/usr/share/fonts/misc,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/Type1,/usr/share/fonts/URW,/usr/share/fonts/Speedo,/usr/share/fonts/cyrillic,/usr/share/fonts/truetype,/usr/share/fonts/misc | |
# The host that runs the VSM server (master machine) | |
master_hostname=localhost | |
# Only allow connections from the VSM servers in this space-separated list. | |
# localhost, hostname, IP and master_hostname are always allowed. NOTE: Do not | |
# change this parameter unless you know what you are doing. | |
allowed_clients= | |
# Automatically create the users home directory, if it doesn't exist? | |
make_homedir=1 | |
# The file mode for the newly created home directory | |
make_homedir_mode=0700 | |
# The default geometry, if the client doesn't request anything. | |
default_geometry=1024 768 | |
# Save password for future logins? | |
single_signon=1 | |
# Extra arguments to pass to the Xserver Xvnc, for example: | |
# xserver_args=-MaxIdleTime 60 | |
xserver_args=-br -nolisten tcp -localhost -verbose 3 | |
# The location of the Xauthority file, either homedir or sessiondir | |
xauthority_location=sessiondir | |
# Public hostname; the hostname that clients are redirected to. If not | |
# defined, the agent will use the computer's IP address. | |
agent_hostname={{ salt['cmd.run']('curl -s -4 icanhazip.com') }} | |
# The maximum port used for VNC and tunnel ports for displays | |
# display_min to display_max. This number may not be higher than | |
# lowest_user_port | |
max_session_port=32767 | |
# The lowest port to be used for user programs needing TCP/UDP ports. | |
# This must be higher than max_session_port. | |
lowest_user_port=32768 | |
# Where to start allocating display numbers. | |
display_min=10 | |
# Timeout in tenths of seconds, for starting new sessions | |
xvnc_start_timeout=250 | |
# The maximum display number to use on this VSM agent host. | |
# display_max - display_min is the maximum number of ThinLinc users | |
# allowed on this host. Default is 2000. | |
display_max=2000 | |
# Port to listen on | |
# This should normally be the same as /vsm/vsm_agent_port, but under | |
# some special circumstances, it might be set to another value. | |
listen_port=904 | |
# Environment variables to add to users environment, before running | |
# xstartup. Note: Since xstartup is run through /bin/bash --login, | |
# files in /etc/profile.d/ will be sourced and may override values in | |
# default_environment. | |
# Note: TOWN is just an example. | |
[/vsmagent/default_environment] | |
TOWN=Springfield | |
PATH=/bin:/usr/bin:/opt/thinlinc/bin:/usr/local/bin:/usr/bin/X11:/sbin:/usr/sbin:/usr/local/sbin | |
LD_LIBRARY_PATH=/opt/thinlinc/lib64:/opt/thinlinc/lib | |
[/vsmagent/logging] | |
log_to_file=1 | |
logfile=/var/log/vsmagent.log | |
log_to_syslog=0 | |
syslog_facility=local0 | |
syslog_socket=/dev/log | |
syslog_host= | |
defaultlevel=INFO | |
[/vsmagent/logging/levels] | |
# Execution of external commands | |
vsmagent.extcmd=INFO | |
# Info about sessions | |
vsmagent.session=INFO | |
# XMLRPC debugging. | |
vsmagent.xmlrpc=INFO |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Hiveconf configuration file - VSM server | |
# | |
[/vsmserver] | |
# Administrators email | |
admin_email=admin@company.com | |
# | |
# Terminal servers. A space-separated list of agent server hostnames. These will | |
# be used for communication between the server and the agent. The names reported | |
# to clients are fetched from the agent itself; names in terminalservers are not | |
# reported directly to clients. | |
# | |
terminalservers=127.0.0.1 | |
# Load balance finetuning | |
ram_per_user=100 | |
bogomips_per_user=600 | |
existing_users_weight=4 | |
load_update_cycle=40 | |
# The maximum number of sessions per user. 0 means no limit. | |
max_sessions_per_user=1 | |
# Only allow connections from clients in this space-separated list for priv | |
# operations localhost and hostname IP are always allowed. | |
allowed_clients= | |
# ThinLinc access can be limited to certain groups. If the allowed_groups | |
# space-separated list is empty, all users are accepted. Otherwise, the user | |
# must be a member of the groups listed below, to be able to use ThinLinc. | |
# Example: allowed_groups=students teachers | |
allowed_groups= | |
# If true, processes occupying the users interval of forwarded ports | |
# will be killed. | |
unbind_ports_at_login=true | |
# A space-separated list of candidate:agenthost pairs that can be used to force | |
# sessions for specific users or groups to be created on specific agent hosts. | |
# Note that only one server can be specified per candidate. No load | |
# balancing is in use for servers selected this way. | |
# | |
# If the specific server is down, no session will be created. | |
# | |
# If a server specified here is also listed in terminalservers, | |
# sessions will also be created for users or groups not listed here. | |
# Use of this parameter is recommended only for special circumstances, | |
# for example when testing new operating systems. | |
# | |
# Groupnames should be prepended by a '+'. Example: | |
# explicit_agentselection=+agentoneusers:agentone | |
explicit_agentselection= | |
# Port to listen on | |
# This should normally be the same as /vsm/vsm_server_port, but under | |
# some special circumstances, it might be set to another value. | |
listen_port=9000 | |
[/vsmserver/HA] | |
# Enable HA operations by setting this to 1. | |
enabled=0 | |
# A space-separated list of the nodes in the cluster | |
nodes= | |
[/vsmserver/logging] | |
log_to_file=1 | |
logfile=/var/log/vsmserver.log | |
log_to_syslog=0 | |
syslog_facility=local0 | |
syslog_socket=/dev/log | |
syslog_host= | |
# Default level of logging. | |
defaultlevel=INFO | |
[/vsmserver/logging/levels] | |
# Execution of external commands. | |
vsmserver.extcmd=INFO | |
# Session-related information | |
vsmserver.session=INFO | |
# Information about sessions being shadowed. | |
vsmserver.shadow=INFO | |
# Load-balancing info. | |
vsmserver.loadinfo=INFO | |
# License-related messages. | |
vsmserver.license=INFO | |
# XMLRPC-debugging. | |
vsmserver.xmlrpc=INFO | |
# HA debugging | |
vsmserver.HA=INFO |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment