perfecto25/answers

## answers
install-pygtk=yes
email-address=admin@company.com
install-python-ldap=yes
setup-firewall=yes
setup-selinux=yes
setup-web-integration=yes
setup-apparmor=yes
server-type=master
missing-answer=abort
install-nfs=yes
install-sshd=yes
accept-eula=yes
migrate-conf=old
install-required-libs=yes
setup-nearest=no
setup-thinlocal=no
tlwebadm-password=sp@ceBALL$1

## profiles.hconf
[/profiles]

# The default profile. Must be present below
default=xfce

# The order the profiles will be presented in. Only profiles that exist in
# this parameter will be presented as alternatives. This is a space-separated
# list.
order=xfce

# If you wish to remove the introduction text, set this parameter to false
show_intro=true

# Greeting text shown at the top of the profile chooser
greeting=Hello Cowgirl!

# Introduction text to be shown before any choices. Enter \n to get
# a line break in the output text.
introduction=Company Thinlinc Session \n\nPress OK to create a session.

# Default/example profile entries. See the ThinLinc Administrator's
# Guide for details.


[/profiles/xfce]
xdg_session=xfce
name=Xfce Desktop
description=Xfce is a lightweight desktop environment for various Unix systems. Designed for productivity, it loads and executes applications fast, while conserving system resources.


[/profiles/xterm]
xdg_session=
name=Terminal


## server.sls
### installs Thinlinc Server on Centos 7, getting .zip file from internal Sonatype Nexus repository
### does additional configuration for user access

get_zip:
    cmd.run:
        - name: wget --no-check-certificate --user=uname --password=pw https://repo/repository/files/thinlinc/tl-4.9.0-server.zip
        - cwd: /opt
        - creates: tl-4.9.0-server.zip

unzip:
    cmd.run:
        - name: unzip tl-4.9.0-server.zip
        - cwd: /opt
        - unless: test -d tl-4.9.0-server

install_pkg:
    cmd.run:
        - name: yum -y localinstall tl-4.9.0-server/packages/*.rpm
        - cwd: /opt
        - unless: rpm -qa | grep thinlinc

silent_installer:
    file.managed:
        - name: /root/thinlinc-setup.answers
        - mode: 0644
        - source: salt://{{ slspath }}/files/answers
        - user: root
        - group: root

run_setup:
    cmd.run:
        - name: /opt/thinlinc/sbin/tl-setup -a "/root/thinlinc-setup.answers"
        - unless: ps -ef | grep vsmserver | grep -v grep

remove_mount:
    file.absent:
        - name: /opt/thinlinc/etc/xstartup.d/40-tl-mount-localdrives

remove_smartcard:
    file.absent:
        - name: /opt/thinlinc/etc/xstartup.d/50-tl-wait-smartcard

agent_conf:
    file.managed:
        - name: /opt/thinlinc/etc/conf.d/vsmagent.hconf
        - mode: 0644
        - source: salt://{{ slspath }}/files/vsmagent.hconf.j2
        - template: jinja
        - user: root
        - group: root

server_conf:
    file.managed:
        - name: /opt/thinlinc/etc/conf.d/vsmserver.hconf
        - mode: 0644
        - source: salt://{{ slspath }}/files/vsmserver.hconf
        - user: root
        - group: root

profile_conf:
    file.managed:
        - name: /opt/thinlinc/etc/conf.d/profiles.hconf
        - mode: 0644
        - source: salt://{{ slspath }}/files/profiles.hconf
        - user: root
        - group: root

vsmserver_service:
    service.running:
        - name: vsmserver
        - restart: True
        - watch:
            - file: server_conf

vsmagent_service:
    service.running:
        - name: vsmagent
        - restart: True
        - watch:
            - file: agent_conf

disable_mounts:
    cmd.run:
        - name: chmod u-s /opt/thinlinc/libexec/tl-mount-personal

## vsmagent.hconf.j2
#
# Hiveconf configuration file - VSM agent
#
[/vsmagent]


fontpath=catalogue:/etc/X11/fontpath.d,/usr/share/X11/fonts/misc,/usr/share/X11/fonts/75dpi,/usr/share/X11/fonts/100dpi,/usr/share/X11/fonts/Type1,/usr/share/X11/fonts/TTF,/usr/share/fonts/default/Type1,/usr/share/fonts/X11/misc,/usr/share/fonts/X11/Type1,/usr/share/fonts/misc,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/Type1,/usr/share/fonts/URW,/usr/share/fonts/Speedo,/usr/share/fonts/cyrillic,/usr/share/fonts/truetype,/usr/share/fonts/misc

# The host that runs the VSM server (master machine)
master_hostname=localhost

# Only allow connections from the VSM servers in this space-separated list.
# localhost, hostname, IP and master_hostname are always allowed. NOTE: Do not
# change this parameter unless you know what you are doing.
allowed_clients=

# Automatically create the users home directory, if it doesn't exist?
make_homedir=1
# The file mode for the newly created home directory
make_homedir_mode=0700

# The default geometry, if the client doesn't request anything.
default_geometry=1024 768

# Save password for future logins?
single_signon=1

# Extra arguments to pass to the Xserver Xvnc, for example:
# xserver_args=-MaxIdleTime 60
xserver_args=-br -nolisten tcp -localhost -verbose 3

# The location of the Xauthority file, either homedir or sessiondir
xauthority_location=sessiondir

# Public hostname; the hostname that clients are redirected to. If not
# defined, the agent will use the computer's IP address.
agent_hostname={{ salt['cmd.run']('curl -s -4 icanhazip.com') }}

# The maximum port used for VNC and tunnel ports for displays
# display_min to display_max. This number may not be higher than
# lowest_user_port
max_session_port=32767

# The lowest port to be used for user programs needing TCP/UDP ports.
# This must be higher than max_session_port.
lowest_user_port=32768

# Where to start allocating display numbers.
display_min=10

# Timeout in tenths of seconds, for starting new sessions
xvnc_start_timeout=250

# The maximum display number to use on this VSM agent host.
# display_max - display_min is the maximum number of ThinLinc users
# allowed on this host. Default is 2000.
display_max=2000

# Port to listen on
# This should normally be the same as /vsm/vsm_agent_port, but under
# some special circumstances, it might be set to another value.
listen_port=904

# Environment variables to add to users environment, before running
# xstartup. Note: Since xstartup is run through /bin/bash --login,
# files in /etc/profile.d/ will be sourced and may override values in
# default_environment.
# Note: TOWN is just an example.

[/vsmagent/default_environment]
TOWN=Springfield
PATH=/bin:/usr/bin:/opt/thinlinc/bin:/usr/local/bin:/usr/bin/X11:/sbin:/usr/sbin:/usr/local/sbin
LD_LIBRARY_PATH=/opt/thinlinc/lib64:/opt/thinlinc/lib

[/vsmagent/logging]
log_to_file=1
logfile=/var/log/vsmagent.log

log_to_syslog=0
syslog_facility=local0
syslog_socket=/dev/log
syslog_host=

defaultlevel=INFO

[/vsmagent/logging/levels]
# Execution of external commands
vsmagent.extcmd=INFO
# Info about sessions
vsmagent.session=INFO
# XMLRPC debugging.
vsmagent.xmlrpc=INFO

## vsmserver.hconf
#
# Hiveconf configuration file - VSM server
#
[/vsmserver]

# Administrators email
admin_email=admin@company.com

#
# Terminal servers. A space-separated list of agent server hostnames. These will
# be used for communication between the server and the agent. The names reported
# to clients are fetched from the agent itself; names in terminalservers are not
# reported directly to clients.
#
terminalservers=127.0.0.1

# Load balance finetuning
ram_per_user=100
bogomips_per_user=600
existing_users_weight=4
load_update_cycle=40

# The maximum number of sessions per user. 0 means no limit.
max_sessions_per_user=1

# Only allow connections from clients in this space-separated list for priv
# operations localhost and hostname IP are always allowed.
allowed_clients=

# ThinLinc access can be limited to certain groups. If the allowed_groups
# space-separated list is empty, all users are accepted. Otherwise, the user
# must be a member of the groups listed below, to be able to use ThinLinc.
# Example: allowed_groups=students teachers
allowed_groups=

# If true, processes occupying the users interval of forwarded ports
# will be killed.
unbind_ports_at_login=true

# A space-separated list of candidate:agenthost pairs that can be used to force
# sessions for specific users or groups to be created on specific agent hosts.
# Note that only one server can be specified per candidate. No load
# balancing is in use for servers selected this way.
#
# If the specific server is down, no session will be created.
#
# If a server specified here is also listed in terminalservers,
# sessions will also be created for users or groups not listed here.
# Use of this parameter is recommended only for special circumstances,
# for example when testing new operating systems.
#
# Groupnames should be prepended by a '+'. Example:
# explicit_agentselection=+agentoneusers:agentone
explicit_agentselection=

# Port to listen on
# This should normally be the same as /vsm/vsm_server_port, but under
# some special circumstances, it might be set to another value.
listen_port=9000


[/vsmserver/HA]
# Enable HA operations by setting this to 1.
enabled=0

# A space-separated list of the nodes in the cluster
nodes=

[/vsmserver/logging]
log_to_file=1
logfile=/var/log/vsmserver.log

log_to_syslog=0
syslog_facility=local0
syslog_socket=/dev/log
syslog_host=

# Default level of logging.
defaultlevel=INFO

[/vsmserver/logging/levels]

# Execution of external commands.
vsmserver.extcmd=INFO

# Session-related information
vsmserver.session=INFO

# Information about sessions being shadowed.
vsmserver.shadow=INFO

# Load-balancing info.
vsmserver.loadinfo=INFO

# License-related messages.
vsmserver.license=INFO

# XMLRPC-debugging.
vsmserver.xmlrpc=INFO

# HA debugging
vsmserver.HA=INFO
	install-pygtk=yes
	email-address=admin@company.com
	install-python-ldap=yes
	setup-firewall=yes
	setup-selinux=yes
	setup-web-integration=yes
	setup-apparmor=yes
	server-type=master
	missing-answer=abort
	install-nfs=yes
	install-sshd=yes
	accept-eula=yes
	migrate-conf=old
	install-required-libs=yes
	setup-nearest=no
	setup-thinlocal=no
	tlwebadm-password=sp@ceBALL$1
	[/profiles]

	# The default profile. Must be present below
	default=xfce

	# The order the profiles will be presented in. Only profiles that exist in
	# this parameter will be presented as alternatives. This is a space-separated
	# list.
	order=xfce

	# If you wish to remove the introduction text, set this parameter to false
	show_intro=true

	# Greeting text shown at the top of the profile chooser
	greeting=Hello Cowgirl!

	# Introduction text to be shown before any choices. Enter \n to get
	# a line break in the output text.
	introduction=Company Thinlinc Session \n\nPress OK to create a session.

	# Default/example profile entries. See the ThinLinc Administrator's
	# Guide for details.


	[/profiles/xfce]
	xdg_session=xfce
	name=Xfce Desktop
	description=Xfce is a lightweight desktop environment for various Unix systems. Designed for productivity, it loads and executes applications fast, while conserving system resources.


	[/profiles/xterm]
	xdg_session=
	name=Terminal
	### installs Thinlinc Server on Centos 7, getting .zip file from internal Sonatype Nexus repository
	### does additional configuration for user access

	get_zip:
	cmd.run:
	- name: wget --no-check-certificate --user=uname --password=pw https://repo/repository/files/thinlinc/tl-4.9.0-server.zip
	- cwd: /opt
	- creates: tl-4.9.0-server.zip

	unzip:
	cmd.run:
	- name: unzip tl-4.9.0-server.zip
	- cwd: /opt
	- unless: test -d tl-4.9.0-server

	install_pkg:
	cmd.run:
	- name: yum -y localinstall tl-4.9.0-server/packages/*.rpm
	- cwd: /opt
	- unless: rpm -qa \| grep thinlinc

	silent_installer:
	file.managed:
	- name: /root/thinlinc-setup.answers
	- mode: 0644
	- source: salt://{{ slspath }}/files/answers
	- user: root
	- group: root

	run_setup:
	cmd.run:
	- name: /opt/thinlinc/sbin/tl-setup -a "/root/thinlinc-setup.answers"
	- unless: ps -ef \| grep vsmserver \| grep -v grep

	remove_mount:
	file.absent:
	- name: /opt/thinlinc/etc/xstartup.d/40-tl-mount-localdrives

	remove_smartcard:
	file.absent:
	- name: /opt/thinlinc/etc/xstartup.d/50-tl-wait-smartcard

	agent_conf:
	file.managed:
	- name: /opt/thinlinc/etc/conf.d/vsmagent.hconf
	- mode: 0644
	- source: salt://{{ slspath }}/files/vsmagent.hconf.j2
	- template: jinja
	- user: root
	- group: root

	server_conf:
	file.managed:
	- name: /opt/thinlinc/etc/conf.d/vsmserver.hconf
	- mode: 0644
	- source: salt://{{ slspath }}/files/vsmserver.hconf
	- user: root
	- group: root

	profile_conf:
	file.managed:
	- name: /opt/thinlinc/etc/conf.d/profiles.hconf
	- mode: 0644
	- source: salt://{{ slspath }}/files/profiles.hconf
	- user: root
	- group: root

	vsmserver_service:
	service.running:
	- name: vsmserver
	- restart: True
	- watch:
	- file: server_conf

	vsmagent_service:
	service.running:
	- name: vsmagent
	- restart: True
	- watch:
	- file: agent_conf

	disable_mounts:
	cmd.run:
	- name: chmod u-s /opt/thinlinc/libexec/tl-mount-personal
	#
	# Hiveconf configuration file - VSM agent
	#
	[/vsmagent]



	fontpath=catalogue:/etc/X11/fontpath.d,/usr/share/X11/fonts/misc,/usr/share/X11/fonts/75dpi,/usr/share/X11/fonts/100dpi,/usr/share/X11/fonts/Type1,/usr/share/X11/fonts/TTF,/usr/share/fonts/default/Type1,/usr/share/fonts/X11/misc,/usr/share/fonts/X11/Type1,/usr/share/fonts/misc,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/Type1,/usr/share/fonts/URW,/usr/share/fonts/Speedo,/usr/share/fonts/cyrillic,/usr/share/fonts/truetype,/usr/share/fonts/misc

	# The host that runs the VSM server (master machine)
	master_hostname=localhost

	# Only allow connections from the VSM servers in this space-separated list.
	# localhost, hostname, IP and master_hostname are always allowed. NOTE: Do not
	# change this parameter unless you know what you are doing.
	allowed_clients=

	# Automatically create the users home directory, if it doesn't exist?
	make_homedir=1
	# The file mode for the newly created home directory
	make_homedir_mode=0700

	# The default geometry, if the client doesn't request anything.
	default_geometry=1024 768

	# Save password for future logins?
	single_signon=1

	# Extra arguments to pass to the Xserver Xvnc, for example:
	# xserver_args=-MaxIdleTime 60
	xserver_args=-br -nolisten tcp -localhost -verbose 3

	# The location of the Xauthority file, either homedir or sessiondir
	xauthority_location=sessiondir

	# Public hostname; the hostname that clients are redirected to. If not
	# defined, the agent will use the computer's IP address.
	agent_hostname={{ salt['cmd.run']('curl -s -4 icanhazip.com') }}

	# The maximum port used for VNC and tunnel ports for displays
	# display_min to display_max. This number may not be higher than
	# lowest_user_port
	max_session_port=32767

	# The lowest port to be used for user programs needing TCP/UDP ports.
	# This must be higher than max_session_port.
	lowest_user_port=32768

	# Where to start allocating display numbers.
	display_min=10

	# Timeout in tenths of seconds, for starting new sessions
	xvnc_start_timeout=250

	# The maximum display number to use on this VSM agent host.
	# display_max - display_min is the maximum number of ThinLinc users
	# allowed on this host. Default is 2000.
	display_max=2000

	# Port to listen on
	# This should normally be the same as /vsm/vsm_agent_port, but under
	# some special circumstances, it might be set to another value.
	listen_port=904

	# Environment variables to add to users environment, before running
	# xstartup. Note: Since xstartup is run through /bin/bash --login,
	# files in /etc/profile.d/ will be sourced and may override values in
	# default_environment.
	# Note: TOWN is just an example.

	[/vsmagent/default_environment]
	TOWN=Springfield
	PATH=/bin:/usr/bin:/opt/thinlinc/bin:/usr/local/bin:/usr/bin/X11:/sbin:/usr/sbin:/usr/local/sbin
	LD_LIBRARY_PATH=/opt/thinlinc/lib64:/opt/thinlinc/lib

	[/vsmagent/logging]
	log_to_file=1
	logfile=/var/log/vsmagent.log

	log_to_syslog=0
	syslog_facility=local0
	syslog_socket=/dev/log
	syslog_host=

	defaultlevel=INFO

	[/vsmagent/logging/levels]
	# Execution of external commands
	vsmagent.extcmd=INFO
	# Info about sessions
	vsmagent.session=INFO
	# XMLRPC debugging.
	vsmagent.xmlrpc=INFO
	#
	# Hiveconf configuration file - VSM server
	#
	[/vsmserver]

	# Administrators email
	admin_email=admin@company.com

	#
	# Terminal servers. A space-separated list of agent server hostnames. These will
	# be used for communication between the server and the agent. The names reported
	# to clients are fetched from the agent itself; names in terminalservers are not
	# reported directly to clients.
	#
	terminalservers=127.0.0.1

	# Load balance finetuning
	ram_per_user=100
	bogomips_per_user=600
	existing_users_weight=4
	load_update_cycle=40

	# The maximum number of sessions per user. 0 means no limit.
	max_sessions_per_user=1

	# Only allow connections from clients in this space-separated list for priv
	# operations localhost and hostname IP are always allowed.
	allowed_clients=

	# ThinLinc access can be limited to certain groups. If the allowed_groups
	# space-separated list is empty, all users are accepted. Otherwise, the user
	# must be a member of the groups listed below, to be able to use ThinLinc.
	# Example: allowed_groups=students teachers
	allowed_groups=

	# If true, processes occupying the users interval of forwarded ports
	# will be killed.
	unbind_ports_at_login=true

	# A space-separated list of candidate:agenthost pairs that can be used to force
	# sessions for specific users or groups to be created on specific agent hosts.
	# Note that only one server can be specified per candidate. No load
	# balancing is in use for servers selected this way.
	#
	# If the specific server is down, no session will be created.
	#
	# If a server specified here is also listed in terminalservers,
	# sessions will also be created for users or groups not listed here.
	# Use of this parameter is recommended only for special circumstances,
	# for example when testing new operating systems.
	#
	# Groupnames should be prepended by a '+'. Example:
	# explicit_agentselection=+agentoneusers:agentone
	explicit_agentselection=

	# Port to listen on
	# This should normally be the same as /vsm/vsm_server_port, but under
	# some special circumstances, it might be set to another value.
	listen_port=9000


	[/vsmserver/HA]
	# Enable HA operations by setting this to 1.
	enabled=0

	# A space-separated list of the nodes in the cluster
	nodes=

	[/vsmserver/logging]
	log_to_file=1
	logfile=/var/log/vsmserver.log

	log_to_syslog=0
	syslog_facility=local0
	syslog_socket=/dev/log
	syslog_host=

	# Default level of logging.
	defaultlevel=INFO

	[/vsmserver/logging/levels]

	# Execution of external commands.
	vsmserver.extcmd=INFO

	# Session-related information
	vsmserver.session=INFO

	# Information about sessions being shadowed.
	vsmserver.shadow=INFO

	# Load-balancing info.
	vsmserver.loadinfo=INFO

	# License-related messages.
	vsmserver.license=INFO

	# XMLRPC-debugging.
	vsmserver.xmlrpc=INFO

	# HA debugging
	vsmserver.HA=INFO