--- - name: Configure lookout jumphost hosts: bastion become: true tasks: # Base RHEL setup - name: Update system packages ansible.builtin.dnf: name: '*' state: latest tags: [base, update] - name: Install base packages ansible.builtin.dnf: name: - vim - tmux - htop - git - curl - wget - bind-utils - net-tools - tcpdump - rsync state: present tags: [base] - name: Set timezone community.general.timezone: name: Europe/Zurich tags: [base] - name: Enable chrony for NTP ansible.builtin.systemd: name: chronyd enabled: true state: started tags: [base] # Desktop environment for iDRAC access - name: Install GNOME desktop ansible.builtin.dnf: name: - '@workstation-product-environment' state: present tags: [desktop, vnc] - name: Install Firefox for iDRAC ansible.builtin.dnf: name: - firefox state: present tags: [desktop, vnc] - name: Enable GDM for graphical login ansible.builtin.systemd: name: gdm enabled: true tags: [desktop, vnc] - name: Set graphical target as default ansible.builtin.command: systemctl set-default graphical.target changed_when: true tags: [desktop, vnc] - name: Open firewall for RDP ansible.posix.firewalld: port: 3389/tcp permanent: true state: enabled immediate: true tags: [vnc] - name: Display remote desktop setup reminder ansible.builtin.debug: msg: | GNOME Remote Desktop installed. To complete setup: 1. Reboot lookout or start GDM: sudo systemctl start gdm 2. Log in to GNOME session (locally or via console) 3. Settings > Sharing > Remote Desktop > Enable 4. Set username/password for remote access 5. Connect via RDP client to lookout:3389 tags: [vnc] handlers: - name: Reload systemd ansible.builtin.systemd: daemon_reload: true