oracle-devrel · bgraef · Jul 23, 2025 · Jul 21, 2025 · Jul 21, 2025 · Jul 23, 2025
diff --git a/olam/create_instance.yml b/olam/create_instance.yml
@@ -343,6 +343,10 @@
   ansible.builtin.import_playbook: provision_kvm.yml
   when: use_kvm
 
+- name: Provision vnc server on devops node
+  ansible.builtin.import_playbook: provision_vnc.yml
+  when: use_devops_vnc
+
 - name: Provision Oracle Linux Automation Builder Utility
   ansible.builtin.import_playbook: provision_builder.yml
   when: use_olam_builder

diff --git a/olam/default_vars.yml b/olam/default_vars.yml
@@ -19,6 +19,11 @@ add_block_storage: false
 block_volume_size_in_gbs: 50
 block_count: 1
 
+use_devops_vnc: false
+vnc_port: "1"
+vnc_default_password: "oracle"
+vnc_geometry: "1920x1080"
+
 update_all: false
 passwordless_ssh: false
 olam_type: single

diff --git a/olam/provision_pah.yml b/olam/provision_pah.yml
@@ -13,15 +13,15 @@
 
   tasks:
 
-    - name: Install Oracle Linux Automation Manager repository
+    - name: Install Oracle Linux Automation Manager repository on OL8
       ansible.builtin.dnf:
         name: oraclelinux-automation-manager-release-el8
         state: present
       retries: 5
       delay: 10
       when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8'
 
-    - name: Disable Oracle Linux Automation Manager 1.0 repository
+    - name: Disable Oracle Linux Automation Manager 1.0 repository on OL8
       community.general.ini_file:
         path: "/etc/yum.repos.d/oraclelinux-automation-manager-ol8.repo"
         section: ol8_automation
@@ -30,7 +30,7 @@
         mode: '0644'
       when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8'
 
-    - name: Disable Oracle Linux Automation Manager 2.0 repository
+    - name: Disable Oracle Linux Automation Manager 2.0 repository on OL8
       community.general.ini_file:
         path: "/etc/yum.repos.d/oraclelinux-automation-manager-ol8.repo"
         section: ol8_automation2
@@ -39,23 +39,57 @@
         mode: '0644'
       when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8'
 
-    - name: Enable Oracle Linux Automation Manager 2.2 repository
+    - name: Disable Oracle Linux Automation Manager 2.2 repository on OL8
       community.general.ini_file:
         path: "/etc/yum.repos.d/oraclelinux-automation-manager-ol8.repo"
         section: ol8_automation2.2
         option: enabled
+        value: "0"
+        mode: '0644'
+      when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8'
+
+    - name: Enable Oracle Linux Automation Manager 2.3 repository on OL8
+      community.general.ini_file:
+        path: "/etc/yum.repos.d/oraclelinux-automation-manager-ol8.repo"
+        section: ol8_automation2.3
+        option: enabled
         value: "1"
         mode: '0644'
       when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8'
 
-    - name: Install Oracle Linux Private Automation Hub
+    - name: Install Oracle Linux Private Automation Hub on OL8
       ansible.builtin.dnf:
         name: ol-private-automation-hub-installer
         state: present
       retries: 5
       delay: 10
       when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '8'
 
+    - name: Install Oracle Linux Automation Manager repository on OL9
+      ansible.builtin.dnf:
+        name: oraclelinux-automation-manager-release-el9
+        state: present
+      retries: 5
+      delay: 10
+      when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '9'
+
+    - name: Enable Oracle Linux Automation Manager 2.3 repository on OL9
+      community.general.ini_file:
+        path: "/etc/yum.repos.d/oraclelinux-automation-manager-ol9.repo"
+        section: ol8_automation2.3
+        option: enabled
+        value: "1"
+        mode: '0644'
+      when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '9'
+
+    - name: Install Oracle Linux Private Automation Hub on OL9
+      ansible.builtin.dnf:
+        name: ol-private-automation-hub-installer
+        state: present
+      retries: 5
+      delay: 10
+      when: ansible_distribution == 'OracleLinux' and ansible_distribution_major_version == '9'
+
     - name: Copy PAH playbook to home directory
       ansible.builtin.copy:
         src: /usr/share/ansible/collections/ansible_collections/oraclelinux/private_automation_hub/playbooks/single-node/

diff --git a/olam/provision_vnc.yml b/olam/provision_vnc.yml
@@ -0,0 +1,86 @@
+---
+# Copyright (c) 2024 Oracle and/or its affiliates.
+# This software is made available to you under the terms of the Universal Permissive License (UPL), Version 1.0.
+# The Universal Permissive License (UPL), Version 1.0 (see COPYING or https://oss.oracle.com/licenses/upl)
+# See LICENSE.TXT for details.
+
+- name: Install VNC Server and GNOME Desktop
+  hosts: devops-node
+  become: true
+
+  vars_files:
+    - default_vars.yml
+
+  tasks:
+
+    - name: Install the "Server with GUI" package group
+      ansible.builtin.dnf:
+        name: '@Server with GUI'
+        state: present
+      retries: 5
+      delay: 10
+
+    - name: Installing the vnc package
+      ansible.builtin.dnf:
+        name:
+          - tigervnc-server
+          - tigervnc-server-module
+        state: present
+      retries: 5
+      delay: 10
+
+    - name: Set systemd default boot target to graphical.target
+      ansible.builtin.file:
+        src: /usr/lib/systemd/system/graphical.target
+        dest: /etc/systemd/system/default.target
+        state: link
+
+    - name: Set vncserver systemd template
+      ansible.builtin.copy:
+        src: "/usr/lib/systemd/system/[email protected]"
+        dest: "/etc/systemd/system/vncserver@:{{ vnc_port }}.service"
+        remote_src: true
+        mode: "0644"
+
+    - name: Assign username to vnc port
+      ansible.builtin.lineinfile:
+        path: /etc/tigervnc/vncserver.users
+        line: ":{{ vnc_port }}={{ username }}"
+
+    - name: Set vnc geometry and session
+      ansible.builtin.blockinfile:
+        path: /etc/tigervnc/vncserver-config-defaults
+        block: |
+          session=gnome
+          geometry={{ vnc_geometry }}
+
+    - name: Create .vnc directory for user
+      ansible.builtin.file:
+        path: /home/{{ username }}/.vnc
+        state: directory
+        mode: "0700"
+        owner: "{{ username }}"
+        group: "{{ username }}"
+
+    - name: Generate vnc password for the remote user
+      ansible.builtin.shell: |
+        set -o pipefail
+        echo {{ vnc_default_password }} | vncpasswd -f > /home/{{ username }}/.vnc/passwd
+      args:
+        chdir: "/home/{{ username }}/.vnc"
+        creates: "/home/{{ username }}/.vnc/passwd"
+        executable: /bin/bash
+
+    - name: Change the permission to 600 for .vnc/passwd file
+      ansible.builtin.file:
+        path: "/home/{{ username }}/.vnc/passwd"
+        owner: "{{ username }}"
+        group: "{{ usergroup }}"
+        mode: "0600"
+
+    - name: Start and enable the vnc service
+      ansible.builtin.systemd:
+        name: "vncserver@:{{ vnc_port }}.service"
+        daemon_reload: true
+        enabled: true
+        state: started