update after testing

tasks/main.yml

@@ -1,28 +1,37 @@
+- name: Install EPEL repo
+  yum:
+    name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
+    state: installed
+
+# This environment group is tested on RHEL7 only
+# See https://docs.ansible.com/ansible/latest/modules/yum_module.html#notes for package group vs environment group
+#
+- name: Install Server with GUI package group, may take a while...
+  yum:
+    name: '@^Server with GUI'
+    state: latest
+
 - name: Install vncserver
   yum:
     name: 
       - tigervnc-server
       - xterm
       - xorg-x11-xauth
-    state: latest
-
-- name: Install cinnamon desktop group package
-  yum:
-    name: '@Cinnamon Desktop'
+      - cinnamon
     state: latest
 
 - name: Create .vnc directory
   file:
-    path: "~{{vnc.user}}/.vnc"
+    path: "~{{vncuser}}/.vnc"
     state: directory
     mode: 0755
 
 - name: Create vncpassword
-  shell: "echo {{vnc.pass}} | vncpasswd -f > ~{{vnc.user}}/.vnc/passwd"
+  shell: "echo {{vncpass}} | vncpasswd -f > ~{{vncuser}}/.vnc/passwd"
 
 - name: Create xstartup file
   copy:
-          dest: "~{{vnc.user}}/.vnc/xstartup"
+          dest: "~{{vncuser}}/.vnc/xstartup"
           content: |
                   #!/bin/bash
                   # Uncomment the following two lines for normal desktop:
@@ -39,10 +48,15 @@
 
 - name: Change ownership of .vnc
   file:
-    path: "~{{ vnc.user }}/.vnc"
-    owner: {{ vnc.user }}
+    path: "~{{ vncuser }}/.vnc"
+    owner: "{{ vncuser }}"
     recurse: yes
 
+- name: Change perm of passwd file
+  file:
+    path: "~{{ vncuser }}/.vnc/passwd"
+    mode: 0600
+
 - name: Create systemd config
   copy:
           dest: /etc/systemd/system/vncserver@:1.service
@@ -53,7 +67,7 @@
               
               [Service]
               Type=forking
-              User={{vnc.user}}
+              User={{vncuser}}
               PIDFile=/home/%u/.vnc/%H%i.pid
               ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
               ExecStart=/usr/bin/vncserver %i
@@ -61,10 +75,6 @@
               
               [Install]
               WantedBy=multi-user.target
-              EOF
-              
-              systemctl daemon-reload
-              systemctl start vncserver@:1
 
 - name: Start and enable vncserver
   service:
@@ -72,6 +82,6 @@
     state: started
     enabled: yes
 
-- name: Display vnc.pass
+- name: Display vncpass
   debug:
-    var: vnc.pass
+    var: vncpass

vars/main.yml

@@ -1 +1 @@
-vnc.pass: "{{ lookup('password', '/dev/shm/.vncpass chars=ascii_letters,digits,hexdigits length=15') }}"
+vncpass: "{{ lookup('password', '/dev/shm/.vncpass chars=ascii_letters,digits,hexdigits length=15') }}"