diff --git a/collections/ansible_collections/nullified/infrastructure/extensions/ansible.cfg b/collections/ansible_collections/nullified/infrastructure/extensions/ansible.cfg index 0ecdacb..9889cf9 100644 --- a/collections/ansible_collections/nullified/infrastructure/extensions/ansible.cfg +++ b/collections/ansible_collections/nullified/infrastructure/extensions/ansible.cfg @@ -1,8 +1,9 @@ [defaults] # target root path of the repository -home = ../../../../.. -remote_tmp = /tmp -local_tmp = /tmp +home = ../../../../.. +remote_tmp = /tmp +local_tmp = /tmp +inject_facts_as_vars = False [privilege_escalation] become_method = su diff --git a/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/home_setup.yml b/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/home_setup.yml index 96b962f..9756442 100644 --- a/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/home_setup.yml +++ b/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/home_setup.yml @@ -5,13 +5,13 @@ key: "{{ common.user_account }}" split: ":" changed_when: false - when: getent_passwd is undefined or common.user_account not in getent_passwd + when: ansible_facts['getent_passwd'] is undefined or common.user_account not in ansible_facts['getent_passwd'] - name: '[home] create common directories' become: true become_user: "{{ common.user_account }}" ansible.builtin.file: - path: "{{ getent_passwd[common.user_account][4] }}/{{ item }}" + path: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/{{ item }}" state: directory mode: '0750' loop: @@ -27,14 +27,14 @@ - name: '[home] git configuration' ansible.builtin.template: src: ../templates/home/.gitconfig.j2 - dest: "{{ getent_passwd[common.user_account][4] }}/.gitconfig" + dest: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/.gitconfig" mode: '0640' when: common.git.enable is truthy - name: '[home] basic files' ansible.builtin.copy: src: "../templates/home/{{ item.name }}" - dest: "{{ getent_passwd[common.user_account][4] }}/{{ item.name }}" + dest: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/{{ item.name }}" mode: "{{ item.mode | default('0640') }}" loop: - { name: ".lessfilter", mode: '0750' } diff --git a/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/shell_customization.yml b/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/shell_customization.yml index 9cfddfd..49d713c 100644 --- a/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/shell_customization.yml +++ b/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/shell_customization.yml @@ -5,7 +5,7 @@ key: "{{ common.user_account }}" split: ":" changed_when: false - when: getent_passwd is undefined or common.user_account not in getent_passwd + when: ansible_facts['getent_passwd'] is undefined or common.user_account not in ansible_facts['getent_passwd'] - name: '[shell] install ZSH and dependencies' become: true @@ -34,7 +34,7 @@ - name: '[fonts] adding fonts' ansible.builtin.copy: src: ../assets/fonts/ - dest: "{{ getent_passwd[common.user_account][4] }}/.local/share/fonts" + dest: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/.local/share/fonts" mode: '0640' - name: '[fonts] refresh fonts cache' @@ -56,14 +56,14 @@ - name: '[omz] install OMZ' ansible.builtin.command: cmd: sh /tmp/zsh-install.sh --unattended - creates: "{{ getent_passwd[common.user_account][4] }}/.oh-my-zsh" + creates: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/.oh-my-zsh" - name: '[shell] install powerlevel10k customization for OMZ' become: true become_user: "{{ common.user_account }}" ansible.builtin.git: repo: https://github.com/romkatv/powerlevel10k.git - dest: "{{ getent_passwd[common.user_account][4] }}/.oh-my-zsh/custom/themes/powerlevel10k" + dest: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/.oh-my-zsh/custom/themes/powerlevel10k" depth: 1 - name: '[home] copy zsh files' @@ -71,7 +71,7 @@ become_user: "{{ common.user_account }}" ansible.builtin.copy: src: "../templates/home/{{ item }}" - dest: "{{ getent_passwd[common.user_account][4] }}/{{ item }}" + dest: "{{ ansible_facts['getent_passwd'][common.user_account][4] }}/{{ item }}" mode: '0640' loop: - .p10k.zsh diff --git a/collections/ansible_collections/nullified/infrastructure/roles/development/handlers/main.yml b/collections/ansible_collections/nullified/infrastructure/roles/development/handlers/main.yml index 878378a..c9e8bd0 100644 --- a/collections/ansible_collections/nullified/infrastructure/roles/development/handlers/main.yml +++ b/collections/ansible_collections/nullified/infrastructure/roles/development/handlers/main.yml @@ -5,4 +5,4 @@ name: docker enabled: true state: restarted - when: ansible_virtualization_type is not match("docker") + when: ansible_facts['virtualization_type'] is not match("docker") diff --git a/collections/ansible_collections/nullified/infrastructure/roles/development/tasks/main.yml b/collections/ansible_collections/nullified/infrastructure/roles/development/tasks/main.yml index 5160d3c..e0f13e0 100644 --- a/collections/ansible_collections/nullified/infrastructure/roles/development/tasks/main.yml +++ b/collections/ansible_collections/nullified/infrastructure/roles/development/tasks/main.yml @@ -17,7 +17,7 @@ key: "{{ development.user_account }}" split: ":" changed_when: false - when: getent_passwd is undefined or development.user_account not in getent_passwd + when: ansible_facts['getent_passwd'] is undefined or development.user_account not in ansible_facts['getent_passwd'] - name: '[apt] install dependencies and tools' become: true @@ -219,13 +219,13 @@ block: - name: '[apt key] add docker key' ansible.builtin.get_url: - url: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg" + url: "https://download.docker.com/linux/{{ ansible_facts['distribution'] | lower }}/gpg" dest: /etc/apt/trusted.gpg.d/docker.asc mode: '0644' - name: '[apt key] add source' ansible.builtin.apt_repository: - repo: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker.asc] https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable" + repo: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker.asc] https://download.docker.com/linux/{{ ansible_facts['distribution'] | lower }} {{ ansible_facts['distribution_release'] }} stable" state: present filename: docker update_cache: true @@ -264,7 +264,7 @@ become_user: "{{ development.user_account }}" ansible.builtin.command: cmd: "pipx install {{ item.cmd }}" - creates: "{{ getent_passwd[development.user_account][4] }}/.local/bin/{{ item.creates }}" + creates: "{{ ansible_facts['getent_passwd'][development.user_account][4] }}/.local/bin/{{ item.creates }}" loop: - { "cmd": "black", "creates": "black" } - { "cmd": "flake8", "creates": "flake8" } @@ -275,7 +275,7 @@ ansible.builtin.command: cmd: "pipx inject {{ item.venv }} {{ item.extension }}" creates: - "{{ getent_passwd[development.user_account][4] }}/.local/pipx/venvs/{{ item.venv }}/lib/python3.11/site-packages/{{ item.creates }}" + "{{ ansible_facts['getent_passwd'][development.user_account][4] }}/.local/pipx/venvs/{{ item.venv }}/lib/python3.11/site-packages/{{ item.creates }}" loop: - venv: "flake8" extension: "flake8-annotations-complexity" @@ -337,7 +337,7 @@ - name: '[rust] check if rust is already installed' ansible.builtin.file: - path: "{{ getent_passwd[development.user_account][4] }}/.cargo/bin/rustc" + path: "{{ ansible_facts['getent_passwd'][development.user_account][4] }}/.cargo/bin/rustc" register: rustc_stat changed_when: false failed_when: false @@ -359,4 +359,4 @@ become_user: "{{ development.user_account }}" script: cmd: /tmp/rustup.sh -qy - creates: "{{ getent_passwd[development.user_account][4] }}/.cargo/bin/rustc" + creates: "{{ ansible_facts['getent_passwd'][development.user_account][4] }}/.cargo/bin/rustc" diff --git a/collections/ansible_collections/nullified/infrastructure/roles/security/tasks/main.yml b/collections/ansible_collections/nullified/infrastructure/roles/security/tasks/main.yml index 355566d..fb1b4f1 100644 --- a/collections/ansible_collections/nullified/infrastructure/roles/security/tasks/main.yml +++ b/collections/ansible_collections/nullified/infrastructure/roles/security/tasks/main.yml @@ -168,11 +168,11 @@ block: - name: '[system] login.defs' ansible.builtin.template: - src: '../templates/system/{{ ansible_distribution | lower }}/login.defs.j2' + src: '../templates/system/{{ ansible_facts["distribution"] | lower }}/login.defs.j2' dest: /etc/login.defs mode: '0644' - name: '[system] limits.conf' ansible.builtin.template: - src: '../templates/system/{{ ansible_distribution | lower }}/limits.conf.j2' + src: '../templates/system/{{ ansible_facts["distribution"] | lower }}/limits.conf.j2' dest: /etc/security/limits.conf mode: '0644' diff --git a/collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml b/collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml index 592e816..6ca1694 100644 --- a/collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml +++ b/collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml @@ -10,12 +10,12 @@ key: "{{ workstation.user_account }}" split: ":" changed_when: false - when: getent_passwd is undefined or workstation.user_account not in getent_passwd + when: ansible_facts['getent_passwd'] is undefined or workstation.user_account not in ansible_facts['getent_passwd'] - name: '[setup] ensure expected home directories exist' become: true ansible.builtin.file: - path: "{{ getent_passwd[workstation.user_account][4] }}/{{ item }}" + path: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/{{ item }}" state: directory owner: "{{ workstation.user_account }}" group: "{{ workstation.user_account }}" @@ -147,7 +147,7 @@ become_user: "{{ workstation.user_account }}" ansible.builtin.git: repo: "https://gitlab.0x2a.ninja/naeikindus/emacsd.git" - dest: "{{ getent_passwd[workstation.user_account][4] }}/.emacs.d" + dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.emacs.d" force: false - name: '[config] set tools configuration' @@ -158,8 +158,8 @@ dest: "{{ item.dest }}" mode: "{{ item.mode | default('0640') }}" loop: - - { src: "../templates/.config/terminator", dest: "{{ getent_passwd[workstation.user_account][4] }}/.config" } - - { src: "../templates/.config/vlc", dest: "{{ getent_passwd[workstation.user_account][4] }}/.config" } + - { src: "../templates/.config/terminator", dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.config" } + - { src: "../templates/.config/vlc", dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.config" } - name: '[authenticator] find if binary is already installed' ansible.builtin.file: @@ -213,7 +213,7 @@ - name: '[yubico] create shell wrapper' ansible.builtin.template: src: ../templates/bin_wrapper.sh.j2 - dest: "{{ getent_passwd[workstation.user_account][4] }}/.local/bin/authenticator" + dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.local/bin/authenticator" mode: '0750' owner: "{{ workstation.user_account }}" group: "{{ workstation.user_account }}" @@ -223,14 +223,14 @@ - name: '[yubico] create desktop entry' ansible.builtin.template: src: ../templates/desktop_app.j2 - dest: "{{ getent_passwd[workstation.user_account][4] }}/.local/share/applications/authenticator.desktop" + dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.local/share/applications/authenticator.desktop" mode: '0600' owner: "{{ workstation.user_account }}" group: "{{ workstation.user_account }}" vars: application: nodisplay: false - exec_cmd: "{{ getent_passwd[workstation.user_account][4] }}/.local/bin/authenticator" + exec_cmd: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.local/bin/authenticator" name: "Authenticator" - include_tasks: window_manager.yml diff --git a/collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/window_manager.yml b/collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/window_manager.yml index e167e15..e21069b 100644 --- a/collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/window_manager.yml +++ b/collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/window_manager.yml @@ -5,7 +5,7 @@ key: "{{ workstation.user_account }}" split: ":" changed_when: false - when: getent_passwd is undefined or workstation.user_account not in getent_passwd + when: ansible_facts['getent_passwd'] is undefined or workstation.user_account not in ansible_facts['getent_passwd'] - name: '[awesomewm] install dependencies' become: true @@ -130,14 +130,14 @@ - name: '[awesomewm] fetch copycats base' ansible.builtin.git: repo: https://github.com/lcpz/awesome-copycats.git - dest: "{{ getent_passwd[workstation.user_account][4] }}/.config/awesome" + dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.config/awesome" depth: 1 recursive: true force: false - name: '[awesomewm] copy customization' ansible.builtin.copy: src: ../templates/.config/awesome/ - dest: "{{ getent_passwd[workstation.user_account][4] }}/.config/awesome" + dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.config/awesome" mode: '0640' - name: '[home] copy X related configuration' @@ -151,4 +151,4 @@ - name: '[x11] user .xsession' ansible.builtin.copy: src: ../templates/.xsession - dest: "{{ getent_passwd[workstation.user_account][4] }}/.xsession" + dest: "{{ ansible_facts['getent_passwd'][workstation.user_account][4] }}/.xsession" diff --git a/scripts/generate_ansible_config.sh b/scripts/generate_ansible_config.sh index e7e5866..39b483b 100755 --- a/scripts/generate_ansible_config.sh +++ b/scripts/generate_ansible_config.sh @@ -94,6 +94,7 @@ nocolor = 0 nocows = 0 playbook_dir = ${TMPL_PLAYBOOK_DIR} remote_tmp = /tmp +inject_facts_as_vars = False [inventory] enable_plugins = yaml