feat: added new roles to match daily driver desktop; full idempotency; several fixes and tweaks; re-added hosts in inventory

README.md

@@ -6,8 +6,11 @@
 - Python3.9+,
 - PIP,
 - Virtualenv
+
+***Dependencies installed using the `Installation` instructions***
 - [Task](https://taskfile.dev/),
 - Debian packages:
+  - curl
   - libcurl4-openssl-dev,
   - libssl-dev,
   - libcairo2,
@@ -22,9 +25,8 @@
 ## Installation
 ```shell
 # Debian amd64
-
-TASK_VERSION=3.29.1;
 sudo apt install -y \
+  curl \
   libcurl4-openssl-dev \
   libssl-dev \
   libcairo2 \
@@ -32,18 +34,46 @@ sudo apt install -y \
   libffi-dev \
   python3-virtualenv \
   python3-dev;
-wget https://github.com/go-task/task/releases/download/v"${TASK_VERSION}"/task_linux_amd64.deb;
+TASK_VERSION=$(curl -fsSL -XGET https://api.github.com/repos/go-task/task/releases/latest | grep tag_name | tr -d ' ",' | cut -d ':' -f 2)
+curl -fsSLO https://github.com/go-task/task/releases/download/"${TASK_VERSION}"/task_linux_amd64.deb;
 sudo dpkg -i task_linux_amd64.deb;
-task venv;
+rm task_linux_amd64.deb;
 ```
 
-## General Setup
+## Setup
+```shell
+# Generate default ansible configuration
+./scripts/generate_ansible_config.sh > "${HOME}"/.ansible.cfg
+
+# Setup Python virtualenv
+task venv:setup
+
+# Prepare and edit your inventory as needed
+cp inventory/inventory.yml.dist inventory/inventory.yml
+
+# Prepare and edit the global vault as needed
+cp inventory/vault.yml.dist inventory/vault.yml
+```
+
+## Usage
+```shell
+# encrypt vault
+task venv -- ansible-vault encrypt configuration/host_vars/vault.yml
+# decrypt vault if needed
+task venv -- ansible-vault decrypt configuration/host_vars/vault.yml
+# run ansible command with vault-encrypted data for one specific host
+task venv -- ansible-playbook --ask-vault-password -l my_host playbooks/test.yml
+# run a specific role, e.g. security, for a host
+task venv -- ansible --ask-vault-password -m import_role --args 'name=nullified.infrastructure.security' my_host
+```
+
+### Generic collection / roles commands
 ```shell
 mkdir -p collections/ansible_collections
 cd collections/ansible_collections
-ansible-galaxy collection init nullified.infrastructure
+task venv -- ansible-galaxy collection init nullified.infrastructure
 cd nullified/infrastructure/roles
-ansible-galaxy collection init tooling
+task venv -- ansible-galaxy collection init tooling
 ```
 
 ---
@@ -59,8 +89,8 @@ ansible-galaxy collection init tooling
 ***handlers***
 invoked by a task through `notify`, executed only if caller triggered a state change; runs at the end of the play in the order
 they are declared;
--> force handlers to run:
 ```yaml
+# -> force handlers to run:
 - name: some task
   meta: flush_handlers
 ```
@@ -112,18 +142,8 @@ tasks:
 
 ### Notes / Todo
 ***dir layout***
-- collections: ansible root dir for all modules, playbooks and collections
-- configuration: <DEPRECATED> ansible root dir for inventory
-- images: docker images, mostly used for ansible-test / molecule
-- scripts: scripts used by go-task
-
-### Setup
-```shell
-cp configuration/group_vars/vault.yml.dist configuration/group_vars/vault.yml
-# encrypt vault
-ansible-vault encrypt configuration/group_vars/vault.yml
-# decrypt vault
-ansible-vault decrypt configuration/group_vars/vault.yml
-# run ansible command with vault-encrypted data
-ansible-playbook --ask-vault-password -i inventories/test playbooks/test.yml
-```
+- collections: ansible root dir for all collections to reside in;
+- images: docker images, mostly used for ansible-test / molecule;
+- inventory: all inventory related files are stored here;
+- playbooks: top level playbooks, describe the way the infrastructure is laid out;
+- scripts: various scripts and helpers;