feat: added new roles to match daily driver desktop; full idempotency; several fixes and tweaks; re-added hosts in inventory

2023-11-19 00:00:00 +00:00 · 2023-11-19 00:00:00 +00:00 · 726b7668f9
commit 726b7668f9
parent 555fde4351
65 changed files with 10012 additions and 377 deletions
--- a/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/home_setup.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/home_setup.yml
@ -0,0 +1,41 @@
+---
+- name: '[home] get user account information'
+  ansible.builtin.getent:
+    database: passwd
+    key: "{{ common_user_account }}"
+    split: ":"
+  changed_when: false
+  when: getent_passwd is undefined or common_user_account not in getent_passwd
+
+- name: '[home] create common directories'
+  become: true
+  become_user: "{{ common_user_account }}"
+  ansible.builtin.file:
+    path: "{{ getent_passwd[common_user_account][4] }}/{{ item }}"
+    state: directory
+    mode: '0750'
+  loop:
+    - .local/bin
+    - .local/share/fonts
+    - .config
+    - .ssh
+
+- name: '[home] setup home files'
+  become: true
+  become_user: "{{ common_user_account }}"
+  block:
+    - name: '[home] git configuration'
+      ansible.builtin.template:
+        src: ../templates/home/.gitconfig.j2
+        dest: "{{ getent_passwd[common_user_account][4] }}/.gitconfig"
+        mode: '0640'
+      when: common_gitconfig_enable | bool
+
+    - name: '[home] basic files'
+      ansible.builtin.copy:
+        src: "../templates/home/{{ item.name }}"
+        dest: "{{ getent_passwd[common_user_account][4] }}/{{ item.name }}"
+        mode: "{{ item.mode | default('0640') }}"
+      loop:
+        - { name: ".lessfilter", mode: '0750' }
+        - { name: ".pythonrc" }
--- a/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/main.yml
@ -1,47 +1,68 @@
 ---
- name: '[APT] install dependencies and tools'
-  become: yes
+- name: '[apt] install dependencies and tools'
+  become: true
  ansible.builtin.apt:
-    update_cache: yes
+    update_cache: true
    force_apt_get: true
    cache_valid_time: 3600
    pkg:
+      - apt-transport-https
      - bzip2
+      - catimg
      - cron
+      - dateutils
      - emacs-nox
+      - firmware-misc-nonfree
+      - firmware-linux-nonfree
+      - fwupd
+      - gir1.2-fwupd-2.0 # fwupd
      - git
+      - iotop
+      - ioping
      - jq
      - less
      - libdata-dump-perl # inxi
      - libxml-dumper-perl # inxi
+      - lm-sensors
      - ncdu
-      - openssh-server
+      - nvme-cli
      - procps
+      - python3-pygments
      - rsync
-      - zsh
+      - smartmontools
+      - tree
+      - xz-utils
+      - yq
    state: present

 - name: '[GitHub] install tools'
-  become: yes
-  tags:
-    - molecule-idempotence-notest
+  become: true
  nullified.infrastructure.github_artifact:
-    github_token: '{{ custom_github_token }}'
-    artifacts:
+    asset_name: "{{ item.asset_name | default('') }}"
+    asset_type: "{{ item.asset_type }}"
+    cmds: "{{ item.cmds | default([]) }}"
+    creates: "{{ item.creates | default('') }}"
+    github_token: "{{ custom_github_token }}"
+    repository: "{{ item.repository }}"
+    version: "{{ item.version | default('') }}"
+  loop:
      - repository: smxi/inxi
        asset_type: tag
        cmds:
          - tar -zxf {asset_dirname}/{asset_filename}
          - install --group=root --mode=755 --owner=root smxi-inxi-*/inxi /usr/local/bin
          - install --group=root --mode=644 --owner=root smxi-inxi-*/inxi.1 /usr/share/man/man1
+        creates: /usr/local/bin
      - repository: sharkdp/bat
        asset_name: bat_{version}_amd64.deb
        asset_type: release
+        creates: /usr/bin/bat
        cmds:
          - dpkg -i {asset_dirname}/{asset_filename}
      - repository: aristocratos/btop
        asset_name: btop-x86_64-linux-musl.tbz
        asset_type: release
+        creates: /usr/bin/btop
        cmds:
          - tar -xjf {asset_dirname}/{asset_filename}
          - install --group=root --mode=755 --owner=root btop/bin/btop /usr/bin
@ -50,11 +71,36 @@
      - repository: eza-community/eza
        asset_name: eza_x86_64-unknown-linux-gnu.tar.gz
        asset_type: release
+        creates: /usr/bin/eza
        cmds:
          - tar -zxf {asset_dirname}/{asset_filename}
          - install --group=root --mode=755 --owner=root eza /usr/bin
      - repository: muesli/duf
        asset_name: duf_{version}_linux_amd64.deb
        asset_type: release
+        creates: /usr/bin/duf
        cmds:
          - dpkg -i {asset_dirname}/{asset_filename}
+
+- name: '[system] add sysctl tweaks'
+  become: true
+  ansible.builtin.template:
+    src: ../templates/system/sysctld.local.conf.j2
+    dest: /etc/sysctl.d/local.conf
+    mode: '0644'
+  when: custom_sysctl is defined
+  notify:
+    - 'common : [system] reload sysctl configuration'
+
+- name: '[apt] install custom packages'
+  become: true
+  ansible.builtin.apt:
+    update_cache: true
+    force_apt_get: true
+    cache_valid_time: 3600
+    pkg:
+      "{{ common_apt_packages }}"
+
+- include_tasks: home_setup.yml
+
+- include_tasks: shell_customization.yml
--- a/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/shell_customization.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/common/tasks/shell_customization.yml
@ -0,0 +1,89 @@
+---
+- name: '[home] get user account information'
+  ansible.builtin.getent:
+    database: passwd
+    key: "{{ common_user_account }}"
+    split: ":"
+  changed_when: false
+  when: getent_passwd is undefined or common_user_account not in getent_passwd
+
+- name: '[shell] install ZSH and dependencies'
+  become: true
+  ansible.builtin.apt:
+    update_cache: true
+    force_apt_get: true
+    cache_valid_time: 3600
+    pkg:
+      - git
+      - zsh
+    state: present
+
+- name: '[shell] install custom fonts'
+  become: true
+  become_user: "{{ common_user_account }}"
+  block:
+    - name: '[fonts] add fonts tooling'
+      become_user: root
+      ansible.builtin.apt:
+        update_cache: true
+        force_apt_get: true
+        cache_valid_time: 3600
+        pkg:
+          - fontconfig
+
+    - name: '[fonts] adding fonts'
+      ansible.builtin.copy:
+        src: ../assets/fonts/
+        dest: "{{ getent_passwd[common_user_account][4] }}/.local/share/fonts"
+        mode: '0640'
+
+    - name: '[fonts] refresh fonts cache'
+      ansible.builtin.command:
+        cmd: fc-cache
+      changed_when: false
+  when: common_install_fonts | bool
+
+- name: '[shell] install Oh-My-ZSH'
+  become: true
+  become_user: "{{ common_user_account }}"
+  block:
+    - name: '[omz] get install script'
+      ansible.builtin.get_url:
+        url: https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh
+        dest: /tmp/zsh-install.sh
+        mode: '0750'
+
+    - name: '[omz] install OMZ'
+      ansible.builtin.command:
+        cmd: sh /tmp/zsh-install.sh --unattended
+        creates: "{{ getent_passwd[common_user_account][4] }}/.oh-my-zsh"
+
+- name: '[shell] install powerlevel10k customization for OMZ'
+  become: true
+  become_user: "{{ common_user_account }}"
+  ansible.builtin.git:
+    repo: https://github.com/romkatv/powerlevel10k.git
+    dest: "{{ getent_passwd[common_user_account][4] }}/.oh-my-zsh/custom/themes/powerlevel10k"
+    depth: 1
+
+- name: '[home] copy zsh files'
+  become: true
+  become_user: "{{ common_user_account }}"
+  ansible.builtin.copy:
+    src: "../templates/home/{{ item }}"
+    dest: "{{ getent_passwd[common_user_account][4] }}/{{ item }}"
+    mode: '0640'
+  loop:
+    - .p10k.zsh
+    - .zsh_aliases
+    - .zsh_completions
+    - .zsh_exports
+    - .zsh_functions
+    - .zshrc
+
+- name: '[shell] update user shell to ZSH'
+  become: true
+  ansible.builtin.user:
+    name: "{{ common_user_account }}"
+    shell: "/usr/bin/zsh"
+    state: present