WoodSmellParticle/ansible-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: added new roles to match daily driver desktop; full idempotency; several fixes and tweaks; re-added hosts in inventory

Browse source
This commit is contained in:
NaeiKinDus 2023-11-19 00:00:00 +00:00
parent 555fde4351
commit 726b7668f9
Signed by: WoodSmellParticle
GPG key ID: 8E52ADFF7CA8AE56
65 changed files with 10012 additions and 377 deletions
Download patch file Download diff file Expand all files Collapse all files

182
collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml
View file

@ -1,25 +1,181 @@
---
- name: '[APT] install dependencies and tools'
become: yes
- name: '[home] get user account information'
ansible.builtin.getent:
database: passwd
key: "{{ workstation_user_account }}"
split: ":"
changed_when: false
when: getent_passwd is undefined or workstation_user_account not in getent_passwd
- name: '[apt] install dependencies and tools'
become: true
ansible.builtin.apt:
update_cache: true
force_apt_get: true
cache_valid_time: 3600
pkg:
- curl
- dbus-x11 # terminator
- diffpdf
- feh
- ffmpeg
- flatpak
- gnupg
- gettext # terminator
- gir1.2-keybinder-3.0 # terminator
- gir1.2-vte-2.91 # terminator
- gnupg2
- gvfs-backends
- intltool # terminator
- mpc
- mpd
- ncmpcpp
- numlockx
- openssh-server
- pass
- poppler-utils
- pwgen
- python3-configobj # terminator
- python3-gi # terminator
- python3-gi-cairo # terminator
- python3-pip
- python3-psutil # terminator
- ruby
- scrot
- smbclient
- socat
- sshfs
- suckless-tools
- sudo
- unclutter-xfixes
- vlc
- wireshark
- xdotool
- xsel
- xserver-xephyr
state: present
- name: '[Setup] setup Flatpak'
become: yes
become_user: "{{ custom_base_user_account }}"
become_method: su
tags:
- molecule-idempotence-notest
ansible.builtin.shell: |
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
flatpak install --noninteractive flathub com.discordapp.Discord
flatpak install --noninteractive flathub md.obsidian.Obsidian
- name: '[setup] add user to sudo group'
become: true
ansible.builtin.user:
name: "{{ workstation_user_account }}"
groups:
- sudo
append: true
- name: '[setup] setup Flatpak'
become: true
become_user: "{{ workstation_user_account }}"
block:
- name: '[flatpak] add flatpak repos'
command:
cmd: flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
changed_when: false
- name: '[flatpak] install flatpak apps'
command:
cmd: "flatpak install --noninteractive {{ item.repo }} {{ item.app }}"
creates: "{{ getent_passwd[workstation_user_account][4] }}/.var/app/{{ item.app }}"
loop:
- repo: flathub
app: com.discordapp.Discord
- repo: flathub
app: md.obsidian.Obsidian
- name: '[github] install tools'
become: true
nullified.infrastructure.github_artifact:
github_token: '{{ custom_github_token }}'
asset_name: "{{ item.asset_name | default('') }}"
asset_type: "{{ item.asset_type }}"
cmds: "{{ item.cmds | default([]) }}"
creates: "{{ item.creates | default('') }}"
repository: "{{ item.repository }}"
version: "{{ item.version | default('') }}"
loop:
- asset_name: terminator-{version}.tar.gz
asset_type: release
repository: gnome-terminator/terminator
creates: /usr/local/bin/terminator
cmds:
- tar -zxf {asset_dirname}/{asset_filename}
- cd $(find . -maxdepth 1 -name terminator\* -type d); python3 setup.py build; python3 setup.py install --single-version-externally-managed --record=install-files.txt
- rm -rf {asset_dirname}/{asset_filename}
- name: '[ruby] install tools'
become: true
ansible.builtin.command:
cmd: "gem install {{ item.app }}"
creates: "{{ item.creates }}"
loop:
- app: mdless
creates: /usr/local/bin/mdless
- name: '[system] setup various directories'
become: true
ansible.builtin.file:
path: "{{ item.path }}"
mode: "{{ item.mode | default('0750') }}"
owner: "{{ item.owner | default(workstation_user_account) }}"
group: "{{ item.group | default(workstation_user_account) }}"
state: directory
loop:
- { path: '/opt/git/foss' }
- { path: '/opt/git/perso' }
- { path: '/opt/git/work' }
- { path: '/srv/storage' }
- name: '[emacs] fetch emacs configuration files'
become: true
become_user: "{{ workstation_user_account }}"
ansible.builtin.git:
repo: "ssh://git@gitlab.0x2a.ninja:4222/naeikindus/emacsd.git"
dest: "{{ getent_passwd[workstation_user_account][4] }}/.emacs.d"
force: false
- name: '[config] set tools configuration'
become: true
become_user: "{{ workstation_user_account }}"
ansible.builtin.copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode | default('0640') }}"
loop:
- { src: "../templates/.config/terminator", dest: "{{ getent_passwd[workstation_user_account][4] }}/.config" }
- { src: "../templates/.config/vlc", dest: "{{ getent_passwd[workstation_user_account][4] }}/.config" }
- name: '[yubico] install authenticator'
become: true
block:
- name: '[yubico] fetch latest authenticator source'
ansible.builtin.get_url:
url: https://developers.yubico.com/yubioath-flutter/Releases/yubico-authenticator-latest-linux.tar.gz
dest: /tmp/yubico-authenticator-latest-linux.tar.gz
mode: '0640'
- name: '[yubico] prepare target directory'
file:
path: /opt/yubico-authenticator
owner: "{{ workstation_user_account }}"
group: "{{ workstation_user_account }}"
mode: '0750'
state: directory
- name: '[yubico] extract data'
ansible.builtin.unarchive:
src: /tmp/yubico-authenticator-latest-linux.tar.gz
remote_src: true
dest: /opt/yubico-authenticator
owner: "{{ workstation_user_account }}"
group: "{{ workstation_user_account }}"
creates: /opt/yubico-authenticator/authenticator
- name: '[yubico] create shell wrapper'
ansible.builtin.template:
src: ../templates/bin_wrapper.sh.j2
dest: "{{ getent_passwd[workstation_user_account][4] }}/.local/bin/authenticator"
mode: '0750'
owner: "{{ workstation_user_account }}"
group: "{{ workstation_user_account }}"
vars:
application: "/opt/yubico-authenticator/authenticator"
- include_tasks: window_manager.yml

150
collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/window_manager.yml Normal file
View file

@ -0,0 +1,150 @@
---
- name: '[home] get user account information'
ansible.builtin.getent:
database: passwd
key: "{{ workstation_user_account }}"
split: ":"
changed_when: false
when: getent_passwd is undefined or workstation_user_account not in getent_passwd
- name: '[awesomewm] install dependencies'
become: true
ansible.builtin.apt:
update_cache: true
force_apt_get: true
cache_valid_time: 3600
pkg:
- asciidoctor
- build-essential
- cmake
- gir1.2-freedesktop
- gir1.2-gdkpixbuf-2.0
- gir1.2-glib-2.0
- gir1.2-gtk-3.0
- gir1.2-pango-1.0
- imagemagick
- libcairo-gobject2
- libcairo2-dev
- libdbus-1-dev
- libgdk-pixbuf-2.0-dev
- libgirepository1.0-dev
- libglib2.0-dev
- liblua5.4-dev
- liblua5.4-dev
- librsvg2-dev
- libstartup-notification0-dev
- libx11-dev
- libx11-xcb-dev
- libxcb-cursor-dev
- libxcb-icccm4-dev
- libxcb-keysyms1-dev
- libxcb-randr0-dev
- libxcb-shape0-dev
- libxcb-util0-dev
- libxcb-xfixes0-dev
- libxcb-xinerama0-dev
- libxcb-xkb-dev
- libxcb-xrm-dev
- libxcb-xtest0-dev
- libxcb1-dev
- libxdg-basedir-dev
- libxkbcommon-x11-dev
- libxkbcommon-dev
- lua5.4
- luajit2
- menu
- picom
- x11-xserver-utils
- xutils-dev
- name: '[lua-lgi] install lua-lgi'
block:
- name: '[lua-lgi] fetch source'
become: true
become_user: "{{ workstation_user_account }}"
ansible.builtin.git:
repo: https://github.com/lgi-devs/lgi.git
dest: /opt/git/foss/lua-lgi
force: false
register: repo_clone
failed_when:
- repo_clone.failed
- not 'Local modifications exist in the destination' in repo_clone.msg
- name: '[lua-lgi] switch from LUA 5.1 to LUA 5.4'
ansible.builtin.replace:
path: /opt/git/foss/lua-lgi/lgi/Makefile
regexp: '5\.1'
replace: '5.4'
- name: '[lua-lgi] building project'
ansible.builtin.command:
chdir: /opt/git/foss/lua-lgi
cmd: LUA_CFLAGS="-I/usr/include/lua5.4" make all
creates: /opt/git/foss/lua-lgi/lgi/corelgilua51.so
- name: '[lua-lgi] compile and install'
become: true
ansible.builtin.command:
chdir: /opt/git/foss/lua-lgi
cmd: make install
creates: /usr/local/lib/lua/5.4/lgi/corelgilua51.so
- name: '[awesomewm] install window manager'
block:
- name: '[awesomewm] fetch source'
become: true
become_user: "{{ workstation_user_account }}"
ansible.builtin.git:
repo: https://github.com/awesomeWM/awesome.git
dest: /opt/git/foss/awesomeWM
force: false
register: repo_clone
failed_when:
- repo_clone.failed
- not 'Local modifications exist in the destination' in repo_clone.msg
- name: '[awesomewm] building project'
become: true
become_user: "{{ workstation_user_account }}"
ansible.builtin.command:
chdir: /opt/git/foss/awesomeWM
cmd: 'CMAKE_ARGS="-DWITH_DBUS=ON -DLUA_LIBRARY=/usr/lib/x86_64-linux-gnu/liblua5.4.so.0 -DLUA_INCLUDE_DIR=/usr/include/lua5.4" make'
creates: /opt/git/foss/awesomeWM/build
- name: '[awesomewm] building project'
become: true
ansible.builtin.command:
chdir: /opt/git/foss/awesomeWM
cmd: make install
creates: /usr/local/bin/awesome
- name: '[awesomewm] setup configuration'
become: true
become_user: "{{ workstation_user_account }}"
block:
- name: '[awesomewm] fetch copycats base'
ansible.builtin.git:
repo: https://github.com/lcpz/awesome-copycats.git
dest: "{{ getent_passwd[workstation_user_account][4] }}/.config/awesome"
depth: 1
recursive: true
force: false
- name: '[awesomewm] copy customization'
ansible.builtin.copy:
src: ../templates/.config/awesome/
dest: "{{ getent_passwd[workstation_user_account][4] }}/.config/awesome"
mode: '0640'
- name: '[home] copy X related configuration'
become: true
block:
- name: '[x11] xorg.conf'
ansible.builtin.copy:
src: ../templates/system/xorg.conf
dest: /etc/X11/xorg.conf
mode: '0640'
- name: '[x11] user .xsession'
ansible.builtin.copy:
src: ../templates/.xsession
dest: "{{ getent_passwd[workstation_user_account][4] }}/.xsession"