fix!: fixed molecule tests, rewrote how custom variables are handled for hosts overrides; fixed invalid services names for clamav handlers

collections/ansible_collections/nullified/infrastructure/roles/workstation/defaults/main.yml

@@ -1,4 +1,7 @@
 ---
-workstation_user_account: "{{ custom_base_user_account }}"
-custom_github_token: ""
-custom_sysctl: {}
+workstation:
+  github_token: "{{ custom_github_token | default('') }}"
+  user_account: "{{ custom_base_user_account | default('root') }}"
+
+custom_workstation: {}
+recursive_combine: true

collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml

@@ -1,11 +1,28 @@
 ---
+- name: '[setup] merge with custom vars'
+  ansible.builtin.set_fact:
+    workstation: "{{ workstation | combine(custom_workstation, recursive=recursive_combine) }}"
+  changed_when: false
+
 - name: '[home] get user account information'
   ansible.builtin.getent:
     database: passwd
-    key: "{{ workstation_user_account }}"
+    key: "{{ workstation.user_account }}"
     split: ":"
   changed_when: false
-  when: getent_passwd is undefined or workstation_user_account not in getent_passwd
+  when: getent_passwd is undefined or workstation.user_account not in getent_passwd
+
+- name: '[setup] ensure expected home directories exist'
+  become: true
+  ansible.builtin.file:
+    path: "{{ getent_passwd[workstation.user_account][4] }}/{{ item }}"
+    state: directory
+    owner: "{{ workstation.user_account }}"
+    group: "{{ workstation.user_account }}"
+    mode: '0750'
+  loop:
+    - .local/bin
+    - .local/share/applications
 
 - name: '[apt] install dependencies and tools'
   become: true
@@ -40,6 +57,7 @@
       - python3-pip
       - python3-psutil # terminator
       - ruby
+      - ruby-dev
       - scrot
       - smbclient
       - socat
@@ -57,23 +75,23 @@
 - name: '[setup] add user to sudo group'
   become: true
   ansible.builtin.user:
-    name: "{{ workstation_user_account }}"
+    name: "{{ workstation.user_account }}"
     groups:
       - sudo
     append: true
 
 - name: '[setup] setup Flatpak'
   become: true
-  become_user: "{{ workstation_user_account }}"
+  become_user: "{{ workstation.user_account }}"
   block:
     - name: '[flatpak] add flatpak repos'
-      command:
+      ansible.builtin.command:
         cmd: flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
       changed_when: false
     - name: '[flatpak] install flatpak apps'
-      command:
+      ansible.builtin.command:
         cmd: "flatpak install --noninteractive {{ item.repo }} {{ item.app }}"
-        creates: "{{ getent_passwd[workstation_user_account][4] }}/.var/app/{{ item.app }}"
+        creates: "/var/lib/flatpak/app/{{ item.app }}"
       loop:
         - repo: flathub
           app: com.discordapp.Discord
@@ -83,7 +101,7 @@
 - name: '[github] install tools'
   become: true
   nullified.infrastructure.github_artifact:
-    github_token: '{{ custom_github_token }}'
+    github_token: '{{ workstation.github_token }}'
     asset_name: "{{ item.asset_name | default('') }}"
     asset_type: "{{ item.asset_type }}"
     cmds: "{{ item.cmds | default([]) }}"
@@ -114,8 +132,8 @@
   ansible.builtin.file:
     path: "{{ item.path }}"
     mode: "{{ item.mode | default('0750') }}"
-    owner: "{{ item.owner | default(workstation_user_account) }}"
-    group: "{{ item.group | default(workstation_user_account) }}"
+    owner: "{{ item.owner | default(workstation.user_account) }}"
+    group: "{{ item.group | default(workstation.user_account) }}"
     state: directory
   loop:
     - { path: '/opt/git/foss' }
@@ -125,22 +143,22 @@
 
 - name: '[emacs] fetch emacs configuration files'
   become: true
-  become_user: "{{ workstation_user_account }}"
+  become_user: "{{ workstation.user_account }}"
   ansible.builtin.git:
-    repo: "ssh://git@gitlab.0x2a.ninja:4222/naeikindus/emacsd.git"
-    dest: "{{ getent_passwd[workstation_user_account][4] }}/.emacs.d"
+    repo: "https://gitlab.0x2a.ninja/naeikindus/emacsd.git"
+    dest: "{{ getent_passwd[workstation.user_account][4] }}/.emacs.d"
     force: false
 
 - name: '[config] set tools configuration'
   become: true
-  become_user: "{{ workstation_user_account }}"
+  become_user: "{{ workstation.user_account }}"
   ansible.builtin.copy:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
     mode: "{{ item.mode | default('0640') }}"
   loop:
-    - { src: "../templates/.config/terminator", dest: "{{ getent_passwd[workstation_user_account][4] }}/.config" }
-    - { src: "../templates/.config/vlc", dest: "{{ getent_passwd[workstation_user_account][4] }}/.config" }
+    - { src: "../templates/.config/terminator", dest: "{{ getent_passwd[workstation.user_account][4] }}/.config" }
+    - { src: "../templates/.config/vlc", dest: "{{ getent_passwd[workstation.user_account][4] }}/.config" }
 
 - name: '[authenticator] find if binary is already installed'
   ansible.builtin.file:
@@ -156,8 +174,8 @@
     - name: '[yubico] prepare target directory'
       ansible.builtin.file:
         path: "{{ item }}"
-        owner: "{{ workstation_user_account }}"
-        group: "{{ workstation_user_account }}"
+        owner: "{{ workstation.user_account }}"
+        group: "{{ workstation.user_account }}"
         mode: '0750'
         state: directory
       loop:
@@ -169,8 +187,8 @@
         src: https://developers.yubico.com/yubioath-flutter/Releases/yubico-authenticator-latest-linux.tar.gz
         remote_src: true
         dest: /tmp/yubico-unarchive
-        owner: "{{ workstation_user_account }}"
-        group: "{{ workstation_user_account }}"
+        owner: "{{ workstation.user_account }}"
+        group: "{{ workstation.user_account }}"
 
     - name: '[yubico] find extracted directory'
       ansible.builtin.command:
@@ -179,12 +197,12 @@
       changed_when: false
 
     - name: '[yubico] move extracted data to final dir'
-      copy:
+      ansible.builtin.copy:
         remote_src: true
         src: "{{ yubico_extract_path.stdout }}/"
         dest: /opt/yubico-authenticator
-        owner: "{{ workstation_user_account }}"
-        group: "{{ workstation_user_account }}"
+        owner: "{{ workstation.user_account }}"
+        group: "{{ workstation.user_account }}"
 
     - name: '[yubico] cleanup'
       ansible.builtin.file:
@@ -194,24 +212,24 @@
     - name: '[yubico] create shell wrapper'
       ansible.builtin.template:
         src: ../templates/bin_wrapper.sh.j2
-        dest: "{{ getent_passwd[workstation_user_account][4] }}/.local/bin/authenticator"
+        dest: "{{ getent_passwd[workstation.user_account][4] }}/.local/bin/authenticator"
         mode: '0750'
-        owner: "{{ workstation_user_account }}"
-        group: "{{ workstation_user_account }}"
+        owner: "{{ workstation.user_account }}"
+        group: "{{ workstation.user_account }}"
       vars:
         application: "/opt/yubico-authenticator/authenticator"
 
     - name: '[yubico] create desktop entry'
-      template:
+      ansible.builtin.template:
         src: ../templates/desktop_app.j2
-        dest: "{{ getent_passwd[workstation_user_account][4] }}/.local/share/applications/authenticator.desktop"
+        dest: "{{ getent_passwd[workstation.user_account][4] }}/.local/share/applications/authenticator.desktop"
         mode: '0600'
-        owner: "{{ workstation_user_account }}"
-        group: "{{ workstation_user_account }}"
+        owner: "{{ workstation.user_account }}"
+        group: "{{ workstation.user_account }}"
       vars:
         application:
           nodisplay: false
-          exec_cmd: "{{ getent_passwd[workstation_user_account][4] }}/.local/bin/authenticator"
+          exec_cmd: "{{ getent_passwd[workstation.user_account][4] }}/.local/bin/authenticator"
           name: "Authenticator"
 
 - include_tasks: window_manager.yml

collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/window_manager.yml

@@ -2,10 +2,10 @@
 - name: '[home] get user account information'
   ansible.builtin.getent:
     database: passwd
-    key: "{{ workstation_user_account }}"
+    key: "{{ workstation.user_account }}"
     split: ":"
   changed_when: false
-  when: getent_passwd is undefined or workstation_user_account not in getent_passwd
+  when: getent_passwd is undefined or workstation.user_account not in getent_passwd
 
 - name: '[awesomewm] install dependencies'
   become: true
@@ -61,7 +61,7 @@
   block:
     - name: '[lua-lgi] fetch source'
       become: true
-      become_user: "{{ workstation_user_account }}"
+      become_user: "{{ workstation.user_account }}"
       ansible.builtin.git:
         repo: https://github.com/lgi-devs/lgi.git
         dest: /opt/git/foss/lua-lgi
@@ -80,8 +80,10 @@
     - name: '[lua-lgi] building project'
       ansible.builtin.command:
         chdir: /opt/git/foss/lua-lgi
-        cmd: LUA_CFLAGS="-I/usr/include/lua5.4" make all
+        cmd: make all
         creates: /opt/git/foss/lua-lgi/lgi/corelgilua51.so
+      environment:
+        LUA_CFLAGS: "-I/usr/include/lua5.4"
 
     - name: '[lua-lgi] compile and install'
       become: true
@@ -94,7 +96,7 @@
   block:
     - name: '[awesomewm] fetch source'
       become: true
-      become_user: "{{ workstation_user_account }}"
+      become_user: "{{ workstation.user_account }}"
       ansible.builtin.git:
         repo: https://github.com/awesomeWM/awesome.git
         dest: /opt/git/foss/awesomeWM
@@ -106,11 +108,13 @@
 
     - name: '[awesomewm] building project'
       become: true
-      become_user: "{{ workstation_user_account }}"
+      become_user: "{{ workstation.user_account }}"
       ansible.builtin.command:
         chdir: /opt/git/foss/awesomeWM
-        cmd: 'CMAKE_ARGS="-DWITH_DBUS=ON -DLUA_LIBRARY=/usr/lib/x86_64-linux-gnu/liblua5.4.so.0 -DLUA_INCLUDE_DIR=/usr/include/lua5.4" make'
+        cmd: 'make'
         creates: /opt/git/foss/awesomeWM/build
+      environment:
+        CMAKE_ARGS: "-DWITH_DBUS=ON -DLUA_LIBRARY=/usr/lib/x86_64-linux-gnu/liblua5.4.so.0 -DLUA_INCLUDE_DIR=/usr/include/lua5.4"
 
     - name: '[awesomewm] building project'
       become: true
@@ -121,19 +125,19 @@
 
 - name: '[awesomewm] setup configuration'
   become: true
-  become_user: "{{ workstation_user_account }}"
+  become_user: "{{ workstation.user_account }}"
   block:
     - name: '[awesomewm] fetch copycats base'
       ansible.builtin.git:
         repo: https://github.com/lcpz/awesome-copycats.git
-        dest: "{{ getent_passwd[workstation_user_account][4] }}/.config/awesome"
+        dest: "{{ getent_passwd[workstation.user_account][4] }}/.config/awesome"
         depth: 1
         recursive: true
         force: false
     - name: '[awesomewm] copy customization'
       ansible.builtin.copy:
         src: ../templates/.config/awesome/
-        dest: "{{ getent_passwd[workstation_user_account][4] }}/.config/awesome"
+        dest: "{{ getent_passwd[workstation.user_account][4] }}/.config/awesome"
         mode: '0640'
 
 - name: '[home] copy X related configuration'
@@ -147,4 +151,4 @@
     - name: '[x11] user .xsession'
       ansible.builtin.copy:
         src: ../templates/.xsession
-        dest: "{{ getent_passwd[workstation_user_account][4] }}/.xsession"
+        dest: "{{ getent_passwd[workstation.user_account][4] }}/.xsession"